Pharmacies across the United States are reporting that they are having difficulty getting prescriptions to patients because of a cyberattack on a unit of UnitedHealth.
The company said in a regulatory filing Thursday its Change Healthcare business, which processes prescriptions to insurance for tens of thousands of pharmacies nationwide, was compromised by hackers who gained access to some of its systems. The company became aware of the cyberattack Wednesday, and, in a separate statement, said it expected the attack to last at least throughout the day Thursday.
The cyberattack prevented some pharmacies from processing prescriptions to insurance companies to receive payment.
For example, the Naval Hospital in Camp Pendleton, California, said in a post on X that it was unable to process any prescriptions.
“Due to an ongoing enterprise-wide issue, all Camp Pendleton and associated pharmacies are unable to process any prescription claims,” the hospital said. “As a result, we are only able to assist patients with emergency and urgent prescriptions from hospital providers at this time.”
Evans Army Community Hospital in Colorado said in a Facebook post that some prescription orders would be delayed.
“This outage is impacting dispensing of pharmacy prescriptions – resulting in delays in processing and in some cases, inability to process,” the hospital said. “Refills have also been impacted.”
GoodRX, which offers discounts on prescriptions. also said its services were disrupted.
“We apologize for any outages you have been experiencing while at the pharmacy,” the company said in a post on X. “Unfortunately, the issue is an external one impacting both GoodRx and a multitude of providers.”
And Moffet Drug, a small pharmacy in Norton, Kansas, said on Facebook its services were disrupted, too.
In its filing with the Securities and Exchange Commission, UnitedHealth said its cyberattack could have been sponsored by a group of hackers paid by a foreign country. It said it has isolated the attack and notified law enforcement and is working quickly to restore is systems.
“UnitedHealth Group identified a suspected nation-state associated cyber security threat actor had gained access to some of the Change Healthcare information technology systems,” the company said. “Immediately upon detection of this outside threat, the company proactively isolated the impacted systems from other connecting systems in the interest of protecting our partners and patients, to contain, assess and remediate the incident.”
Companies are required to report cyberattacks to investors via the SEC, and it’s probable that UnitedHealth doesn’t yet know what – or who – caused the attack. The hack would be unusual for a nation-state-sponsored attack, because it more closely resembles ransomware attacks that have caused chaos across America’s hospitals and health care networks over the past several years.
In a statement, Change Healthcare said it believed the attack was isolated to its network and did not spread elsewhere.
“At this time, we believe the issue is specific to Change Healthcare and all other systems across UnitedHealth Group are operational,” the company said. “The disruption is expected to last at least through the day. We will provide updates as more information becomes available.”
Read the full article here