Optum Breached - An escalating series of cyber attacks on the United States is putting American patients and entire health systems at risk
St. Anthony Hospital, Ann & Robert H. Lurie Children's Hospital of Chicago, and UnitedHealth Group among the recent targets
Change Healthcare, part of UnitedHealth Group, reported a "cybersecurity incident" on February 21 that disrupted connectivity and healthcare operations nationwide.
“Change Healthcare is experiencing a cyber security issue, and our experts are working to address the matter. Once we became aware of the outside threat, in the interest of protecting our partners and patients, we took immediate action to disconnect our systems to prevent further impact. At this time, we believe the issue is specific to Change Healthcare and all other systems across UnitedHealth Group are operational. The disruption is expected to last at least through the day. We will provide updates as more information becomes available.”
—Posted 24 minutes ago. Feb 23, 2024 - 09:54 EST
Here are seven things to know about the Optum security attack and its effects:
1. Change initially reported disruptions early on February 21, first noting "some applications are currently unavailable" and then reporting "enterprise-wide connectivity issues" on a company status page.
2. By the afternoon of February 22, the company said: "Change Healthcare is experiencing a cyber security issue, and our experts are working to address the matter. Once we became aware of the outside threat, in the interest of protecting our partners and patients, we took immediate action to disconnect our systems to prevent further impact. At this time, we believe the issue is specific to Change Healthcare and all other systems across UnitedHealth Group are operational. The disruption is expected to last at least through the day. We will provide updates as more information becomes available."
3. Few details have been released about the nature of the cybersecurity issue, but an updated SEC filing states that UnitedHealth Group identified "a suspected nation-state associated cyber security threat actor" on Feb. 21 had gained access to some Change IT systems.
4. The U.S. government recognizes nation-state adversaries, such as China, Russia, North Korea and Iran, to "pose an elevated threat to our national security," according to separate and previous communication from the Cybersecurity and Infrastructure Security Agency. Threats include sophisticated, targeted and malicious cyber activity that is targeted and aimed at prolonged network or system intrusion.
5. Change, a revenue cycle management services provider, handles 15 billion transactions per year and is the nation's largest commercial prescription processor.
6. Health systems, hospitals and pharmacies nationwide were affected by the disruptions throughout Feb. 22, including all military pharmacies worldwide.
7. Few retail pharmacy networks had prepared news releases as of Feb. 22 regarding disruptions or lackthereof to operations; information was not readily available from Walgreens, CVS Health or Walmart.
8. Change combined with UnitedHealth Group's Optum in October 2022.
"There is a dramatic shortage of trained cybersecurity professionals and unfortunately, we're all competing for that same limited pool across all private sectors in the government. The AHA is working with all our partners, including HIMSS and the federal government, to try to come up with some very unique creative solutions to try to fill that gap, that shortage of cyber professionals."
—John Riggi, the first national advisor for cybersecurity and risk for the American Hospital Association
Portions of Lurie Children's Hospital's network have been restored after the system was forced to shut down by a cyber attack on January 31. Email to and from external e-mail addresses and a "majority" of the hospital's phone lines have been restored, but MyChart, the patient portal where families can book appointments and exchange messages with their providers, is still offline after nearly one month.