Hackers claim Minnesota-based UnitedHealth Group paid $22M ransom for patient, employee data, reports say

Prescription disruptions after reported cyberattack targeting UHG

Prescription disruptions after reported cyberattack targeting UHG

New reports claim the Minnetonka-based health insurer UnitedHealth Group may have paid millions of dollars to hackers after a cyberattack two weeks ago.

The hack left some hospitals, doctor’s offices and pharmacies paralyzed.

Thousands of mostly smaller pharmacies reported facing major disruptions in filing prescription orders and verifying insurance coverage, although those appear to have eased.

5 EYEWITNESS NEWS spoke to some locals in the metro area who said they did not have any issues filling their prescriptions at a local Cub Foods pharmacy Tuesday morning.

RELATED: A large US health care tech company was hacked. It’s leading to billing delays and security concerns

Experts now say it appears UnitedHealth Group might’ve paid the hacker group known as “Blackcat” a $22 million ransom.

The company said in a statement to 5 EYEWITNESS NEWS that it’s “focused on the investigation and restoring operations.”

UnitedHealth Group confirmed experiencing a cybersecurity issue caused by an actor calling itself “ALPHV/Blackcat,” but has not confirmed paying a ransom.

“The smoking gun, so to speak, was a publicly visible $22 million transaction on Bitcoin’s blockchain,” cybersecurity expert Scott Spiro said.

Experts warn that paying any ransom might set a dangerous precedent and encourage future attacks.

“It’s like training a dog, you know, the dog does something and it gets a treat, it just does it again,” Spiro added.

One health analytical firm, First Health Advisory, estimates the cyberattack has been costing health care providers more than $100 million per day.