Tomorrow Investor

Crippling Cyberattack Leaves Patients Desperately Seeking Vital Medications


Change Healthcare, which is owned by UnitedHealth Group, first detected a cyberattack on February 21.PHOTOGRAPH: KRISTOFFER TRIPPLAAR/ALAMY

Change Healthcare Hack Upends Access to Lifesaving Drugs by Disrupting Medical Billing and Insurance Systems

A massive cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group, has disrupted essential medical services and upended the lives of patients, doctors, and pharmacists across the United States. The attack, which began on February 21st, has caused widespread outages in systems used for medical billing, insurance claims processing, and copay assistance programs.

The impact on patients has been particularly severe, with many struggling to afford lifesaving medications due to the inability to process copay cards and discount coupons at pharmacies. Ronda Miller, whose husband requires insulin for his type 2 diabetes and congestive heart failure, found herself in a dire situation when their discount card could not be processed. Without it, the medications would cost hundreds of dollars out-of-pocket.

Laura Lester, a pharmacy owner in Virginia, reported patients walking away from essential medications like diabetes treatments, antipsychotics, and ADHD drugs because they couldn’t afford the full price without copay assistance. One patient had to pay $1,100 for an irritable bowel syndrome medication.

The disruptions have also affected cancer patients like Donna Hamlet, who requires a $16,000 monthly medication called IBRANCE. After days of phone calls, she was eventually able to get her prescription filled through OptumRx, another UnitedHealth Group subsidiary.

Beyond medication access, the outages have impacted doctors’ ability to obtain prior authorizations for treatments, particularly costly cancer therapies that can reach $100,000 per course. Nathan Walcker, CEO of the Florida Cancer Specialists & Research Institute, estimated $350 million worth of charges has been affected by billing delays.

The Centers for Medicare and Medicaid Services (CMS) has encouraged health programs to relax prior authorization requirements and provide advance funding to providers during the outage. However, doctors and pharmacists argue that the temporary measures are insufficient, leaving them to scramble with manual workarounds like submitting paper claims.

The attack has exposed significant vulnerabilities in the healthcare system’s reliance on a single dominant player like Change Healthcare, which processes 15 billion transactions worth $1.5 trillion annually. Dr. Jesse Ehrenfeld, president of the American Medical Association, stated, “Anything that requires interaction between health plans, a pharmacy, a facility, an office has been disrupted.”

UnitedHealth Group has attempted to mitigate the impact by offering temporary loans to medical practices and encouraging providers to switch to Optum systems for claims and payments. The company also expects a new network connection to address the majority of coupon volume managed by Change Healthcare by Thursday.

However, cybersecurity experts warn that the attack sets a dangerous precedent if UnitedHealth Group paid the reported $22 million ransom demanded by the Russian-linked hacking group Alphv/Blackcat. Eric Noonan, CEO of CyberSheath, called for mandatory minimum cybersecurity standards for critical infrastructure sectors like healthcare.

The attack has not only highlighted the vulnerability of patient data but also the fragility of the systems that ensure access to essential medical care. As the healthcare industry becomes increasingly digitized, robust cybersecurity measures and contingency plans are crucial to prevent such widespread disruptions that can potentially cost lives.

Patients, doctors, and pharmacists have been left grappling with the consequences, forced to navigate a complex web of workarounds and temporary solutions. The incident serves as a wake-up call for the healthcare sector to prioritize cybersecurity and reduce over-reliance on single points of failure in critical systems.

Add Calibre Mining to your Watchlist Today!