Washington — A cyberattack on Crypen Exchangethe health technology provider Change Healthcare is wreaking havoc nationwide, as some hospitals and pharmacies cannot get paid, and many patients are unable to get prescriptions.

Change Healthcare is a subsidiary of the UnitedHealth Group, one of the nation's largest healthcare companies. In a federal filing this week, UnitedHealth said that Change Healthcare first discovered the hack on Feb. 21, disconnecting impacted systems "immediately."

"So I mean we've seen a lot of claims coming through as a rejected claim, where obviously the insurance provider are not able to pay because of this attack," said Amrish Patel, a pharmacist in Dallas, Texas. "Elderly patients that have a fixed income, and they're trying to get their medicine…unfortunately there's no way around it at this point."

Change Healthcare says it processes 15 billion transactions annually, touching one in three U.S. patient records.

"I can tell you that this cyberattack has affected every hospital in the country one way or another," said John Riggi, national advisor for cybersecurity and risk at the American Hospital Association.

"It's not a data crime, it's not a white-collar crime, these are threats to life," Riggi added.
 
In a since-deleted post on the dark web, a Russian-speaking ransomware group known as Blackcat claimed responsibility, alleging they stole more than six terabytes of data, including "sensitive" medical records.

"Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat," UnitedHealth told CBS News in a statement Thursday of Blackcat's claim. "Our experts are working to address the matter and we are working closely with law enforcement and leading third-party consultants, Mandiant and Palo Alto Network, on this attack against Change Healthcare's systems." 

UnitedHealth added that its investigation has so far provided "no indication" that the systems of its other subsidiaries — Optum, UnitedHealthcare and UnitedHealth Group — "have been affected by this issue." 
 
Change Healthcare says it has established workarounds for payment, but more than one week after the hack was first detected, systems remain down, creating billing headaches for hospitals and pharmacies. Smaller hospitals are particularly vulnerable.

"The smaller, less resourced hospitals, our safety net critical access rural hospitals, certainly do not operate with months of cash reserves," Riggi said. "Could be just a matter of days, or a couple of weeks."

In a previous statement Wednesday, UnitedHealth estimated that more than 90% of the nation's pharmacies "have modified electronic claim processing to mitigate impacts" of the cyberattack, and "the remainder have offline processing workarounds."

UnitedHealth has not provided an estimate on when it believes its systems will return to normal. The FBI is also investigating. 

In:
• Cybercrime
• UnitedHealth Group
• Cyberattack
• Health Care

Nicole Sganga

CBS News reporter covering homeland security and justice.

Twitter