- The hack is reportedly costing UnitedHealth group $100 million every day
- One Seattle native said she paid 3,000 percent more than usual on medicine
- READ MORE: Thousands of pharmacies unable to get prescriptions to patients
The massive cyberattack last month against a major healthcare system has forced millions of Americans to either stop taking their medications or pay exorbitant fees out of pocket.
The impact of the hack by the cyber gang BlackCat is so severe that hospital groups are urging the federal government to step in and provide accelerated payments to doctors’ offices, pharmacies, and other healthcare providers that are currently struggling to bill patients and receive payments.
Change Healthcare, a subsidiary of insurance giant UnitedHealth Group, processes billing claims and payments to insurers.
The ransomware attack against the company, which processes a reported 15billion claims totaling more than $1.5 trillion a year, affected nearly every aspect of its operations.
The hack has meant that pharmacies cannot process insurance payments, forcing desperate Americans to hand over potentially thousands of dollars for medications that would normally be covered by insurance and cost far less.
And people who rely on medication everyday have detailed to DailyMail.com the ordeal they’ve endured to get their life-saving prescriptions.
The number of cyberattacks on healthcare providers has more than doubled since 2016 – with 91 per year in 2021 compared to 43 five years ago
Change Healthcare launched a temporary funding program for providers struggling with cashflow after the cyberattack.
The program requires the funds to be repaid and gave no indication of when the normal billing process would resume.
Optum financial services, through which the program is offered, said: ‘We have been able to estimate your average weekly payments, which will be the basis for the support.
‘Our plan is to take this week by week with people re-upping for funding each week as needs persist.’
But the American Hospital Association, a trade group that represents nearly 5,000 healthcare systems, slammed the company for making the funding only available to an ‘exceedingly small’ number of hospitals.
The group sent letters to congressional leaders and UnitedHealth group urging both entities to do more.
In its communication with United, the group said the company’s temporary funding program was ‘not even a band-aid on the payment problems you identify.’
The AHA continued: ‘As you know, hospitals across America typically get reimbursed daily by health insurers that rely on Change Healthcare to both receive and pay claims.
‘Every day that core Change Healthcare functionality remains down is a day that providers are not receiving the funding they need to pay doctors and nurses, purchase medical supplies, and keep complex facilities open to provide 24/7 patient care.’
The group also told Congress the cyberattack was ‘the most significant cyberattack on the U.S. health care system in American history.’
And Democrats seem to be on board with increasing federal government payments to thousands of hospitals.
Senate Majority Leader Chuck Schumer said the delay in payments to providers ‘is costing hospitals across the country millions for every single week this continues, and some people are even struggling to get prescriptions filled at their local pharmacy.
‘We need to give our hospitals the immediate relief they need so that they won’t be forced to reduce patient care.’
Hospitals and doctors submit claims to insurance to cover some or all of their patient’s care. But with the system in its current state, they can’t do that, which hurts their bottom line and, ultimately, the quality of care they can deliver.
UnitedHealth Group, for its part, has not offered a prospective date by which the issues will be resolved.
Tyler Mason, UHG’s vice president of communications told DailyMail.com: ‘We are focused on the investigation and restoring operations at Change.’
But patients have described a frustrating ordeal trying to get the medications they rely on and, in some cases, are forced to pay more than $2,000 for a prescription that would normally cost them between $10 and $30.
Olivia Coltrane, a native of the Seattle area, said her regular prescription of generic Vyvance to treat her ADHD normally costs about $3, but she had to pay $92, a mark up of nearly 3,000 percent.
Ms Coltrane detailed to DailyMail.com the effort it took to get her medication and even when she did, it was only for a two-week supply.
Her doctor sent the prescription to her local Costco pharmacy three to four times and they didn’t receive it.
Finally, when she called a fourth time to check in, the pharmacist informed her of a system-wide hack and that her doctor’s electronic prescribing platform was down.
She was told she needed to get a paper prescription, something her doctor does not generally do.
Ms Coltrane told this website: ‘So the doctor’s office is trying to find another provider that I would have to drive an hour and a half to get the physical prescription.
‘And they say, “oh, yeah, we have somebody but they’re working from home today.” So I called the insurance company, and they were able to make an exception for only until five o’clock that day.
‘I spent two and a half solid hours on the phone with insurance companies, pharmacies, and doctors just trying to get my medication filled.’
She was eventually able to fill her script at a different pharmacy in a hospital, but she only has seven days of medicine left and is not sure how her next quest for a refill will go.
She said: ‘All I can do is hope that they’ll have it in stock.’
Meanwhile in Arizona, Margaret Brown, 50, has struggled for weeks to secure her son’s insulin for his type 1 diabetes.
She called in a refill at the end of February, and was told by a pharmacist that a recent breach had disrupted their ability to fill scripts and bill insurance.
Typically, Ms Brown spends zero dollars for a month’s worth of insulin, but she would have had to pay $400 this time.
She told DailyMail.com that, because he still had a bit of insulin left, she waited a bit to call the pharmacy back to see if her claim had been processed.
She said: Yesterday, I went to the pharmacy and asked them again. And they never called me or anything. I just happened to go there and they said it was ready and that it went through.
‘So he didn’t go without but if he was gonna go without, I would have had to pay the $400.’
Ms Coltrane and Ms Brown both expressed concern for other Americans who rely on crucial medications unable to get them.
Ms Brown said the situation was especially nerve-wracking given the necessity of insulin for her son, adding: ‘I can’t imagine what other people are going through with other types of meds, like hypertension or things like that. I don’t know. Maybe they just pay for it outright, but insulin is just too expensive just for the average person anyways.’
This was far from the first cyber attack on healthcare systems. Eighty-eight percent of healthcare systems surveyed last year said they had experienced at least one attack within the past year.
Sixty-eight percent of respondents who experienced ransomware attacks said the attacks negatively impacted patient safety and care.
The White House is considering a range of options to respond to this attack and stave off more in the future, including retaliating against the cyber gang and longer-term initiatives meant to shore up hospitals’ cyber security and ban ransom payments in the future, Politico reported.
The recent hack affected UnitedHealth’s mail order pharmacy service Optum, as well as several other pharmacies such a Walgreens, CVS, Costco, Publix, and Kroger.
CVS Health, which serves around 100 million Americans daily across 9,000 pharmacies, said that the hack meant that, ‘in certain cases’ it could not process insurance claims.
‘We’re committed to ensuring access to care as we navigate through this interruption,’ the company’s statement said. A spokesman for the chain did not immediately provide further details.
And Walgreens, which serves nine million customers, said a ‘small percentage’ of its prescriptions ‘may be affected.’ Still, the company had safeguards to process and fill them ‘with minimal delay or interruption.’
The company said it had no additional information to share about the incident.
The hack on February 21 forced Change Healthcare to disconnect all of its systems to mitigate the risk of an even greater attack.
But that move led to the suspension of more than 100 services and the risk that hospital systems and other providers would soon become insolvent.
The hack has apparently cost them about $100 million every day, according to First Health Advisory, a private risk management firm.
The fallout of the hack has been compared to that of the Colonial Pipeline ransomware attack of 2021, in which cyber criminals stole 100 gigabytes of data within a two-hour period.
Like that attack, this latest one marks a crisis for the industry and an overall national security concern.
On Sunday night, someone claiming to be from a BlackCat affiliate posted on the cybercrime forum Ramp that UHG had paid a $22 million ransom in the form of Bitcoin, but the claim has not been verified.
If true, however, it would set a dangerous precedent for caving to terrorists’ cyber attacks.