Cybersecurity specialists faulted UHG for failure to deploy multifactor authentication MFA — a primary enterprise security entry management — throughout Change Healthcare’s servers. UHG acquired Change Healthcare in October 2022.
Letter blames inexperienced security management
Steven Martin, UHG’s chief data security officer, was appointed in June 2023. “He had not labored in a full-time cybersecurity position earlier than he was elevated to the highest cybersecurity place at UHG,” based on Wyden.
“Though Mr. Martin has a long time of expertise in expertise jobs, cybersecurity is a specialised discipline, requiring particular experience,” Wyden stated.
