Exton, Pennsylvania — The cybersecurity breach last month on Change Healthcare, a subsidiary of UnitedHealth Group, has escalated into a nationwide emergency. For healthcare professionals like Christine Meyer of Exton, Pennsylvania, it has transformed into a personal ordeal.
"It's been one of the most harrowing experiences we've faced as a medical practice, and that's saying something considering we weathered the challenges of COVID," Meyer shared with CBS News. "…To suddenly find ourselves questioning our home's value, and whether we can afford to leverage it to pay our staff, is a dreadful situation."
The breach on Feb. 21 aimed at Change Healthcare resulted in the shutdown of the country's largest medical payment system. Even after more than three weeks, it continues to leave hospitals, pharmacies, and medical facilities in a financial crisis.
"We are unable to process any insurance claims, and patient payments are at a standstill," Meyer expressed. "This is a critical issue."
Prior to the cyber incident, Meyer mentioned that on a typical weekday, her practice would receive deposits ranging from $20,000 to $50,000.
However, she revealed that this Tuesday, her practice only received $77 in deposits. She anticipates that it will take several months for the practice to bounce back from the repercussions of the cybersecurity breach.
During an interview with CBS News on Wednesday, Health and Human Services Secretary Xavier Becerra revealed that he had urged UnitedHealth Group CEO Andrew Witty to allocate more emergency funds to hospitals and doctors during a White House meeting on Tuesday.
"We will not continue to work with a clearinghouse exchange operation if it can't provide the payment for the services that our patients need," Becerra emphasized to CBS News.
A ransomware group known as Blackcat, which operates in Russian-speaking circles, has taken credit for the cyberattack. They claim to have stolen over six terabytes of data, including what they describe as "sensitive" medical records.
Becerra assured that there will be a thorough investigation into the attack to uncover the perpetrators. He stated, "We will get to the bottom of this."
Meyer, a healthcare professional, highlighted that the issue extends beyond just payroll concerns and poses a serious risk to patients, potentially leading them to seek emergency care.
"I'm most concerned about the possibility of reducing our operating hours," Meyer expressed. "Our patients who rely on us for routine medical needs like sore throats, coughs, and blood pressure checks may have nowhere else to turn."
Becerra emphasized the importance for U.S. healthcare organizations to enhance their cybersecurity measures to prevent future ransomware attacks that could have similar devastating effects.
"It is crucial for everyone to ponder upon the question: What steps should I take to avoid becoming the next target?" expressed Becerra. "And how can I ensure that if I am targeted, I do not drag others down with me?"
UnitedHealth Group released a statement on their website stating that "Change Healthcare has encountered a cybersecurity issue, and we have implemented various measures to address provider claims and ensure individuals have access to necessary medications and healthcare services."