Patients across the country are still unable to access potentially lifesaving medications a week on from a cyber attack on America’s largest health insurer.

UnitedHealth revealed its Change Healthcare unit – which processes prescriptions to tens of thousands of pharmacies – was compromised last Wednesday during a suspected state-sponsored hack.

The hack led to the company’s Optum software being taken down, preventing pharmacies like CVS and Walgreen’s from processing prescriptions with insurance.

As of today, some services are still down. Patients told that they have been denied medications for blood clots, addiction, and cancer or been forced to pay as much as seven times the normal cost after insurance.

A cyberattack on a unit of UnitedHealth has made pharmacies nationwide unable to get prescriptions to patients

The debacle also comes as the US battles historic shortages of lifesaving drugs like chemotherapy and antibiotics. 

Julie Gregory of Ohio just started oral chemotherapy last week for stage three cancer

However, she has suffered adverse side effects, and the hack has left her pharmacy and hospital too overwhelmed to adjust her dosage or get her a new prescription. This has caused her intense suffering.

‘I haven’t been able to go to the bathroom in days,’ she told ‘I cannot get up. I have so much pain in my abdomen and back.’

‘I literally can’t move.’ 

Ms Gregory said she has called her doctor and hospital several times but has yet to get any assistance since the hack began. ‘They are too overwhelmed to call back, give me direction, or help,’ she said. 

Oral chemotherapy is given via pills or tablets rather than an IV to slow the growth of cancer cells. 

Though the dosage depends on the type of cancer and other underlying factors, the American Cancer Society (ACS) strongly discourages missing a dose, as it could make the treatment less effective. 

This means that if Ms Gregory cannot get her chemo pills, her overall treatment plan could be less effective, making her potentially less able to fight her cancer. 

It’s still unclear how exactly how many patients are affected, but UnitedHealth serves about 7.7 million customers nationwide. 

According to the New York Times, Change handles roughly 15 billion transactions a year, which could represent as many as one in three US patient records. 

The number of cyberattacks on healthcare providers has more than doubled since 2016 – with 91 per year in 2021 compared to 43 five years ago 

Up to 80 percent of hacks led to disruptions to operations – which lasted weeks

Chrystal Russell’s pharmacy told her that she would be unable to pick up her Vivitrol, a prescription injection used to treat alcohol and opioid dependence.  

Ms Russell does not have UnitedHealth but instead uses Humana Medicare Advantage, which is insurance for Americans over age 65.

Though she does not have UnitedHealth, her pharmacy has been too overwhelmed with a backlog to fill her prescription on time. 

Ms Russell’s pharmacist told her she should get the medication later in the week, though she worries about the risk of further delays. ‘That’s going to impact my recovery,’ she told

Vivitrol injections are typically given by a healthcare professional every four weeks and injected into the buttock. The drug, which contains the active ingredient naltrexone, slowly releases into the body and stops dopamine from being released.

This is meant to decrease the risk of cravings for alcohol or opioids. However, levels drop about two weeks after each dose. 

If a dose is missed, dopamine isn’t being properly suppressed, leading to cravings and potential relapse. 

Further delays for Ms Russell’s prescription could compromise her recovery and put her at risk of relapsing. 

Ms Russell said that the incident has also left her ‘concerned’ about future attacks, as her elderly mother is covered by UnitedHealth and takes several prescriptions for health issues like chronic obstructive pulmonary disease (COPD), heart failure, and severe osteoporosis. 

Susan Scherer, 65, told that she has been unable to receive her prescription for Warfarin from her Oregon pharmacy since last Thursday.

Warfarin is a blood thinner, meaning that it keeps blood form clotting in those at risk. Untreated blood clots can lead to stroke, heart attack, and pulmonary embolism.

After paying for the medication online at Oregon-based pharmacy Samaritan Health, she received a notification that the pills were ready to pick up. 

‘Then I go down there and they won’t give it to me,’ she said. 

The pharmacist did not explain the cyber attack but instead used ‘vague’ terminology. ‘They said that a third-party company that verifies discounts and purchases was down and they weren’t sure when it was going to be back up.’ 

Ms Scherer did not specify which discount program it she uses, but Change Healthcare’s website states that it can help patients get cheaper prices for their medications.

When Ms Scherer asked how long it would be, the pharmacy had no answer. Instead, she said they tried to convince her not to try to get the medicine yet, as she was picking it up early. 

She tried transferring the warfarin to another pharmacy. ‘Come to find out, they never even did anything with it. There was no follow through.’ 

When Ms Scherer last heard from the pharmacy on Monday, she was told they couldn’t verify the prescription discount program she uses.

