Federal employees, retirees and dependants covered by GEHA health care are still experiencing service outages as the company is working to restore claims processing and repayment systems after a cyber attack breached the healthcare industry in February.
GEHA, a popular Federal Employees Health Benefit plan that covers some 2 million beneficiaries, has some of its services provided by Change Healthcare, the target of the attack by a ransomware hacker group, ALPHV, or Blackcat. UnitedHealth Group, Inc., is the parent company.
Last month, GEHA showed an online message to beneficiaries saying it was having difficulties with one of its vendors, and Federal Times received complaints from some policyholders that they couldn’t access certain account statements.
“This system failure has impeded my ability to receive reimbursement for significant medical expenses incurred during [a] recent trip, despite following all prescribed claim submission procedures,” a federal retiree said in an email March 14.
RELATED
A large US health care tech company was hacked. It’s leading to billing delays and security concerns
GEHA later updated its online statement to say that it’s having challenges with member and provider print and mail services, explanation of benefit retrievals, and payment processing for dental providers, out-of-network medical providers and members. Some Flexible Spending Account payments may also be delayed.
“No action is needed from members,” the company said on its website. “GEHA is working diligently to resolve this issue to resume normal access to [explanation of benefits] and payments. GEHA’s internal technology and systems were not directly impacted by the cyberattack on Change Healthcare.”
A spokesperson for GEHA did not respond to Federal Times’ request for further comment by the time of publication.
It’s unclear how soon the issue will be fully resolved given the complexity of the healthcare system and the scale of the attack. UnitedHealth Group said it has already funneled $3.3 billion in temporary funding assistance to help providers, especially smaller practices, weather the outages. The company also said it has not yet seen any evidence of sensitive data being published on the web. The U.S. Department of Health and Human Services is also aware of the issue and has been helping coordinate Medicare continuity for affected providers.
“Many of these providers are concerned about their ability to offer care in the absence of timely payments, but providers persist despite the need for numerous onerous workarounds and cash flow uncertainty,” said Xavier Becerra, the department’s secretary, in a March 10 joint statement with the Department of Labor.
At this stage, the affected company is in the process of restoring services it disconnected in an immediate attempt to mitigate risk when the attack first happened. So far, the company has also developed a temporary workaround for claim submissions. As of mid March, Change Healthcare’s e-payments platform was restored.
GEHA said the hack does not affect policyholders’ ability to receive health benefits, visit providers and get prescriptions.
According to the Cybersecurity and Infrastructure Security Agency, since December, the healthcare sector has been the most victimized by ALPHV/Blackcat actors. Public infrastructure is a common target for enemies of the state to attempt to disable or weaken critical systems that house large sets of personal data or contribute to national security or logistics. According to the FBI’s latest report on internet crimes, 14 of the 16 critical infrastructure sectors, including health care, fell victim to cyber attacks last year.
“Let’s be clear: Cyber threats to our critical infrastructure represent real-world threats to our physical safety,” said FBI Director Christopher Wray before the House lawmakers on Jan. 31.
Change Healthcare processes 15 billion health care transactions each year.
Molly Weisner is a staff reporter for Federal Times where she covers labor, policy and contracting pertaining to the government workforce. She made previous stops at USA Today and McClatchy as a digital producer, and worked at The New York Times as a copy editor. Molly majored in journalism at the University of North Carolina at Chapel Hill.