A recent cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group, has led to widespread prescription delays affecting tens of thousands of pharmacies across the United States, Whio reported.
The Tennessee-based technology company experienced network issues starting on Wednesday, resulting in a prolonged outage until Thursday. UnitedHealth promptly responded to the cyber security threat, disconnecting systems to mitigate further impact.
In a regulatory filing on Thursday, UnitedHealth revealed that the cyberattack may have been orchestrated by hackers affiliated with a foreign nation.
The company identified a suspected nation-state threat actor gaining access to some of Change Healthcare's information technology systems. UnitedHealth took swift action to isolate the affected systems, prioritising the protection of partners and patients.
While the cyberattack specifically targeted Change Healthcare, it had cascading effects on pharmacies nationwide. Insurance claims processing was disrupted, leading to prescription delays for patients. The Security and Exchange Commission mandates companies to report cyberattacks, and UnitedHealth complied with this requirement.
Pharmacies, including Walgreens and CVS, acknowledged the impact on prescription services. Walgreens assured that there were no significant issues, but a "small percentage" of prescriptions might be affected.
CVS stated that its systems remained uncompromised, yet some orders faced challenges in processing insurance claims. Both companies emphasised their commitment to minimising disruption and ensuring access to medications.
However, the outage had tangible effects, with some pharmacies unable to bill most insurance companies during the peak of the cyberattack. Insurance claims started going through by late Thursday morning, but the incident underscored vulnerabilities in the healthcare infrastructure.
GoodRX, a prescription discount provider, reported difficulties in filling orders due to the cyberattack. The incident highlights the interconnected nature of healthcare systems and the potential ripple effects of cyber threats on critical services.
As pharmacies work to address the aftermath of the attack, cybersecurity concerns in the healthcare sector come to the forefront, emphasising the need for robust protective measures against evolving cyber threats.