UnitedHealth Group chief government officer Andrew Witty informed senators on Wednesday that the corporate has now enabled multi-factor authentication on all the corporate’s programs uncovered to the web in response to the current cyberattack towards its subsidiary Change Healthcare.
The dearth of multi-factor authentication was on the heart of the ransomware assault that hit Change Healthcare earlier this 12 months, which impacted pharmacies, hospitals, and physician’s places of work throughout america. Multi-factor authentication, or MFA, is a fundamental cybersecurity mechanism that stops hackers from breaking into accounts or programs with a stolen password by requiring a second code to log in.
In a written assertion submitted on Tuesday forward of two Congress hearings, Witty revealed that hackers used a set of stolen credentials to entry a Change Healthcare server, which he stated was not protected by multi-factor authentication. After breaking into that server, the hackers have been then in a position to transfer into different firm’s programs to exfiltrate knowledge, and later encrypt it with ransomware, Witty stated within the assertion.
Right now, through the first of these two hearings, Witty confronted questions concerning the cyberattack from senators on the Finance Committee. In response to questions by Sen. Ron Wyden, Witty stated that “as of in the present day, throughout the entire of UHG, all of our exterior going through programs have gotten multifactor authentication enabled.”
“We’ve got an enforced coverage throughout the group to have multi issue authentication on all of our exterior programs, which is in place,” Witty stated.
When requested to verify Witty’s assertion, UnitedHealth Group’s spokesperson Anthony Marusic informed information.killnetswitch that Witty “was very clear along with his assertion.”
Witty blamed the truth that Change Healthcare’s programs had not but been upgraded after UnitedHealth Group acquired the corporate in 2022.
“We have been within the technique of upgrading the know-how that we had acquired. However inside there, there was a server, which I’m extremely pissed off to inform you, was not protected by MFA,” Witty stated. “That was the server by means of which the cybercriminals have been in a position to get into Change. After which they led off a ransomware assault, if you’ll, which encrypted and froze massive components of the system.”
Witty additionally stated that the corporate remains to be engaged on understanding precisely why that server didn’t have multi-factor authentication enabled.
UnitedHealth has but to inform folks that have been impacted by the cyberattack, Witty stated through the listening to, arguing that the corporate nonetheless wants to find out the extent of the hack and the stolen data. As of now, the corporate has solely stated that hackers stole private and well being data knowledge of “a considerable proportion of individuals in America.”
Final month, UnitedHealth stated that it paid $22 million to the hackers who broke into the corporate’s programs. Witty confirmed that cost through the Senate listening to.
