UnitedHealth, the largest U.S. health insurer, recently disclosed that hackers breached its technology unit on February 12 using stolen login credentials. This incident resulted in a cyberattack on its Change Healthcare unit, causing significant disruption in American healthcare. The CEO of UnitedHealth, Andrew Witty, is set to testify before a House panel regarding the breach.
According to Witty’s written testimony, the cybercriminal group AlphV (also known as BlackCat) gained remote access to Change Healthcare’s network and demanded a ransom on February 21. The hackers exploited compromised login credentials to access a Citrix portal without multi-factor authentication, which is a crucial security measure to prevent unauthorized access. It is unclear why the portal lacked this security feature, and both UnitedHealth and Citrix have not provided further details on this issue.
In response to the breach, UnitedHealth immediately severed connectivity to Change Healthcare’s data centers and engaged with cybersecurity experts from Google, Microsoft, Cisco, Amazon, Mandiant, and Palo Alto Networks to investigate and protect its systems. The company ultimately decided to pay the hackers a ransom to decrypt Change Healthcare’s systems, although the exact amount of the payment remains undisclosed.
The impact of the cyberattack on patients and healthcare providers will be the focus of the upcoming hearing before the House panel’s oversight and investigations subcommittee. UnitedHealth has taken steps to alleviate the financial burden on healthcare providers by providing over $6.5 billion in accelerated payments and interest-free loans as of April 26.
The incident sheds light on the importance of implementing robust security measures, such as multi-factor authentication, to safeguard sensitive data and prevent unauthorized access. The healthcare sector, in particular, is vulnerable to cyberattacks due to the vast amount of personal and financial information it holds. As such, companies must remain vigilant and proactive in enhancing their cybersecurity defenses to mitigate the risk of future breaches.
Article Source
https://ca.news.yahoo.com/unitedhealth-hackers-took-advantage-citrix-210122402.html