The cyberattack's widespread destruction underscores how threat actors can do significant damage by targeting a relatively unknown vendor that serves a vital operational function behind the scenes.
The AlphV ransomware group disrupted basic operations to the critical systems of US healthcare services by attacking a vital financial and claims processing link in a highly interconnected industry.
The outage and cascading effects of the cyberattack on the healthcare IT systems continued into the fourth week on Thursday.
UnitedHealth Group reported unauthorised access on its systems on February 21.
The reconnecting and testing of Change's claims systems will be completed in phases next week.
The US Department of Health and Human Services launched an inquiry into the incident on Wednesday to investigate whether protected health information was stolen and if Change met privacy and security standards.
The statement comes following a crisis meeting on Tuesday with White House officials, medical sector leaders, HHS Secretary Xavier Becerra, and Andrew Witty, CEO of UnitedHealth Group, Change Healthcare's parent company.
According to Fontes Rainer, the investigation will focus on whether protected health information was compromised and if Change Healthcare and UHG followed Health Insurance Portability and Accountability Act requirements.
The American Hospital Association referred to the attack as the most significant and consequential incident of its kind against the U.S. healthcare system in history.
This Cyber News was published on www.cysecurity.news. Publication date: Sat, 16 Mar 2024 15:43:04 +0000