A cyberattack that's made it harder for patients nationwide to get their prescriptions filled exposed a major vulnerability facing health care: consolidation.

Why it matters: The attack against a UnitedHealth Group subsidiary that's a major player in how the industry processes payments underscores how a well-targeted strike can reverberate across the entire industry and jeopardize patient access to needed treatment, experts said.

What they're saying: "This is our Colonial pipeline moment," said John Riggi, national adviser for cybersecurity and risk for the American Hospital Association, referring to the 2021 cyberattack that led to a six-day shutdown resulting in gas shortages along the East Coast.

• Growing cyberattacks on health facilities have disrupted care at individual hospitals and even across multiple health systems, but none has had such a wide-reaching impact across the sector, experts said.
• This attack on Change Healthcare, which is part of United's health services unit Optum, may have rippled even further than needed.
• Many hospitals, pharmacies and physician offices that use the company's payment network completely disconnected their systems from Optum and even some UnitedHealth systems out of an abundance of caution.
• “We’re very concerned about [consolidation], especially for a mission-critical third party that provides such essential services and technology for the entire health care sector,“ Riggi said. “All the hospitals and health systems are touched by this in some manner.”

The impact of the Colonial Pipeline shutdown didn't immediately become clear to people when they first heard about it, said Forrester principal analyst Jeff Pollard. "It was when they went to the gas station and the pumps were empty," he said.

• The attack on Change Healthcare could become real for a lot more patients seeking prescription refills if it's not resolved very soon, Pollard said.

Catch up quick: Change Healthcare, which was acquired by Optum in 2022, describes itself as being "at the center of the health care ecosystem" and says it processes 15 billion health care transactions annually.

• But since Feb. 21, the company took many of its systems offline after it detected a cyberattack. Change Healthcare said it has "high confidence" that Optum and other divisions at United, the nation's largest insurer, were not affected.
• "We are working on multiple approaches to restore the impacted environment and will not take any shortcuts or take any additional risk as we bring our systems back online," the company said in a statement.
• The notorious ransomware group known as Blackcat was to blame for the attack, Reuters reported Monday.

Between the lines: This cyberattack highlights another major vulnerability in health care: limited contingency plans for system outages.

• While some pharmacies and hospitals were able to keep operations moving with backup procedures — including in some cases pen and paper — others struggled.
• "This is a wake-up call for organizations," said Allen Blount, a cybersecurity expert at Risk Strategies.
• There's an "assumption" that third-party vendors will jump in with a quick fix if something goes wrong, or that the vendor will assume the liability risk, he said. "That is incorrect."
• Cyber experts aren't exactly advocating for just going back to fax machines, which still play a large role in U.S. health care. Still, they said there's an argument for keeping the low-tech backups around, as long as there's proper planning.
• For instance, "Where is all the paper?" said Pollard, the Forrester analyst. "Where is all that stored and how quickly can you get it out to your organization?"

Threat level: Some health care organizations may face a cash crunch if Change Healthcare isn't back at full speed soon, said Toby Gouker of privacy and security firm First Health Advisory.

• "Hospitals aren't able to get paid for their prescriptions, nor are pharmacies or anybody else," Gouker said. "At the end of the day, you do need resources to stay open and stay in operation. And if you run out of cash, then what do you do?"