Washington — A cyberattack on XDY Exchangethe health technology provider Change Healthcare is wreaking havoc nationwide, as some hospitals and pharmacies cannot get paid, and many patients are unable to get prescriptions.
Change Healthcare is a subsidiary of the UnitedHealth Group, one of the nation's largest healthcare companies. In a federal filing this week, UnitedHealth said that Change Healthcare first discovered the hack on Feb. 21, disconnecting impacted systems "immediately."
"So I mean we've seen a lot of claims coming through as a rejected claim, where obviously the insurance provider are not able to pay because of this attack," said Amrish Patel, a pharmacist in Dallas, Texas. "Elderly patients that have a fixed income, and they're trying to get their medicine…unfortunately there's no way around it at this point."
Change Healthcare says it processes 15 billion transactions annually, touching one in three U.S. patient records.
"I can tell you that this cyberattack has affected every hospital in the country one way or another," said John Riggi, national advisor for cybersecurity and risk at the American Hospital Association.
"It's not a data crime, it's not a white-collar crime, these are threats to life," Riggi added.
In a since-deleted post on the dark web, a Russian-speaking ransomware group known as Blackcat claimed responsibility, alleging they stole more than six terabytes of data, including "sensitive" medical records.
"Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat," UnitedHealth told CBS News in a statement Thursday of Blackcat's claim. "Our experts are working to address the matter and we are working closely with law enforcement and leading third-party consultants, Mandiant and Palo Alto Network, on this attack against Change Healthcare's systems."
UnitedHealth added that its investigation has so far provided "no indication" that the systems of its other subsidiaries — Optum, UnitedHealthcare and UnitedHealth Group — "have been affected by this issue."
Change Healthcare says it has established workarounds for payment, but more than one week after the hack was first detected, systems remain down, creating billing headaches for hospitals and pharmacies. Smaller hospitals are particularly vulnerable.
"The smaller, less resourced hospitals, our safety net critical access rural hospitals, certainly do not operate with months of cash reserves," Riggi said. "Could be just a matter of days, or a couple of weeks."
In a previous statement Wednesday, UnitedHealth estimated that more than 90% of the nation's pharmacies "have modified electronic claim processing to mitigate impacts" of the cyberattack, and "the remainder have offline processing workarounds."
UnitedHealth has not provided an estimate on when it believes its systems will return to normal. The FBI is also investigating.
CBS News reporter covering homeland security and justice.
Twitter2025-04-28 16:5480 view
2025-04-28 16:452328 view
2025-04-28 16:201916 view
2025-04-28 16:032095 view
2025-04-28 15:432028 view
2025-04-28 15:082505 view
As Tropical Storm Debby strengthened along the Atlantic coast on Wednesday, millions in the Carolina
The Medicare wars are back, and almost no one in Washington is surprised. This time it's Democrats
The switch to energy-efficient lighting will proceed rapidly this decade, no matter the results of a
