Change Healthcare, a healthcare technology company owned by UnitedHealth Group, Thursday revealed a ransomware group, ALPHV or Blackcat, has taken responsibility for last week's cyberattack.
Change, which says it processes 14B transactions a year, explained that its systems have been affected and it has had to take its operations offline, but it doesn't believe any other systems across UnitedHealth Group have been impacted.
Government agencies have been diligent in disrupting ransomware organizations, but they seem to be bouncing back. More must be done to protect healthcare organizations and other vital services from these sorts of attacks. It's going to take a combination of stiffer sanctions on bad actors, improved security for potential victims, and perhaps laws banning ransomware payments to prevent future disruptions.
Whether Change Healthcare did all it could to protect against this type of attack will be determined by ongoing investigations. But in the meantime, it's incumbent upon the company to do more to communicate with medical providers and pharmacies to let them know what's going on and how to keep their practices and businesses afloat while the reimbursement system is in limbo.