Lawmakers are pressing UnitedHealth Group for transparency after reports of aggressive loan collection efforts tied to a 2024 ransomware-related financial aid program.
Senators Ron Wyden (D-OR) and Elizabeth Warren (D-MA) have formally demanded answers from UnitedHealth Group (UHG) regarding alleged aggressive collection tactics following the Change Healthcare ransomware attack in February 2024. The cyberattack caused widespread disruption across healthcare systems in the U.S., affecting approximately 45% of healthcare transactions at the time.
In response to the financial fallout, UHG's banking subsidiary, Optum Financial, issued over $9 billion in interest-free loans to hospitals and medical practices impacted by the outage. Now, reports indicate that UHG is aggressively seeking repayment, including withholding insurance claim payments and rejecting submissions based on outdated deadlines.
Change Healthcare’s prolonged outage left providers unable to secure payments or authorizations from insurers, forcing many to cover patient care out of pocket. UHG stepped in with temporary, interest-free loans meant to bridge the gap. However, many providers say they are still struggling financially and are being pressured to repay loans they cannot afford.
Several providers have claimed that UHG demanded immediate full repayment, sometimes hundreds of thousands of dollars, within five business days. In some cases, current claims were allegedly withheld until debts were repaid. Others reported that claims were rejected for not meeting submission deadlines during the period when Change Healthcare’s systems were still down.
The senators' letter to UHG executives raised concerns about the structural conflict of interest within the company's vertically integrated operations. They noted that the original breach occurred within UHG's subsidiary (Change Healthcare), loans were issued by another (Optum Financial), and repayment is now being enforced through its insurance division (UnitedHealthcare).
UHG previously informed Senate committees that providers were given a 45-day repayment window and received multiple reminders. If no response was received after this period, repayment demands escalated, potentially including offsets against future claims. UHG also said it would work with providers to create mutually agreeable repayment plans where needed.
The senators’ August 27 letter includes a list of specific questions requesting documentation of the loan distribution, repayment process, written agreements, available redress options, and whether third-party debt collection agencies will be used. Responses are due by September 12, 2025.
Optum Financial is the industrial bank subsidiary of UnitedHealth Group, responsible for managing healthcare financial products such as loans, HSAs, and provider funding programs.
Because UHG owns the payment clearinghouse that was breached (Change Healthcare), the lender (Optum Financial), and the insurer (UnitedHealthcare), critics argue that it concentrates too much power and enables internal conflicts of interest, especially in how recovery and repayment are handled.
Providers have reported being told to repay large loans in full within five days, with threats of withholding current claims payments or rejecting claims from the downtime period.
That depends on the written agreement terms. Senators have asked UHG to submit copies of all written agreements and repayment terms to clarify providers' legal obligations.
It’s not yet clear. One of the questions posed by the senators explicitly asks whether Optum Financial plans to outsource collections to third-party agencies. A response is pending.