Ransomware Attack On UnitedHealth Group Disrupts Payment Of Health Services In The US

The UnitedHealth Group service is disrupted. (photo: x @mattjay)

JAKARTA - Health care providers across the United States are experiencing difficulties in getting paid after a week-long ransomware attack on the UnitedHealth Group's key technology unit. This situation resulted in some small providers saying they had started running out of money.

According to the American Hospital Association (AHA), which represents nearly 5,000 hospitals, healthcare systems, networks, and other providers, the large hospital chain is also locked away from payment processing, some of which have to cover initial costs for not being able to collect payments.

A total of six small businesses across the United States - five therapists and one laboratory - said they could not process claims and experienced late payments of thousands of dollars.

The problem started last week after hackers had access to UnitedHealth's Change Healthcare unit, which is a vital support in the US complicated system to create and settle insurance claims. Ransomware attacks also affect the recharging of electronic pharmaceuticals and insurance transactions, especially among independent people, with some returning to paper transactions.

"We are currently 100 percent hampered in terms of billing," said Phil Seubring, director of law at Forensic Fluids, a laboratory in Kalamazoo, Michigan that conducts drug testing for a doctor's office.

Jenna Wolfson, a clinical social worker based in Felton, California, who provided therapy to about 30 clients a week, revealed that she was not paid and had about USD 4.000 (IDR 628.3 million) claims that had not been processed. This situation could be catastrophic for him and other small business mental health practitioners.

John Riggi, cybersecurity adviser AHA and former head of the FBI's cyber division, said the initial impact may be more severe for small offices, but providers of all sizes will feel pressure if the disturbance continues.

Riggi added that organizations experiencing high-impact ransomware attacks could take up to 30 days to restore core services and longer to restore less important functions. Currently, it remains unclear whether other clearing houses can handle additional claim traffic, and hospitals are waiting anxiously for Change to introduce a new alternative solution.

Ransomware attacks on the UnitedHealth Group technology unit are not a rare event. Similar attacks in previous years, including on companies such as Cloox and MGM Resorts International, have deactivated key systems, harm customers, and created chaos with suppliers.

UnitedHealth initially blamed "cyber threat actors associated with the suspected state" for the disruption. However, sources say that a criminal gang known as the "Blackcat" or "ALPHV" is responsible.

To date, UnitedHealth has stated that claim filings have returned to pre-disturbation levels, and many providers can also use alternative clearing houses to file claims. However, this situation raises concerns about its impact on healthcare providers across the US, with many of them facing serious financial uncertainty as a result of this disruption.