Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Health Care Firm. Show all posts

Cyberattack is Wreaking Havoc on US HealthCare Providers.

 

Following a cyberattack on the largest health insurer in the United States last month, health care providers are still scrambling as insurance payments and prescription orders continue to be disrupted, costing physicians an estimated $100 million each day. 

According to the American Medical Association, that estimate was generated by First Health Advisory, a cybersecurity company that focuses on the healthcare sector.

"This massive breach and its wide-ranging repercussions have hit physician practices across the country, risking patients' access to their doctors and straining the viability of medical practices themselves," AMA President Dr. Jesse Ehrenfeld stated in a news release. 

"Against the backdrop of persistent Medicare cuts, rising practice costs and spiraling regulatory burdens, this unparalleled cyberattack and disruption threatens the viability of many practices, particularly small practices and those in rural and underserved areas," he added. "This is an immense crisis demanding immediate attention.” 

How did the crisis start? 

First discovered on February 21, the security breach occurred at Change Healthcare, a division of Optum Inc., which is owned by UnitedHealth Group. 

UnitedHealth Group informed government officials that it had been compelled to cut off portions of Change Healthcare's extensive digital network from its clients in a report that was submitted to the U.S. Securities and Exchange Commission on that same day. Not every one of those services has been able to be restored yet.

Change Healthcare stated that it is aiming to restore the provider payment systems by the middle of March in its most recent report regarding the attack. 

"UnitedHealth Group continues to make substantial progress in mitigating the impact to consumers and care providers of the unprecedented cyberattack on the U.S. health system and the Change Healthcare claims and payment infrastructure," the company noted in a statement.

The federal government intervened to provide assistance two weeks following the attack. The U.S. Department of Health and Human Services unveiled a number of support initiatives for impacted healthcare providers on March 5. 

"The government is trying to create some support for health care systems -- not directly supporting patients, but the systems," Dr. Céline Gounder, an editor-at-large for public health at KFF Health News and a CBS News medical contributor, stated. "This is because without revenue coming in through the billing process, you don't have money to make payroll to be able to pay your doctors and your nurses and your janitors and all the staff that you need to run a health care system.”

Unfortunately, this incident will probably not be the last. According to federal officials, big healthcare data breaches have nearly doubled between 2018 and 2022. 

Millions are at Risk After a French HealthCare Services Firm's Data Leak

 

Viamedis, a French healthcare services provider, suffered a cyberattack that exposed the private data of policyholders and medical professionals in the country. Though the company's website is currently not accessible, an announcement concerning the data breach has been posted on LinkedIn. 

The data revealed in the hack includes a beneficiary's marital status, date of birth, social security number, health insurer's name, and guarantees that can be paid by third parties.

The firm has clarified that the compromised systems did not contain people's banking details, postal addresses, phone numbers, or emails. Viamedis states that different alerts on the data that was exposed will be sent to healthcare professionals. 

In light of this, Viamedis has contacted the relevant authorities (CNIL, ANSSI), impacted health organisations, and the public prosecutor via complaint. The business is still looking into the implications of the breach. 

Since Viamedis oversees payments for 84 healthcare organisations that serve 20 million insured people, it is evident that the hack has a considerable impact. However, the exact number of individuals impacted has not been disclosed. 

An investigation is being launched to determine the extent of the breach, according to Agence France-Presse (AFP) and the company's general director, Christophe Cande. 

"To date, we do not have the number of insured individuals impacted; we are still in the process of investigation." - GD Viamedis' Cande.

Additionally, Cande stated that ransomware wasn't employed in the cyberattack. Instead, he claimed that the threat actor gained access to its systems through a phishing attempt that was successful against an employee. 

A warning confirming the indirect impact of the Viamedis data breach has been posted on the website of Malakoff Humanis, one of the organisations that works with Viamedis. 

Malakoff Humanis, one of the organisations associated with Viamedis, has put a notification on its website confirming the indirect effects of the data breach. 

In addition, the company is notifying affected consumers of the hack and service disruption through data breach notifications.

The statement reiterates the information mentioned in the Viamedis notification and informs customers that no banking, medical, or contact information saved on the platforms has been compromised.

According to Malakoff Humanis, users can still access their accounts and submit reimbursement claims. However, the temporary disconnection of the Viamedis platform is expected to disrupt the delivery of certain healthcare services. Similar circumstances are foreseen for other Viamedis service providers, such as Carte Blanche Partenaires, Itelis, Kalixia, Santéclair, and Audiens.