The massive ransomware attack on Change Healthcare, the UnitedHealth Group subsidiary specializing in medical data, ultimately turns out to be an extraordinarily costly incident for the healthcare giant.
In its latest quarterly earnings report, UnitedHealth revealed that February’s BlackCat cyberattack will ultimately cost the company between $1.35 billion and $1.6 billion in total. This is the first time UnitedHealth has provided a financial estimate detailing the staggering cost of the ransomware incident, which crippled Change Healthcare’s data platforms and claims processing systems for weeks.
In the first quarter of 2024 alone, the attack resulted in $872 million spent on remediation and recovery efforts. Change Healthcare functions as a massive clearinghouse, processing insurance claims and facilitating transactions between insurers, pharmacies and medical providers. So when its systems went down as a result of ransomware encryption, it triggered a cascading series of delays and financial impacts for millions of potential stakeholders.
Also read – This group of pirates reported themselves to the authorities to push their victims to pay the ransom
The company would have been forced to pay the ransom
Shortly after the incident, reports suggested that UnitedHealth may have paid $22 million bitcoin ransom to BlackCat operators, although the company has never officially confirmed making such a payment. According to blockchain analysis, these funds were then stolen from the attackers by the masterminds of BlackCat.
It has also been suggested that the ransomware gang behind the attack, believed to be linked to Russia, may try to auction off the data it claims to have exfiltrated during the Change Healthcare breach. This could include sensitive patient records and information belonging to large pharmacy chains like CVS.
Regardless of the additional data leak, the costs of the initial attack proved astronomical for UnitedHealth. In its filing with the SECthe company reported a loss of $1.4 billion for the first quarter of 2024 for its entire portfolio which includes Change Healthcare and its Optum pharmacy benefits services.
This ransomware has almost completely paralyzed the healthcare sector in the United States
Surveys by groups such as the American Medical Association reveal that the Change Healthcare incident also had a direct impact on medical providers. With claims processing and revenue cycles stopping, more than 80% of medical practices reported loss of revenuewhile more than half had to dip into personal funds to cover their expenses.
“ Disruption caused by this cyberattack causes enormous financial hardship said WADA President Jesse Ehrenfeld last month. “ This survey data shows, in clear terms, that practices will close because of this incident and that patients will lose access to their doctors “.
This catastrophic incident is therefore a reminder that hackers have more than ever the capacity to bring basic medical infrastructure to its knees, which can cost billions of dollars and endanger countless patient lives. Fortunately, the FBI recently announced the takedown of the BlackCat group, which led to the seizure of the group’s network and infrastructure, including websites. The authorities have also published a decryption tool to regain access to files locked by the ransomware.