A ransomware attack by hackers with “Blackcat” has left pharmacies across the United States unable to fulfill prescriptions for more than a week, leading to customer panic.
Signs of the cyberattack first cropped up on February 21. The attack affected pharmacies operating through Change Healthcare, whose parent company, UnitedHealth, claims to have been a previous victim of such an attack, according to U.S. News & World Report.
The hacker group responsible, Blackcat, was the subject of an FBI-led takedown in December. The latest ransomware attack has led numerous pharmacies to resort to old-school manual billing for prescriptions that offers little in the way of protection for them if patients do not pay, reported CNN.
“It’s inevitable that if you have a group that’s making millions of bucks, they are going to attempt to make a comeback,” Brett Callow, a threat analyst at the cybersecurity firm Emsisoft, told Reuters.
“As far as I am aware, they are financially motivated cybercriminals and nothing more,” Callow said in response to a question on whether the group was tied to suspected nation-states.
The ransomware attack prevents pharmacies from submitting claims to insurance companies, according to the American Pharmacists Association.
The attack has led Anthem Blue Cross Blue Shield owner Elevance Health to sever connections with Change Healthcare to protect its customers.
“The ability for our members to access medical care, services, or fill their prescriptions remains unaffected,” Elevance Health spokesperson Leslie Porras told CNN in an email.
Workarounds to the disruption are ongoing and are so far proving effective, though the hack still impacts some services.
“Since identifying the cyber incident, we have worked closely with customers and clients to ensure people have access to the medications and the care they need,” Tyler Mason, company spokesperson for Change Healthcare, said in an email to CNN. “As we remediate, the most impacted partners are those who have disconnected from our systems and/or have not chosen to execute workarounds.”
The hack is causing trauma for consumers who rely on prescriptions for basic functioning.
“I’ve gone five days, my doctors don’t know anything, the local pharmacy tech just wanted to end the awkward phone call ASAP,” a Reddit user posted. “How do I get answers to this being resolved and back to normal? Nobody has [an] answer how long this will last, or how to resolve it back to normal (with security upgrades). I cannot function outside my bed in society without my prescriptions.”
Numerous U.S. government agencies are investigating the attack, but a solution has yet to be found. Blackcat has been tied to Russian-speaking hackers, according to CNN.
“This was a systemic attack,” John Riggi, American Hospital Association’s national advisor for cybersecurity and risk, said, per CNN. “This was an attack not only on Change Healthcare. This was an attack on the entire health care sector.”
