BATH, Ohio — A cyberattack that disrupted Change Healthcare's digital networks one week ago continues to cause disruptions at pharmacies and leave patients waiting for important prescriptions in limbo.
Change Healthcare, a subsidiary of UnitedHealth Group, is used by pharmacies nationwide to verify insurance coverage. It's reach is widespread, touching approximately one in three patient records in the United States.
At Colonial Pharmacy in Bath Township, owner and pharmacist Robert Kerek has been dispensing medicine for more than 50 years in his family-owned store.
"A typewriter, pencil, and paper — nothing wrong with that," Kerek says, with a chuckle, referring to the "old school" way of handling prescriptions.
But with prescriptions almost exclusively handled electronically, the cyberattack on the nation's largest commercial prescription processor has disrupted billing for countless Americans. Kerek's small-town touch, though, ensures his patients don't go without.
"We take care of the patient," he told 3News. "We'll take the information and bill the prescription when we can."
It amounts to a short-term loan, which Kerek says he's fortunate to be able to provide to help his customers.
Parent company UnitedHealth told CNBC the hack was discovered on Feb. 21, prompting UnitedHealth to isolate the impacted systems. The company says, as of Monday, more than 90% of the nation's pharmacies have set up electronic workarounds.
However, that's not the case for patients like Jenny Goebbel's son, who had his prescription denied.
"It was $300, and I said, 'Well, why can't Medicaid pay for that one?'" Goebbel, of Mentor, said. "They said they could reimburse me once everything finally goes through. Certainly this is a big chunk [of our budget], and we're on Medicare, so we don't have tons of money."
The cyberattack prevented the pharmacy from filling her son's prescription for glucose test strips to monitor his diabetes. Goebbel decided to pay the $300 herself.
UnitedHealth attributed the ransomware attack to BlackCat, the notorious ransomware gang that took down casino giant MGM last year. A motive is not clear.
"That changes depending on the group," cybersecurity analyst Jonathan Gavris, from Hurricane Labs in Independence, explained. "A lot of times, it's monetary, it's money. Sometimes they like to send a message. Sometimes it's political."
Meanwhile, until the insurance processing issues are resolved, people like Goebbel wait and worry.
"Right now, I have to pay the price," she said. "He's supposed to get tested four times a day, and I guess we'll have to go down to two or three. I don't want to have to do that. We shouldn't have to do that."