Change Healthcare cyberattack: Company reportedly paid hackers in controversial decision
PHOENIX - The cyberattack against one of the largest health care tech companies in recent weeks might have cost the company a lot of money.
"We are at a standstill," said Randle House with Metier Pharmacy in Phoenix.
Since the attack on Feb. 20, the need for medicine rose, with some just paying the full cash price.
We have previously reported on a cyberattack against Change Healthcare, and how the attack affected pharmacies and patients in Arizona. According to a report by tech blog Wired, hackers behind the cyberattack just received a $22 million payment that is believed to be a ransom paid by Change Healthcare.
The company wouldn't address that question when we asked. However, company officials did say, in a brief statement, that "we are focused on the investigation and restoring operations at Change."
Despite the reported payment, House said the system is still not back online.
"I feel for our patients. I feel for our staff," said House. "They're fielding so many calls right now, and unfortunately, we get the brunt of it because we're sort of the middle man, but there's absolutely nothing we can do about it. Absolutely nothing."
Read More: What to know about websites and services going down
The reported payment also has some in the cybersecurity world upset. They say it sends the wrong message and only encourages more hacks in the future.
"It's a bad day for the good guys in cybersecurity. It's unfortunate to see the bad guys winning, and getting these massive payments. We have to stop paying ransoms because it's fueling this criminal enterprise," said Tim Roemer.
Roemer, who used to head the Arizona Department of Homeland Security, is now the Chief Security Officer at Scottsdale-based GMI. He said the money should be spent preparing for attacks instead of paying off the attackers.
"An ounce of prevention is worth a pound of cure," said Roemer. "The true, easiest way out of this is for organizations to start prioritizing cybersecurity at the highest levels of investment."