UnitedHealth Group (NYSE:UNH) on Thursday said it expects to restore Change Healthcare’s systems by mid-March, offering a potential resolution to the ransomware attack that has disrupted crucial operations across the U.S. health-care system.
The company discovered that a cyber threat actor breached part of the Change Healthcare’s information technology network on Feb. 21, according to a filing with the Securities and Exchange Commission.
UnitedHealth isolated and disconnected the impacted systems “immediately upon detection” of the threat, the filing said, but doing so interrupted pharmacy services, payment platforms and medical claims processes.
UnitedHealth said in a release Thursday that electronic prescribing is “now fully functional,” and payment transmission and claim submissions are currently available. The company said it expects electronic payment functionality to be restored by March 15, and it will start to test connectivity with its claims network and software on March 18.
There is “no indication” that any other UnitedHealth systems were compromised in the attack, the company said in the release.
UnitedHealth said the advances will not need to be repaid until claims flows are back to normal.
In late February, Change Healthcare said that ransomware group Blackcat was behind the cybersecurity attack. Blackcat, also called Noberus and ALPHV, steals sensitive data from institutions and threatens to publish it unless a ransom is paid, according to a December release from the U.S. Department of Justice.
UNH shares dropped $1.48 to $477.21.
