Nevada hospitals impacted by cyberattack on national health care firm
March 5, 2024 - 12:32 pm
Updated March 5, 2024 - 3:19 pm
Nevada’s health care system has been impacted by a cyberattack that targeted Change Healthcare, a national company that processes health care transactions, although the details are still being determined.
Both the Nevada Division of Insurance and the Nevada Hospital Association said that they have heard of hospitals and health care operations in the state being disrupted by the cyberattack on Change Healthcare.
“Change Healthcare, part of Optum, which is owned by UnitedHealth Group, touches most U.S. hospitals,” a Nevada Hospital Association spokesperson said in an emailed statement. “Nevada is no exception. We are determining the extent of the impact with our members.”
The impact for each hospital is varied, said the Nevada Hospital Association, but it has heard reports that hospitals have dealt with a range issues including: inability to verify patient health insurance, disruptions in the claims process and accessing patients’ portals; retail pharmacies having challenges operating within hospitals; employee health savings accounts being disrupted; and inability to report on quality management to the Centers for Medicare and Medicaid Services
Change Healthcare manages health care technology pipelines and is involved with payment transactions and processing prescriptions. The company has established a temporary funding program to help with short-term cash needs for health care providers that have been impacted by this cyberattack.
A spokesperson for the Division of Insurance said it has been contacted by health care carriers and providers that are experiencing payment delays due to the cyberattack. The Division of Insurance said it’s “still trying to understand” the impact of the cyberattack since the division doesn’t regulate Change Healthcare’s Nevada operations.
Change Healthcare said on Feb. 21 it discovered a cyber criminal that represented itself as ALPHV/Blackcat gained access to some of the company’s digital operations. ALPHV/Blackcat is a group that specializes in ransomware which is a tactic used by criminals to disrupt a company’s digital operations in the hopes the company will pay a ransom to get back in control of their digital operations.
Reuters reported Monday that a post on a hacker forum used by cybercriminals claimed that UnitedHealth Group paid ALPHV/Blackcat $22 million to regain access to its systems and data. UnitedHealth Group hasn’t commented on the claim.
Change Healthcare said it’s working with law enforcement to address the impacts of the attack and is also working to understand if patient health information has been compromised.
“We are working on multiple approaches to restore the impacted environment and will not take any shortcuts or take any additional risk as we bring our systems back online,” UnitedHealth Group said in a statement on its website. “We will continue to be proactive and aggressive with all our systems, and if we suspect any issue with the system, we will immediately take action and disconnect.”
A similar cyberattack incident happened last year to MGM Resorts International which resulted in the company losing an estimated $100 million. It was also reported last September that Caesars Entertainment faced a similar cyberattack but paid millions in ransom to gain control of their systems.
Contact Sean Hemmersmeier at shemmersmeier@reviewjournal.com. Follow @seanhemmers34 on X.