UnitedHealth faces growing legal headaches from cyberattack
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Sarah Grillo/Axios
UnitedHealth Group is facing growing class-action lawsuits from health care providers over financial losses they say they've suffered from a massive cyberattack that's crippled payments across the industry for weeks.
Why it matters: It adds to the potential legal fallout for UnitedHealth over the attack at subsidiary Change Healthcare, as it also faces a federal investigation and patient lawsuits over breached data and trouble filling prescriptions.
Between the lines: A class-action lawsuit on behalf of a California therapy group filed this week alleges the companies failed "to maintain appropriate and reasonable cybersecurity measures."
- The practice is seeking restitution on behalf of a class of affected providers and an injunction ordering Change Healthcare to improve its cybersecurity practices.
- A Mississippi OB-GYN practice in a separate class-action suit alleges the disruption threatens to bankrupt them, per BankInfoSecurity.com.
- Another from a Tennessee therapist accuses the companies, including Change Healthcare parent Optum, of negligence and breach of implied contract, Law.com reported.
The other side: UnitedHealth this week said it's advanced more than $2 billion to providers as it works to restore operations.
- While hackers claimed to have stolen millions of patients' private medical information, UnitedHealth said it's still investigating how much data may have been compromised.
- Asked about the lawsuits, a UnitedHealth spokesperson said: "Our focus remains on the investigation and restoring operations at Change Healthcare."
