Literature Review

Healthcare hit hardest by ransomware last year, FBI IC3 report shows HealthITSecurity, by Jill McKeon; 3/12/24 The healthcare sector suffered more ransomware attacks than any other critical infrastructure sector last year, according to complaint data examined in the Federal Bureau of Investigation’s 2023 Internet Crime Report. ... In 2023, IC3 received a record 880,418 complaints, with losses exceeding $12.5 billion. These figures signify a 10 percent increase in complaints received and a 22 percent increase in losses suffered compared to last year’s report.

HIMSS24: Change Healthcare outage is the elephant in the room Modern Healthcare - Digital Health, by Brock E.W. Turner; 3/14/24 There's certainly buzz about the Change Healthcare data breach at the Healthcare Information and Management Systems Society’s annual conference. But getting executives to talk openly about it is a non-starter. The breach, which has hobbled systems nationwide, has put even greater emphasis on the topics of cybersecurity and protecting patient data. But many attendees at the event in Orlando, Florida, have been unwilling to discuss it on the record, citing their relationship with the claims processing company owned by UnitedHealth Group.

US officials call on UnitedHealth to accelerate payments to providers The United Business Journal, by Rahul Kumar; 3/11/24In a recent open letter, officials from the U.S. government expressed urgency for UnitedHealth Group to expedite payments to healthcare providers. This plea came in the wake of a debilitating cyberattack on the insurer’s Change Healthcare tech unit, which severely disrupted medical claims processing and payments. The U.S. Department of Labor and the U.S. Department of Health and Human Services emphasized the critical need for UnitedHealth to take swift action to ensure that healthcare providers do not face financial strain due to the cyberattack.

CMS offers relief to providers affected by Change Healthcare outageModern Healthcare, by Lauren Berryman; 3/5/24The Centers for Medicare and Medicaid Services has rolled out efforts to help providers navigate the Change Healthcare outage disrupting healthcare operations nationwide, the Health and Human Services Department announced Tuesday.Editor's Note: Access to the full article requires a subscription

Hackers behind Change Healthcare breach get $22M  Becker's Health IT, by Laura Dyrda; 3/5/24The cybercriminal organization responsible for hacking UnitedHealth Group's Change Healthcare has received a multimillion dollar payment in bitcoins, according to Reuters.UnitedHealth Group said Change was hit by BlackCat ransomware group Feb. 21, forcing its systems offline. The claims processing and revenue cycle management platform is still working to restore functionality, and asked health systems to use alternative methods for claims processing while its systems are down. BlackCat claimed it stole 6 terabytes of data from Change, including medical records and Social Security numbers. 

Change Healthcare outage: AHA slams UnitedHealth funding program Modern Healthcare - Cybersecurity, by Lauren Berryman; 3/4/2024The American Hospital Association slammed UnitedHealth Group's offer of financial assistance for some healthcare providers in the wake of the cyberattack on Change Healthcare and called on Congress for assistance. AHA President and CEO Richard Pollack said Change Healthcare parent company UnitedHealth Group's temporary loan program misses the mark in a letter sent Monday to UnitedHealth Group President and Chief Operating Officer Dirk McMahon. Pollack criticized the initiative for what he described as its limited eligibility criteria and unfair contract terms and conditions.

Change Healthcare's temporary funding program 'not even a Band-Aid,' AHA says Becker's Health IT, by Giles Bruce; 3/4/24 The American Hospital Association called Change Healthcare's temporary funding program for providers affected by the cyberattack on the UnitedHealth Group subsidiary inadequate, while a U.S. Senate leader asked CMS to speed up payments to hospitals. Change Healthcare set up the funding assistance March 1 for providers facing cash-flow issues after losing access to its payer systems, which have been down since the Feb. 21 ransomware attack. However, AHA President and CEO Rick Pollack wrote in a March 4 letter to UnitedHealth Group that the program is "not even a Band-Aid on the payment problems you identify."

Message from HHS about an ongoing active cybersecurity threat to your IT resourcesEmail from CMS; 3/1/24 Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources.The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) are releasing this joint CSA to disseminate known IOCs and TTPs associated with the ALPHV Blackcat ransomware as a service (RaaS) identified through FBI investigations as recently as February 2024.

Ransomware gang behind Change Healthcare attack: ReportBecker's Health IT, by Naomi Diaz; 2/26/24The BlackCat ransomware gang is claiming responsibility for an attack on Change Healthcare, TheRegister reported Feb. 26. Two people familiar with the matter told news outlet Reuters that BlackCat, which operates as a ransomware-as-a-service group, was behind the Feb. 21 cybersecurity incident on Change Healthcare. ... A Feb. 26 update on Optum's website indicates that the Change Healthcare incident, which has disrupted the organization's payment and pharmacy processing operations, is still ongoing. 

UnitedHealth unplugs change healthcare information systems to contain cyber attackManaged Healthcare Executive, by Peter Wehrwein; 2/23/24UnitedHealth Group disconnected Change Healthcare's information system to contain a cyberattack that the company says is from an unnamed “nation-state associated cyber security threat actor.”

Healthcare data breaches hit new highs in 2023Modern Healthcare, by Tim Broderick; 1/25/24A record 133 million individuals were impacted by healthcare data breaches. Imagine after purchasing a car the salesperson slaps the hood and says there's a 40% chance in the coming year that an unauthorized person will gain access to it or just outright steal the car.Full access to article requires a subscription  

How can hospitals prepare for 2024’s cyberthreats?MedCity News, by Katie Adams; 12/27/23Many hospitals remain underprepared to protect themselves against cybercriminals’ barrage of increasingly sophisticated attacks, but there are a couple concrete steps they can take to build a stronger defense structure — like virtual patching and thinking twice about moving to the cloud.