A payment and claims clearinghouse platform owned by United Healthcare was hacked in February. The fallout affected patients directly, by preventing them from being able to pay for prescriptions at pharmacies that run the platform. The lack of payments also caused financial hardship for many smaller healthcare systems that depend on the platform and were left short on cash flow.
Why It Matters
The attack itself was a ransomware attack. Hackers stole patient data and and demanded money to unlock company files it had encrypted. The platform shut down most of its network to address the issue.
This is all standard following a ransom attack, but it can cripple or even bring down a smaller entity that doesn't have adequate resources to address the problem. The need for backup and continuity plans is imperative. That is equally true – or perhaps even more true – for any vendors who supply mission-critical services to your business. You can use your services contracts to require advance assurances of adequate security, backup, continuity planning, and resources such as insurance to help make those services available even if the vendor suffers an attack. Waiting until after an attack, on the other hand, means you will be one of dozens or hundreds of customers lining up for help.
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-02-06-16-16-46-327-65c25b6e9e14f56dc129e31c.jpg)
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-04-25-13-20-13-103-662a588d0a007d32978e51c8.jpg)
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-04-22-14-46-40-757-662678501f76e96e68653bb3.jpg)
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-04-24-13-56-34-707-66290f92521e45eda26baa15.jpg)