The US government has intervened to assist hospitals and other healthcare providers effected by the Change Healthcare ransomware infection, offering more relaxed Medicare rules and urging advanced funding to providers. The cyber attack on Change Healthcare, a UnitedHealth Group-owned IT services firm, has caused disruptions and severe cash flow issues for many of its customers in the healthcare industry, leaving them struggling to provide patient care.
The Department of Health and Human Services (HHS) has taken action to support the healthcare community by addressing potential cash flow concerns arising from the inability to submit claims and receive payments due to the cyber attack. The HHS has allowed Medicare providers to change clearing houses for claims processed during the outage through an expedited process, and has encouraged Medicare Advantage organizations to offer advance funding to providers most impacted by the attack.
In addition, the government has urged Medicaid and Children’s Health Insurance Program managed-care plans to relax or remove prior authorization requirements and provide advance funding to providers. Medicare Administrative Contractors are also required to accept paper claims from providers while their electronic billing systems are down. HHS emphasized the need to strengthen cybersecurity resilience across the healthcare ecosystem and directed medical providers to its December concept paper outlining a cybersecurity strategy for the sector.
In response to the cyber attack and the government’s intervention, Padraic O’Reilly, co-founder and chief innovation officer of cyber risk firm CyberSaint, expressed the significance of the government’s assistance to pharmacies and medical providers. O’Reilly highlighted the challenges faced by smaller practices and the risks associated with a supply chain issue affecting healthcare payments. He emphasized the importance of improving cybersecurity in the healthcare sector and predicted that HHS may introduce more stringent requirements tied to Medicare and Medicaid in the future.
Meanwhile, drama continues to unfold with the ransomware gang ALPHV/BlackCat, responsible for the attack on Change Healthcare. The group reportedly stole over $22 million in Bitcoin from its affiliates following the attack, leading to speculation of an exit scam. The ALPHV website disappeared and was replaced by a banner indicating it had been seized by international law enforcement agencies. Threat intelligence experts suggest that the group may be attempting to rebrand and resurface under a different identity after the alleged exit scam.
As the healthcare industry grapples with the aftermath of the cyber attack, the government’s efforts to support providers and strengthen cybersecurity measures reflect a commitment to safeguarding critical infrastructure and ensuring the continuity of patient care. The evolving situation with ALPHV/BlackCat serves as a reminder of the persistent threat posed by cybercriminals and the importance of proactive measures to combat cyber attacks in the healthcare sector.