Hospitals and Pharmacies Reeling After Change Healthcare Cyberattack

On February 21st, a pharmaceutical company known as Change Healthcare began suffering a cyberattack, and as of February 24th, remains affected. A member of the UnitedHealth Group, they compromise “one of the country’s largest prescription processors.” The parent company, UnitedHealth, has filed with the United States Securities and Exchange Commission, detailing the likely cause of the cyberattack from a “nation-state.” Servicing over 129 million people in the United States, many are now unable to receive their prescriptions or process through their insurance, as the services have been completely shut down.
There are some key aspects highlighted in class that appear in this recent attack. Firstly, it cannot be ignored that Change Healthcare and Optum (a subsidiary of UnitedHealth) recently merged in 2022. The consolidation of three large companies, in a recent transition, lend themselves to further vulnerability to cyberattacks. Mentioned in the first lecture, not necessarily caused by cybersecurity but still critical to examining it, is the new crowded system that is emerging. Due to their management of highly sensitive information, these companies control a significant amount of patient data that can be leveraged. One would reason these companies would have better systems in place to prevent such a major attack. However, as mentioned both in classes and in some of the supporting articles, there can be multiple point of failures that are taken advantage of to launch a devastating attack. Some of these include access through third-party companies that have struck deals with much larger companies. In this case, the attack was conducted on the smaller company, but still greatly affecting the larger company. Some reports include that this attack was anticipated, as some information regarding an app, ConnectWise, included some flaws were revealed. While no information has been confirmed about this possibility, some are looking into this app as a possible avenue that allows for the larger cyberattack.
The results of this cyberattack, while conducted in the cyberspace, are very much physical (another concept we have explored in class). Currently, pharmacists are “unable to access insurance information to fill prescriptions [at Clinton Drug Store].” Other owners and pharmacists have mentioned that they have had to “manually call” the insurance companies for information. Other retailers such as CVS have also been affected, but it has been stated that their internal systems are functioning normally. What is critical is that these systems are restarted as quickly as possible to prevent a further pharmaceutical crisis that are already affecting a large population of the United States.