UnitedHealth, the largest U.S. health insurer, experienced a breach in its technology unit on Feb. 12, which was caused by hackers gaining access through stolen login credentials. The CEO, Andrew Witty, will be testifying before a House panel about the incident. The breach involved the insurer’s Change Healthcare unit, which was targeted by cybercriminal gang AlphV, also known as BlackCat, who demanded a ransom to unlock the systems they had locked on February 21.
Witty’s written testimony revealed that the hackers used compromised login credentials to remotely access a Change Healthcare Citrix portal that lacked multi-factor authentication. Multi-factor authentication is a vital security layer that can prevent hackers from gaining access using stolen passwords. It is unclear why the portal did not have this additional security measure in place, and neither UnitedHealth nor Citrix provided clarification on this matter.
The oversight and investigations subcommittee’s hearing will focus on the impact of the cyberattack on patients and healthcare providers. UnitedHealth has been collaborating with the FBI and various cybersecurity companies like Google, Microsoft, Cisco, and Amazon to investigate and protect Change Healthcare’s systems following the breach. Last week, Witty mentioned that the company paid the hackers a ransom to decrypt Change Healthcare’s systems, but the exact payment amount remains unknown.
The breach has had a significant impact on healthcare payment processing across the country, as Change Healthcare processes 50% of all medical claims in the United States. UnitedHealth Group has taken steps to support healthcare providers affected by providing over $6.5 billion in accelerated payments and interest-free, fee-free loans as of April 26.
The incident highlights the importance of robust cybersecurity measures and the potential consequences of failing to implement necessary security protocols. UnitedHealth’s experience serves as a cautionary tale for other organizations, emphasizing the need for enhanced cybersecurity practices to protect sensitive data and prevent future breaches.
In conclusion, the breach at UnitedHealth’s technology unit serves as a wake-up call for the healthcare industry, underscoring the ongoing threat of cyberattacks and the critical importance of prioritizing cybersecurity to safeguard sensitive information and ensure the continuity of essential services. As technology advances, the risk of cyber threats grows, making it imperative for organizations to stay vigilant and proactive in defending against potential security breaches.
Article Source
https://finance.yahoo.com/news/unitedhealth-hackers-took-advantage-citrix-210122715.html
%20(1).webp?ssl=1 "Proof-of-Concept for CitrixBleed2 Leak Released — 127 Bytes of Data Exfiltration Possible Per Request")