LAS VEGAS (KTNV) — It's been just over two weeks since a cyberattack group hacked Change Healthcare, which is part of UnitedHealth Group. We are now learning the impacts it is having on the Nevada healthcare system.
On Wednesday, the Nevada Hospital Association stated the hospital system and infrastructure are facing challenges. While the ability to care for trauma patients, perform surgeries, and administering treatments is in good condition, communication systems with external partners have been significantly impaired.
WATCH: Cybersecurity incident causes health services disruption
In their weekly hospital report, the NHA said Change Healthcare was breached by AlphV Blackcat, a known cybercriminal organization, which is also believed to be behind the cyberattack on MGM Resorts International. According to the Federal Bureau of Investigation, the group has targeted the computer networks of more than 1,000 victims so far.
RELATED LINK: FBI unveils tool to help cyberattack victims
In the healthcare hack, the group has reportedly stolen "about 4TB" of healthcare information. For context, a hard drive with four trillion bytes of data could hold around 800,000 high-resolution photos, 1 million MP3 songs, or 1,000 hours of HD video.
"Because of the breach, healthcare organizations were required to disconnect APIs and other connectivity to the service. The full damage of the breach remains undetermined, but the effects are rippling across the country," the report reads in part.
The NHA said the following services have been impacted in Nevada:
- Inability to verify health insurance coverage for patients
- Disrupted claims processing
- Retail pharmacy challenges within hospitals
- Patient Portal access disruptions
- Employee Health Savings Account disruptions
- Inability to report on quality management to the Centers for Medicare and Medicaid Services (CMS)
According to the NHA, the hack is affecting one in three hospital patients in the United States.
Here in Southern Nevada, one of the healthcare facilities that is facing issues is Comprehensive Care Centers, who sent Channel 13 the following statement.
"Due to the nationwide outage, our system is still down. We have created a work around to schedule patients who need appointments within the next 30 days. We are hopeful the system will be up by the end of next week. We continue to see patients and schedule new patients."
Scripps News is reporting that Change Healthcare has paid around $22 million in ransom to AlphV Blackcat.
In response to the hack, Change officials announced they have launched a Temporary Funding Assistance Program webpage and a "new instance" of its RX ePrescribing service.
The U.S. Department of Health And Human Services has also announced several steps that the Centers for Medicare & Medicaid Services, CMS, can take to assist providers to continuing serving patients. That includes providing advance funding to providers most affected by the cyberattack and be prepared to accept paper claims from providers who need to file them.
"This is a reminder of the interconnectedness of the domestic healthcare ecosystem and of the urgency of stregthening cybersecurity resiliency across the ecosystem," HHS officials said in a statement.
RELATED LINK: Risk of cyberattacks on hospitals is growing, experts say
According to the HHS Office for Civil Rights, cyber incidents in healthcare are on the rise.
From 2018-2022, there was a 93% increase in large breaches with a 278% increase in large breaches involving ransomware.
