The Breach Report: February 25, 2024

AT&T, Cricket, Verizon Wireless SOS; UnitedHealth Cyberattack Disrupts Pharmacies

Welcome to the latest issue of The Breach Report, a cybersecurity newsletter from the creators of the Cybersecurity Careers Blog. Be sure to subscribe via email or RSS.

AT&T, Verizon, and T-Mobile suffer widespread outages and SOS status

Cell provider AT&T reported that a “software glitch” – not a cyberattack – was responsible for widespread network outages across the United States on Thursday, February 22

Cell provider AT&T reported that a “software glitch” – not a cyberattack – was responsible for widespread network outages across the United States on Thursday, February 22. (image credit: Getty)

As I attended the Chief Digital and Artificial Intelligence Office (CDAO) Advantage Conference 2024 in Washington, D.C., last week, a strange thing happened.

Thursday, I kept losing cell signals on my personal and work smartphones – which are on different carriers. The signal strength frequently fluctuated even when I was stationary and would bounce between 4G, 5G, or SOS, indicating you can only call or text emergency services through the cellular network.

I brushed it off as just another atmosphere interference or the building itself blocking cell signal.

Later that day, I learned that there were widespread outages across AT&T, Verizon, and T-Mobile, affecting millions of Americans just like me. My next immediate thought, admittedly, was, “Is this a cyberattack?” and next, “If it is, man, this is eerily similar to the Netflix movie Leave the World Behind.”

I got in my car, which is a Tesla Model 3, and noticed it had lost its cell signal, too. I hoped this was the extent of odd behavior from my Model 3, with no more similarities to Leave the World Behind.

Well, panic no more. According to AT&T, the widespread outage, at least for their cell services, was not due to a cyberattack but instead a “software glitch.”

“Based on our initial review, we believe that today’s outage was caused by the application and execution of an incorrect process used as we were expanding our network, not a cyber attack,” an AT&T official confirmed.

A Department of Defense official confirmed to Fox News that there was “no indication that the outage was due to a cyberattack.” The Federal Communications Commission also confirmed via X that it was aware of the outages and is communicating with various providers.

Verizon stated that the outage of its users was when they were trying to contact AT&T users affected by the AT&T outage. However, I can confirm that my Verizon smartphone repeatedly fluctuated in cell signal strength and displayed “SOS” multiple times, yet I was not trying to call anyone actively.

While this issue has subsided in the following days and has already left the consciousness of most Americans, it, of course, keeps cybersecurity professionals on edge.

Just a few weeks ago, FBI Director Christopher Wray spoke at a House subcommittee on China, warning that the Chinese are “ramping up an extensive hacking operation geared at taking down the United States’ power grid, oil pipelines, and water systems in the event of a conflict over Taiwan.”

A widespread, multiple provider outage for cell service didn’t seem out of reach of the Chinese. But we’ll have to take AT&T’s word for it.

UnitedHealth blames “Nation-State Hackers” for cyberattacks on U.S. pharmacies

UnitedHealth blames “Nation-State Hackers” for Cyberattacks on US Pharmacies

UnitedHealthcare blames an unspecified group of “nation-state hackers” for breaching its internal systems. It has disrupted U.S. pharmacies from fulfilling some prescription requests. (image credit: Getty)

If the cell provider outages weren’t concerning enough, on the same day, many pharmacies across the United States could not fulfill prescription requests after a cyberattack. UnitedHealth and its Change Healthcare and Optum subsidiaries could not process prescriptions once they discovered “a suspected nation-state associated cybersecurity threat actor” had access to Change Healthcare’s systems.

As a precaution, Change Healthcare disconnected its compromised systems from other connected data systems. UnitedHealth confirmed that the cyberattack and “network interruption” only impacted Change Healthcare and that all its other systems remain operational.

UnitedHealth is cooperating with law enforcement agencies and working to mitigate the breach. It is unsure if the outage and cyberattack will affect its financial results.

“It’s a mess, and I believe it’s our Colonial Pipeline moment in healthcare”

Carter Groome, chief executive of First Health Advisory, commented on the extent of the UnitedHealth breach

According to Bloomberg, Change Healthcare operates the country's largest medical electronic data interchange (EDI) clearinghouse. The EDI network is a middleman routing claims between insurance companies, doctors' offices, hospitals, and other healthcare providers seeking payment.

BlueCross BlueShield released a statement providing frustrated customers alternative ways to fill prescriptions. “Some pharmacies cannot confirm insurance coverage, which could delay filling or refilling your medications.”

Individuals trying to fill prescriptions during the outage were forced to pay out of pocket, seek reimbursement later, or potentially wait until the issue was resolved. Affected individuals could also try filling their prescription at another pharmacy, according to BlueCross BlueShield.

As of the date of this posting, the issue does not seem to be fully resolved. Experts fear it could last well past this weekend.

“It’s a mess, and I believe it’s our Colonial Pipeline moment in healthcare,” said Carter Groome, chief executive of healthcare-focused consulting firm First Health Advisory, to The Wall Street Journal.

Cybersecurity Headlines

New from our favorite blogs and journalists:

How did you like this issue of The Breach Report?

Login or Subscribe to participate in polls.

Until next time…

Rob Waters
Founder, The Breach Report + Cybersecurity Careers Blog

Reply

or to participate.