‘I was notified that it was ready, so I’m assuming they have it, but they won’t give it to me.’ 

She tried Rite Aid, Oregon-based Samaritan Health, and her local Veterans Affairs branch but was told that if she wanted the medication, she would have to pay full price, more than seven times the cost after insurance. 

‘What I once could get for $13.50 is now over $100,’ Ms Scherer said. ‘So I’m left with nothing or pay full price.’

‘The biggest concern that I have is when is this going to end? That’s the question.’ 

Ransomware attacks doubled this past year on city administrations, schools, and hospitals

On Wednesday, the pharmacy finally told her that she could pick up the warfarin. 

Several prescription providers announced that they were impacted by the hack, including CVS, Walgreen’s, Wal-Mart, and online marketplaces like GoodRx. 

CVS Health, which has more than 9,000 pharmacies, said that the hack meant that, ‘in certain cases’ it was unable to process insurance claims.

‘We’re committed to ensuring access to care as we navigate through this interruption,’ the company’s statement said. 

Walgreens, which serves nine million customers, said a ‘small percentage’ of its prescriptions ‘may be affected,’ but that the company had safeguards in place to process and fill them ‘with minimal delay or interruption.’ 

Independent pharmacies also reported issues.  

‘Please be patient with us and all of the pharmacies affected by this,’ Dayton Drug and Wellness, a community pharmacy in Dayton, Tennessee, wrote on its Facebook page.

When Change Healthcare went public in 2019, the company’s S-1 filing noted that its customers include ‘the vast majority of US payers and providers’ and ‘approximately, 2,200 government and commercial payer connections, 900,000 physicians, 118,000 dentists, 33,000 pharmacies, 5,500 hospitals, and 600 laboratories.’ 

The American Hospital Association said Monday that the attack is ‘having effects on the entire health care system.’ 

The Wall Street Journal reports that the Justice Department is opening an antitrust investigation into UnitedHealth, which acquired Change Healthcare for $13 billion in 2022. 

On Monday, two sources familiar with the matter told Reuters that hackers working for the ransomware gang ‘Blackcat’ are behind the outage. 

This disputes United Health’s claim that the hack was committed by a nation-state. 

Blackcat did not immediately respond to Reuters when asked if the group was responsibility. 

The sources said that Mandiant, a cybersecuity part of Alphabet, is investigating the breach. 

In a statement, Mandiant confirmed it ‘has been engaged in support of the incident response’ but declined to comment further.

Blackcat, also known as ALPHV, is a notorious ransomware group that has targeted more than 1,000 computer networks, according to the US Department of Justice. 

The Justice Department said that Blackcat has become the ‘second-most prolific ransomware-as-a-service variant in the world based on the hundreds of millions of dollars in ransoms paid by victims around the world.’

Andrew Rossow, an attorney in Florida, told that ‘it’s not too far fetched to wonder if Blackcat was involved in some way, just given its track record.’

‘This is a big deal. It’s a big wakeup call.’ 

Mr Rossow recommended that any affected patients reach out to a local attorney and file a complaint with the HHS. 

This is far from the first time a health system has been the target of a cyber attack. 

The UnitedHealth hack comes as the US battles a historic shortage of potentially lifesaving drugs. Patients like Ryan Dwars (left), 39-year-old father-of-two from Iowa was diagnosed with pancreatic cancer, and a nine-year-old girl in Florida (right) have been impacted by that overall shortage

According to records from the US Department of Health and Human Services (HHS) Office for Civil Rights, hundreds of breaches at hospitals, health plans, and doctors’ offices are being investigated. 

In 2022, an attack was carried out against CommonSpirit Health, a system that runs 140 hospitals and 1,000 care sites across 21 states. 

This resulted in dangerous consequences for patients, including a three-year-old boy in Iowa who was accidentally given a megadose of opioids when the computer system dictating dosing was shot down. 

And in August, hospital computer systems operated by Prospect Medical Holdings were compromised, wreaking havoc in hospitals across five states

In 2022, an analysis from researchers from the University of Minnesota in Minneapolis looked at 374 ransomware attacks across the US between January 2016 and December 2021. 

Results showed that the frequency of the hacks more than doubled in that time — from 43 breaches in 2016 to 91 in 2021.

Almost half (44 percent) of ransomware attacks disrupted the delivery of health care, with one in 10 leading to canceled appointments or operations and four percent causing ambulance diversions. 

In total, the medical records of 41.9million Americans were accessed in that time, but hackers became much more adept at obtaining patient information. 

Related Post