Change Healthcare Breach: UnitedHealth Provides Up To $2B In Provider Aid, Medical Claims Software Coming

'We continue to make significant progress in restoring the services impacted by this cyberattack,' UnitedHealth Group CEO Andrew Witty said in a statement.

UnitedHealth Group, parent of the Change Healthcare prescription processor hit by a recent ransomware attack, disclosed Monday that it has advanced more than $2 billion “through multiple initiatives” to care providers with finances disrupted by the attack and has software coming for medical claims preparation.

The claims preparation software will become available “over the next several days,” according to a post on the company’s website. Third-party attestations will be available before services are operational. Services restoration will continue in phases until all customers are connected, the company said.

“We continue to make significant progress in restoring the services impacted by this cyberattack,” UnitedHealth Group CEO Andrew Witty said in the post. “We know this has been an enormous challenge for health care providers and we encourage any in need to contact us.”

Change Healthcare Breach

CRN has reached out to UnitedHealth Group for additional comment.

In the statement, UnitedHealth suggested that more resources adding to the $2 billion are on the way.

“The company recognizes the high level of fragmentation of the U.S. health system can result in uneven experiences, therefore it continues to enhance and expand funding support to make it easier for care providers to access funding help at no cost,” according to the statement. “To further assist care providers, the company also suspended prior authorizations for most outpatient services and utilization review of inpatient admissions for Medicare Advantage plans.”

The ransomware attack is so serious that it has prompted federal scrutiny and led to MSPs speaking out about vulnerabilities in the U.S. health care system

UnitedHealth said that on Friday it restored Change Healthcare’s electronic payments platform, proceeding with payer implementations. On March 7, 99 percent of Change’s pharmacy network services were restored. The company continues to work on remaining issues, according to the statement.

UnitedHealth disclosed the incident in a Feb. 22 filing with the U.S. Securities and Exchange Commission. Security researchers shared evidence suggesting UnitedHealth paid cybercriminals a $22 million ransom to regain access to its systems.

The Change Healthcare attack follows disclosures this year of other high-profile breaches, including those of senior Microsoft executives’ emailsand two U.S. Cybersecurity and Infrastructure Security Agency (CISA) systems through Ivanti vulnerabilities.