An ALPHV/Blackcat ransomware attack on Change Healthcare is wreaking havoc for patients and hospitals.
Carrie Pallardy
March 7, 2024
Read the full article in InformationWeek here:
https://www.informationweek.com/cyber-resilience/how-ransomware-fallout-is-rippling-through-the-us-health-care-system-#close-modal
Health-ISAC mention:
“I think the longer it goes, the more we’re going to find out about how the other systems will probably break. We’ll have more inconveniences for the patient, and then again at the bigger level macro level, I think we’re going to see more hospitals having financial issues because of the inability to be paid,” says Errol Weiss, chief security officer at Health-ISAC (Information Sharing and Analysis Center), a cyber threat intelligence sharing nonprofit.
This attack should serve as an awakening regarding the interconnectedness and complexity that exists in the US health care system, according to Weiss. “We as a sector, we as a society here in the US, need to do a better job of identifying these critical interdependencies,” he tells InformationWeek.
With workarounds in place, Change Healthcare has been able to process 3 million pharmacy transactions, with more being done each day, according to UHG’s updates page. On the claims side, it is up to 90% flow.
While the health care industry is still reeling from the fallout, it is unclear how exactly the attack was carried out. Security researchers have pointed to the ConnectWise ScreenConnect vulnerabilities exploited earlier this month. Health-ISAC shared in a Feb. 26 bulletin that cyber intelligence company RedSense identified Change Healthcare as a victim of the CVE-2024-1708 and CVE-2024-1709 vulnerabilities. On Feb. 27, ConnectWise published a statement stating it “is unaware of any confirmed connection between the ScreenConnect vulnerability disclosed on February 19th, 2024, and the incident at Change Healthcare.”
