The Sept. 29 malware assault prompted King of Prussia, Pa.-based UHS to briefly take all of its U.S. data expertise networks offline, together with techniques for medical information, laboratories and pharmacies. Servers weren’t fully restored till October.
That prompted some ambulance visitors and elective procedures at UHS’ acute-care hospitals to be despatched to rivals, the corporate mentioned. UHS additionally incurred labor prices to revive its IT operations shortly and needed to delay some administrative capabilities like billing and coding till December, which affected fourth quarter money flows.
UHS estimates that it misplaced $12 million during the third quarter of 2020 and $55 million through the fourth quarter. Most of these losses have been tied to the corporate’s acute-care phase and have been tied to misplaced working revenue from decrease affected person exercise.
“Though we are able to present no assurance or estimation associated to the receipt timing, or quantity, of the proceeds that we might obtain pursuant to business insurance coverage protection we’ve in reference to this incident, we imagine we’re entitled to restoration of nearly all of the final word monetary impression ensuing from the cyberattack,” the corporate mentioned.
The corporate mentioned it labored with third-party IT and forensic distributors to investigate the attack and hasn’t discovered any “proof of unauthorized entry, copying or misuse of any affected person or worker information has been recognized thus far.”
UHS shared details about the cyberattack with its fourth quarter earnings report. Over the past quarter of 2020, UHS had web revenue of $308.7 million, in comparison with $245.2 million through the last quarter of 2019. The corporate attributed the rise largely to $200 million in grants, specifically the CARES Act. For 2020, UHS reported $944 million in web revenue, up from $814.9 million in 2019.