Some hospital patients may be affected by cyberattack

A billing service provider hit by a cyberattack has had nationwide effects

A cyberattack on Change Healthcare, Harbor Regional Health Community Hospital’s third-party billing service provider, may have affected some hospital patient’s ability to pay their bills electronically.

Accounts beginning with a “G” will not be able to make payments via credit card until the situation is resolved, a hospital spokesperson said in a news release. The hospital is pausing sending billing statements for all Harbor Regional Health Community Hospital entities.

“There was no incursion into our system in any way,” said Chris Majors, director of marketing and public relations for the hospital, in a phone interview.

Clients are still able to pay with check or, if they’re in-person, in cash, Majors said in the news release.

“On their billing statements, there is a send your check by mail address,” Majors said. “Don’t mail cash.”

Those with more questions can contact the hospital at 360-532-8330 and ask for patient financial services, but the hospital will not be able to take payments by phone, Majors said.

The outage is expected to last at least until the end of the day Thursday, Majors said, as the hospital waits for word from Change Healthcare and from the FBI. Any updates or return of service will be posted on the hospital’s social media platforms as quickly as possible, Majors said.

A new threat arena

The ransomware attack on Change Healthcare was waged by “Blackcat,” and occurred last week, according to Reuters. It’s affecting healthcare organizations across the country as cybersecurity firms investigate and look to plug the breach. The full extent of the breach is unknown as of Thursday according to Reuters.

It’s not the first attack that has affected Harbor Regional Health Community Hospital, Majors said, as cybercrime, both criminal and state backed, is on the rise.

“There’s been a number of different things that have happened. Some of them haven’t affected us at all, but affected our vendors,” Majors said. “We were cyberattacked ourselves in 2018, 2019.”

The healthcare industry is a frequent target for such strikes, Majors said.

“It is a very unfortunate target for lots of bad actors, the healthcare sector is. It seems like it’s continued to get worse and worse as time has gone on. People’s personal data is at risk,” Majors said. “It’s a good moneymaker for them, those actors.”

The hospital itself tightened its protocols extensively following a strike directly targeted at it, Majors said.

“Our IT, since we got our cyberattack, we have put in so many checks and firewalls,” Majors said. “Everything is locked down.”

Contact Senior Reporter Michael S. Lockett at 757-621-1197 or mlockett@thedailyworld.com.