UnitedHealth Group Inc. is headquartered in Minnetonka, Minnesota, USA.
Mike Bradley | Bloomberg | fake images
Change Healthcare systems down for fourth day in a row after parent company UnitedHealth Group revealed that a suspected cybersecurity threat actor gained access to part of its information technology network on Wednesday.
UnitedHealth, the largest US healthcare company by market capitalization, owns healthcare provider Optum, which merged with Change Healthcare in 2022. Optum serves more than 100 million patients in the US ., according to its website, and Change Healthcare offers solutions for payment and revenue cycle management.
UnitedHealth said it identified an actor “suspected of being associated with the nation-state” behind the attack, according to a filing Thursday with the U.S. Securities and Exchange Commission. The company isolated and took affected systems offline “immediately upon detection” of the threat, according to the document. UnitedHealth did not share further details about the nature of the attack in the filing.
ET on Saturday, Change Healthcare said the outage is expected to continue “at least” through the day. The company said Friday that it has a high level of confidence that the Optum, UnitedHealthcare and UnitedHealth systems have not been affected.
“We are working on multiple approaches to restore the affected environment and will not take any shortcuts or take any additional risks as we bring our systems back online,” Change Healthcare said Saturday.
UnitedHealth did not share any additional information with CNBC beyond the update.
While UnitedHealth did not specify exactly which Change Healthcare systems were affected by the attack in its regulatory filing, companies like CVS Health said the outage is affecting some of its business operations.
CVS Health continues to fill prescriptions but is unable to process insurance claims in certain cases, the company told CNBC in a statement Saturday. CVS Health said there is “no indication” that its own systems have been compromised.
“We are committed to ensuring access to care as we navigate this disruption,” CVS Health said in the statement.
The American Hospital Association issued a statement Thursday urging healthcare organizations to disconnect from Optum until it is deemed safe to reconnect. The AHA said it has been speaking with the Department of Health and Human Services, the FBI and the Cybersecurity and Infrastructure Security Agency about the attack, according to the statement.
The AHA declined to comment on the Change Healthcare cyberattack. The FBI, HHS and CISA did not respond to CNBC's requests for comment.