Unitedhealth, the parent company of Change Healthcare, disclosed that the costs incurred to mitigate the effects of a cyber attack in the first quarter of 2024 amounted to $872 million.
In addition to this sum, Unitedhealth also provided advance financing and interest-free loans exceeding $6 billion to support healthcare institutions impacted by the attack.
In their quarterly report, Unitedhealth revealed that the cyber attack had an estimated impact of $0.74 per share on the company’s financial results for the first quarter, with expectations that this figure will rise to $1.15-$1.35 per share by the end of the year.
The ongoing efforts to address the aftermath of the attack are projected to surpass $1 billion, encompassing a ransom payment of $22 million made to the perpetrators.
In contrast, MGM Resorts, a casino network that fell victim to cyber attacks last year, did not pay a ransom but incurred costs exceeding $100 million for system restoration, operational disruptions, data breaches, and other related expenses.
Unitedhealth reported an income of $7.9 billion in the first quarter, with a net loss of $1.221 billion. They posted an adjusted profit of $6.91 per share, factoring in impacts from business disruptions, excluding the sale of units in Brazil, and direct expenses related to combating cyber attacks, amounting to $0.49 per share.
Following the financial results disclosure, Unitedhealth’s shares surged by 7.5%, marking a positive development after a significant decline post-attack.
In a statement, Unitedhealth Group’s CEO, Andrew Whitti, emphasized the company’s commitment to enhancing customer services and ensuring sustainable growth, despite the challenges posed by the cyber attack on Change Healthcare.
Change Healthcare continues to grapple with the repercussions of the incident, compounded by the deceitful actions of the Alphv extortionists who vanished after receiving the ransom. Reports suggest that the group’s partners, left unpaid, are collaborating with RansomHub to further extort Change Healthcare using the pilfered data.