Change Healthcare Outage Due to Cybersecurity Attack

Beginning Wednesday, February 21, 2024, Change Healthcare experienced a cybersecurity attack.

As reported by PYA, the ransomware gang BlackCat (also known as ALPHV) is behind the attack. The attack resulted in Change Healthcare shutting down more than 100 applications/services as it works through restoration. In addition, some vendors have disconnected from Change Healthcare services as a precautionary measure. Services impacted include real-time eligibility verification, electronic claims submissions, and electronic remittance advices for healthcare providers, including pharmacies. Payers may have portals that can be used to manually verify eligibility. Alternative claims submission processes, either electronically or on paper, are recommended until Change Healthcare’s services can be restored.

More Information & Guidance

KMAP Updated General Bulletin 24052 includes guidance on dispensing pharmaceuticals as well as verifying member eligibility and submitting claims through the Provider Secured Portal. HHS also issued a statement with guidance. Please reach out to payers for guidance on services affected by the Change Healthcare outage.

Healthcare providers who receive payments processed by Change Healthcare and have an Optum Pay account may be eligible for temporary funding assistance through Optum Financial Services. The American Hospital Association sent a letter to UnitedHealth Group regarding their concerns about Optum’s temporary funding assistance. This outage highlights the importance of keeping up-to-date on the latest security advisories, hardening network infrastructure, patching vulnerabilities, securing remote access tools, implementing user training on social engineering, and validating security controls to ensure that business continuity can be maintained as well as having operational contingency plans in place to address revenue cycle disruption and clinical documentation.