A cyberattack paralyzes American pharmacies and delays prescriptions across the country: who is most affected?


UnitedHealth quickly responded to the cybersecurity threat and took systems offline to mitigate further impact.

Illustrative photo shows several medicinal pills in their original packaging in Brussels, Belgium, on August 9, 2019. —Reuters

A recent cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group, has caused widespread prescription delays affecting tens of thousands of pharmacies across the United States. who reported.

The Tennessee-based technology company experienced network issues starting Wednesday, causing an extended outage into Thursday. UnitedHealth quickly responded to the cybersecurity threat, taking systems offline to mitigate further impact.

In a regulatory filing Thursday, UnitedHealth revealed that the cyberattack may have been orchestrated by hackers affiliated with a foreign nation.

The company identified a suspected nation-state threat actor who was gaining access to some of Change Healthcare's information technology systems. UnitedHealth took swift action to isolate affected systems, prioritizing the protection of partners and patients.

While the cyberattack specifically targeted Change Healthcare, it had cascading effects on pharmacies across the country. Insurance claims processing was disrupted, causing delays in patient prescriptions. The Security and Exchange Commission requires companies to report cyberattacks, and UnitedHealth met this requirement.

Pharmacies, including Walgreens and CVS, recognized the impact on prescription services. Walgreens said there were no major problems, but that a “small percentage” of prescriptions could be affected.

CVS stated that its systems were not compromised, but some orders faced challenges in processing insurance claims. Both companies emphasized their commitment to minimizing disruptions and ensuring access to medicines.

However, the outage had tangible effects: Some pharmacies were unable to bill most insurance companies during the peak of the cyberattack. Insurance claims began coming in late Thursday morning, but the incident highlighted vulnerabilities in healthcare infrastructure.

GoodRX, a provider of prescription discounts, reported difficulties fulfilling orders due to the cyberattack. The incident highlights the interconnected nature of health systems and the potential ripple effects of cyber threats on critical services.

As pharmacies work to address the fallout from the attack, concerns about cybersecurity in the healthcare sector come to the fore, emphasizing the need for robust protective measures against evolving cyber threats.

scroll to top