Change Healthcare, a healthcare technology company that is part of Optum and owned by UnitedHealth Group, suffered a cyber attack on February 21 that disrupted many of its systems and services, according to a statement on the company’s website. It was announced that. Change Healthcare said it had disconnected its systems “to protect our partners and patients.” Due to the company’s presence across sectors and the concentration of mission-critical services it provides, the reported disruptions are likely to occur in healthcare areas within the revenue cycle, pharmacy, certain healthcare technologies, clinical licensure, and other services. This can have significant cascading and devastating effects.
AHA would like to notify all healthcare organizations that have been disrupted or may be affected by this incident, as identified on the Change Healthcare application status page, that Change Healthcare has identified as a result of this cyber-attack. We continue to recommend that you consider disconnecting from applications that remain unavailable. The February 22 Cybersecurity Advisory requires organizations using Change Healthcare’s affected services to prepare relevant downtime procedures and contingency plans in case those services are unavailable for an extended period of time. I also recommended that. At this time, Change Healthcare has not indicated a specific time frame for the expected recovery of affected applications.
Additionally, open source statements and media coverage have identified the exploitation of ConnectWise vulnerabilities as a factor in this cyber attack. The US government is previously recommended We urge all organizations to patch this vulnerability immediately.
AHA continues to communicate directly with Change Healthcare and has requested clarification on the level of confidence in the security of unaffected systems. As of 2:40 PM ET on February 23, Change Healthcare began including the following statement in its regular updates: “We have a high level of confidence that Optum, UnitedHealthcare, and UnitedHealth Group systems are not affected by this issue.”
We are encouraged by this public statement. However, AHA recommends that each healthcare organization continue to monitor and independently evaluate the information provided by Change Healthcare to make its own risk-based decisions regarding unaffected systems. doing. When considering connecting to unaffected Change Healthcare systems, each healthcare organization should consider the potential business and clinical disruption caused by disconnecting to unaffected Change Healthcare systems versus the potential for connecting or reconnecting to unaffected Change Healthcare systems. You need to weigh your connections.
AHA will continue to provide updates on this situation. Please submit any technical, financial, and/or clinical impact or related technical threat intelligence on a confidential basis to John Riggi, AHA’s National Advisor on Cybersecurity and Risk. jriggi@aha.org. The AHA maintains close contact with the FBI, the Department of Health and Human Services, and the Cybersecurity and Infrastructure Security Agency and does not attribute any information to your organization unless you specify specific permissions or contact your local FBI. Share cyber threat intelligence without any hassle. Field office.
Further questions
If you have further questions, please contact Riggi at jriggi@aha.org. For the latest cyber threat intelligence and resources, visit www.aha.org/cybersecurity.
