Ransomeware attack affecting medical practices


Some medical groups struggling to receive payments

Change Healthcare recently experienced a ransomware attach that involved unauthorized access to certain administrative systems.

Wired called the incident “one of the most disruptive in years, crippling Ransomware group AlphV, also known as BlackCat, is said to have claimed responsibility for the attack.pharmacies across the US – including those in hospitals – and leading to serious snags in the delivery of prescription drugs nationwide for 10 days and counting,” and reported that the attackers appear to have “received a $22 million transaction that looks very much like a large ransom payment.”

Ransomware group AlphV, also known as BlackCat, is said to have claimed responsibility for the attack.

Cybersecurity Dive reported that the attack is having significant impacts on medical practices, hospitals and pharmacies.  “Some medical groups have been unable to receive and finalize payments from insurers and patients, which can be a considerable financial challenge for smaller organizations,” Cybersecurity Dive reported, referring to comments from a Medical Group Management Association official.

Potential exposure

The incident potentially exposed the personal information of the Change Healthcare’s clients, including sensitive data such as names, addresses, dates of birth, and insurance information. Change Healthcare reported that no financial information or Social Security numbers were compromised. The company promptly launched an investigation in collaboration with leading cybersecurity experts to assess the extent of the breach and take necessary measures to enhance security protocols and protect affected individuals from potential harm.

The incident has raised concerns and potential impacts on medical practices across the United States. Medical practices reliant on Change Healthcare’s services may experience disruptions in their operations, such as delays in billing and claims processing. Additionally, healthcare providers may need to invest more resources in ensuring the security of their patients’ data, as the incident highlights vulnerabilities within the healthcare industry’s cybersecurity infrastructure.

HHS responds

The U.S. Department of Health and Human Services (HHS) announced “immediate steps that the Centers for The U.S. Department of Health and Human Services (HHS) announced “immediate steps that the Centers for 
Medicare & Medicaid Services (CMS) is taking to assist providers to continue to serve patients. CMS will continue to communicate with the health care community and assist, as appropriate.Medicare & Medicaid Services (CMS) is taking to assist providers to continue to serve patients. CMS will continue to communicate with the health care community and assist, as appropriate. Providers should continue to work with all their payers for the latest updates on how to receive timely payments.”

HHS spelled out several “flexibilities” to help providers. The entire HHS statement can be found here.

AMA calls for more federal help

Jesse M. Ehrenfeld, President of the American Medical Association, issued a statement calling for the federal government to provide more help to physicians, as follows:

“The American Medical Association credits the Department of Health and Human Services and the Centers for Medicare & Medicaid Services for responding to the urgent situation caused by the Change Healthcare cyber security incident and the unprecedented disruptions to medical practices and access to care. The newly announced flexibilities that have been put in place are a welcome first step, but we urge CMS to recognize that physicians are experiencing financial struggles that threaten the viability of many medical practices. Many physician practices operate on thin margins, and we are especially concerned about the impact on small and/or rural practices, as well as those that care for the underserved. The AMA urges federal officials to go above and beyond what has been put in place and include financial assistance such as advanced payments for physicians.”

The incident underscores the importance of robust cybersecurity measures and heightened vigilance in safeguarding sensitive patient information to prevent similar breaches in the future.