Change Healthcare cyber-attack updates

On Monday, March 4, 2024, AzHHA met with member CEOs and Carmen Heredia, director for the Arizona Health Care Cost Containment System (AHCCCS), to discuss how the recent cyberattack on Change Healthcare may have impacted them.

• Local FBI representatives also joined the call.
• AzCHER continues to actively monitor the situation.
• AzHHA sent AHCCCS a letter on Wednesday, March 6, 2024 requesting assistance to mitigate the fallout. Read it here.

Additionally, the Department of Health and Human Services announced flexibilities from the Centers for Medicare & Medicaid Services (CMS) to aid providers affected by the cyberattack on Change Healthcare.

• CMS measures include expedited clearinghouse changes for Medicare providers, guidance for Medicare Advantage and Part D sponsors to ease authorization requirements, and encouragement for Medicaid managed care plans to adopt similar measures.
• Hospitals facing cash flow disruptions are advised to request accelerated payments.
• Change Healthcare disclosed the cyberattack on Wednesday, Feb. 21, 2024, attributed to threat actor ALPHV Blackcat.

Local stories

March 12, 2024

A massive cyberattack has some Arizona health providers reeling. Here's what we know (azcentral.com) subscription required

Some Arizona health providers, particularly those who serve low-income patients, are taking a financial hit from a massive cyberattack that paralyzed one of the country's largest claims and billing systems, physician groups say.

Arizona providers are among those nationwide who are calling for more attention to the cyberattack for creating a problem that, according to the American Medical Association, has "severely hampered physicians' ability to care for patients" and is "straining viability of medical practices."

March 5, 2024

Gallego calls on administration to help Arizona patients, providers impacted by ongoing UnitedHealth cyber attack (rubengallego.house.gov)

Today, Rep. Ruben Gallego (AZ-03) called on Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly and Department of Health and Human Services (HHS) Secretary Xavier Becerra to provide relief for pharmacies, providers, hospitals, and patients impacted by the recent cyber-attack on UnitedHealth.

National stories

March 20, 2024

Companies Take a Closer Look at Supply Chains After Recent Cyberattacks (wsj.com) subscription required

Companies are ramping up oversight of suppliers after major supply-chain cyberattacks have affected thousands of businesses and breached data on millions of customers.

Previously content with periodic questionnaires about supplier controls, corporate security chiefs are demanding stricter contractual terms around when and how their suppliers must notify them that they have experienced a cyberattack. Many now require third-party providers to adhere more closely to best practices from the U.S. Commerce Department’s National Institute of Standards and Technology, and others.

March 20, 2024

Change Healthcare cyberattack affecting hospital finances, care access (healthitsecurity.com)

The majority of hospitals say the Change Healthcare cyberattack is negatively affecting their finances and hindering patient care access, according to a survey from the American Hospital Association (AHA).

Change Healthcare processes 15 billion healthcare transactions each year and touches one in every three patient records. These transactions include services directly affecting patient care, including claims transmittals, payments, eligibility verifications, and pharmacy operations.

March 19, 2024

Congress Urged to Help Hospitals Impacted by Change Healthcare Cyberattack (aha.org)

On behalf of our nearly 5,000 member hospitals, health systems and other health care organizations, our clinician partners — including more than 270,000 affiliated physicians, 2 million nurses and other caregivers — and the 43,000 health care leaders who belong to our professional membership groups, the American Hospital Association (AHA) writes to you in advance of the March 20 hearing on the President’s Fiscal Year (FY) 2025 Health and Human Services (HHS) Budget to update you on the recent cyberattack on Change Healthcare and its impacts on hospitals, health systems and patients around the country, as well as to share concerns regarding the Administration’s proposal to penalize hospitals that don’t meet certain cybersecurity requirements.

March 18, 2024

UnitedHealth Begins Testing Restored Change Healthcare Claims Platform (wsj.com) subscription required

UnitedHealth Group began testing its restored medical claims platform at its Change Healthcare unit on Monday, nearly four weeks after a cyberattack forced it to disconnect systems. But getting back to normal won’t be as simple as flipping a switch.

The insurance giant, which owns Change through its Optum subsidiary, said Monday it would release claims preparation software to thousands of customers over the next several days. More than 100 platforms operated by Change, including claims management services, have been offline since a ransomware attack by the ALPHV/BlackCat ransomware gang on Feb. 21, hobbling swaths of the healthcare sector that have been unable to take in revenue.

March 18, 2024

Change Healthcare Hack: What You Need to Know (wsj.com) subscription required

Change parent UnitedHealth Group is set to test restored systems as lawmakers pressure the company and payers to step up aid for embattled care providers

March 4, 2024

Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment (wired.com)

The ransomware attack targeting medical firm Change Healthcare has been one of the most disruptive in years, crippling pharmacies across the US—including those in hospitals—and leading to serious snags in the delivery of prescription drugs nationwide for 10 days and counting. Now, a dispute within the criminal underground has revealed a new development in that unfolding debacle: One of the partners of the hackers behind the attack points out that those hackers, a group known as AlphV or BlackCat, received a $22 million transaction that looks very much like a large ransom payment.

March 4, 2024

Providers losing $100M daily over Change Healthcare hack (beckershospitalreview.com)

Some larger health systems are losing more than $100 million a day due to the Change Healthcare cyberattack, one cybersecurity firm estimated, causing industry associations to continue to urge action.

The American Hospital Association wrote to Congressional leaders March 4 to urge HHS to take action and to consider any "statutory limitations" that exist for federal agencies to help hospitals, while the American Medical Association asked HHS to issue guidance and provide emergency funding to providers unable to get paid because of the IT outage. "This is an immense crisis demanding immediate attention," AMA President Jesse Ehrenfeld, MD, said in a March 4 news release.

Feb. 27, 2024

AHA says Change Healthcare attack may impact hospital finances (beckershospitalreview.com)

The American Hospital Association penned a letter to the HHS about the Change Healthcare attack stating that the incident may have "an immediate adverse impact on hospitals' finances."

The letter, addressed to HHS Secretary Xavier Becerra, states that AHA members have indicated that a significant portion of their claims remains unprocessed, and that they are unable to conduct eligibility checks to determine if a patient's insurance covers a potential treatment due to the attack.