Major Cyberattack on UnitedHealth’s Optum Causes Widespread Healthcare Billing Disruption

UnitedHealth Group, the largest healthcare company in the world by revenue, has confirmed its subsidiary Optum recently experienced a significant cyberattack on the Change Healthcare billing platform. This attack has led to major outages in healthcare billing services across the United States, causing nationwide chaos for medical clinics, pharmacies, and insurance providers. 

Tell me more about the cyberattack on UnitedHealth  

According to statements from UnitedHealth, the attack is suspected to have been conducted by sophisticated nation-state hackers who were able to infiltrate Optum’s systems and force the company to shut down IT infrastructure to contain the threat. The Change Healthcare platform that was attacked is vital for facilitating payment exchanges between healthcare providers, enabling key functions like electronic health records, claims processing, care coordination and data analytics. 

Without access to Optum’s billing tools, many pharmacies, clinics and medical billing companies are reporting serious operational challenges and appointment disruptions. The outage could not have come at a worse time, as healthcare providers are managing a surge in demand for medical services. The impacts are expected to last for days or even weeks before Optum can fully restore services.  

The American Hospital Association (AHA) has advised its member hospitals and healthcare organizations relying on Optum’s solutions to immediately disconnect their systems to protect patient data. Major institutions like Columbia University and Tricare, the U.S. military’s healthcare program, have already taken steps to block connections to UnitedHealth’s domains. 

What is Nuspire doing?  

While the situation develops, Nuspire is actively monitoring networks for signs of compromise and providing incident response and forensic analysis to affected healthcare companies.  

What should I do if I use Optum or Change Healthcare platforms?  

Amid this crisis, the AHA and other experts advise healthcare organizations to take the following emergency steps: 

• Disconnect from Optum and Change Healthcare Systems: Follow the American Hospital Association’s recommendation to disconnect systems from Optum and Change Healthcare until it is deemed safe to reconnect. This step is crucial to protect your organization’s and patients’ data from potential compromise. 
• Monitor Official Updates: Regularly check for updates from Optum on the restoration of services. Staying informed will help you make timely decisions. 
• Prepare for Data Breach Scenarios: Given the suspicion of data theft, prepare for potential data breach fallout by reviewing data breach response plans and ensuring measures are in place to support affected individuals. 

The Optum and Change Healthcare attack proves cybersecurity must be an urgent priority for healthcare entities. As services become digitized, vulnerabilities are exposed that can be exploited to not only steal data but disrupt life-saving care. Healthcare organizations cannot leave themselves open and must invest in robust cyber protections now more than ever.