The United States’ healthcare system was attacked this week and almost no one is talking about it.

by

by Subushie

I have a friend that works in healthcare; the hospital she works for is part of a big company of respected hospitals across South East Louisiana. If you live in this area, you can likely guess the name of the organization.

She was telling me today that she hasn’t been able to fill any prescriptions the last 2 days. I heard about the AT&T outage today and started looking stuff up about the prescription thing thinking they were somehow linked. I couldn’t find many sources reporting it, and it wasn’t on the front page of anything, everywhere was talking about AT&T; I fell down a rabbit hole and I am in shock this isn’t bigger news:

A form filed by Change Healthcare to the SEC yesterday claims a cyber attack caused by a “nation-state associated cyber security threat actor” made the company shut down their systems to protect their data. They do not provide proof of this claim, but that’s a serious accusation to make on an official SEC form if they didn’t already have evidence. There is also a really interesting statement at the bottom regarding “Forward-Looking Statements”

The words “believe,” “expect,” “intend,” “estimate,” “anticipate,” “forecast,” “outlook,” “plan,” “project,” “should” and similar expressions identify forward-looking statements… You should not place undue reliance on forward-looking statements (that United Health makes), which speak only as of the date they are made (stuff they say about when it will be fixed are only worth anything the same day they’re made) We do not undertake to update or revise any forward-looking statements, except as required by law.

If you read anything link in this post- read that SEC form.

For clarity on the scope; Change Healthcare handles 15 billion medical transactions per year and is the United States’ largest commercial prescription processor, they handle services for 67,000 pharmacies in the world; for context- there are 44,900 Pharmacies & Drug Stores businesses in the US as of 2023. Additionally- Change Healthcare is the sole prescription service provider for the United States’ Military globally.

Change Healthcare services encompass electronic prescription scripts, delivery logistics for all types of medical related products, financials, data handling, insurance claims, storage of electronic medical health records (from a AHA report; that is 85 million patients, 25% of the US population), and prescription coupon tracking which can deduct hundreds from the cost of medications. Along with dozens of other services. Many news outlets are claiming the only system impacted is Change Healthcare’s insurance claim processing service. But right here in their official update page about the attack (at the bottom in very fine print); they list every single service they offer is affected.

Somehow, the only articles I am finding from big sources are using soft language like “some prescriptions”, calling it a ‘cybersecurity “issue” (it’s literally in quotes)’ and only bother mentioning “A family-owned pharmacy and two military pharmacies”. One of those articles also go as far to claim that some pharmacies were no longer experiencing the outage- the Military Health System website and the Optum update page I linked above explain they have completely shut down all their systems.

These articles I’ve shared were posted today and don’t even mention the SEC filing yesterday. The only news sources reporting the company’s “nation-state” remark are all about stock and trade.

In a report today 02/22 by the American Health Association. They recommend precautions like “disconnecting from the Optum network entirely” (Optum and Change Healthcare are under the same umbrella since a recent merger) and “organizations which utilize Optum’s services prepare related downtime procedures and contingency plans should Optum’s services remain unavailable for an extended period.” in addition, they add “Review business and clinical continuity downtime procedures to ensure mission critical and life critical functions could sustain a loss of information, operational and medical technology for up to 30 days.” and “Although no specific threat actor has been identified, the joint government agency advisory regarding ‘living off the land’ cyber technique serves as a good general guide.”. All of this sounds precautionary and not specific, but it is a lot to take in.

I searched the pharmacy subreddit; on top of several dozen sad stories of having to reject patients life saving medicines for things like cancer and diabeties; they have people saying it is not only Change Healthcare, but dozens of companies they they have found to be affected. This is a list of impacted companies quoted from a commenter in another pharmacy related subreddit:

  • Blue Cross of Blue Shield

  • MedE America

  • Change Healthcare – this will impact a majority of coupon cards and copay assistance plans.

  • Allwin data services – this will impact a majority of part b claim.

  • Sentry data services

  • ScriptSave Retailer

  • Costco (Navitus)

  • Priority Health

  • Geisinger Health

  • Prime Therapeutics

  • Triplefin

  • GoodRX

  • Cover My Meds

A post today by Reuters in Washington corroborates some of these mentioned companies above, along with a few others.

This will hopefully get solved in due time- but I am flabbergasted this isn’t plastered across every front page right now and I just had to share this somewhere.

So, to be clear:

A cyber attack, likely by an unknown country’s government, was launched at The United States’ largest healthcare provider; and the sole prescription provider for the US military.

And no one is saying shit about it.