In response to the assault, Change Healthcare expertise infrastructure has been rebuilt from the bottom up. Change Healthcare’s knowledge middle community and core companies have been rebuilt with added server capability and better reliance on the cloud.
Questions on insurance coverage reimbursements and the extent of the breach, which additionally uncovered the non-public data and medical knowledge of an estimated one-in-three US residents, had been the main target of two hearings that includes Witty final Wednesday, earlier than the Home Finance and Home Power and Commerce Committees.
Weak portal lacked MFA
Throughout the hearings, Witty defined how cybercriminals used compromised credentials to remotely entry a Change Healthcare Citrix portal, an utility used to allow distant entry to desktops, on Feb. 12, 9 days earlier than the ransomware assault.
“The portal didn’t have multi-factor authentication,” Witty admitted.
Having gained entry into Change Healthcare’s programs, the cybercriminals moved laterally inside its programs to increase the scope of the breach earlier than exfiltrating knowledge.
UnitedHealth Group accomplished its acquisition of Change Healthcare in October 2022. The well being conglomerate inherited an ageing expertise infrastructure with factors of weak point that, with the advantage of hindsight at the moment are all too apparent.
