The CEO of UnitedHealth claims that hackers broke in by using a Citrix vulnerability

UnitedHealth hackers used stolen login credentials to break in, according to the CEO
UnitedHealth hackers used stolen login credentials to break in, according to the CEO

Hackers exploited a security hole in software created by commercial IT vendor Citrix to enter UnitedHealth’s IT department by allowing staff members to view their desktop computers from a distance.

The largest U.S. health insurer, UnitedHealth (UNH.N.), will testify before a House panel this week. On February 12, hackers gained access to the firm’s new tab tech section by taking advantage of a security flaw in software developed by private IT vendor Citrix, which let employees view their desktop computers remotely.

Wednesday’s appearance by UnitedHealth CEO Andrew Witty before the House Energy and Commerce Committee comes after the insurer’s Change Healthcare arm was hacked, which caused weeks of disruption to the American healthcare system.

According to a copy of Witty’s written testimony that was uploaded to the House panel’s website on Monday, the cybercriminal gang AlphV, also known as BlackCat, locked up Change Healthcare’s computers early on February 21 and demanded a ransom to unlock them. Witty will testify to the House panel about this.

“Not knowing the entry point of the attack at the time, we immediately severed connectivity with Change’s data centers to eliminate the potential for further infection,” according to the testimony.

According to the evidence, the hackers remotely accessed a Change Healthcare Citrix portal without multi-factor authentication by using compromised login credentials.

An inquiry for comments was not immediately answered by a Citrix representative. Although it’s unclear which exact Citrix security fault was employed by AlphV, U.S. officials warned repeatedly late last year about security holes in Citrix technologies, some of which were being used to compromise healthcare organizations.

The impact of the hack on patients and clinicians will be the main topic of discussion during the panel’s subcommittee on oversight and investigations meeting.

In order to investigate the intrusion, UnitedHealth has been collaborating with the FBI and well-known cybersecurity companies. Experts in security from Google, Microsoft (MSFT.O), Cisco (CSCO.O), Amazon (AMZN.O), and Cisco (CSCO.O) open a new tab. opened a new tab to secure Change Healthcare’s systems following the hack, in collaboration with teams from Mandiant and Palo Alto Networks (PANW.O.), according to the evidence.

Witty stated last week that, while the amount of the payment is unknown, the business had paid the hackers a ransom to guarantee the decryption of Change Healthcare’s systems.

The business has been working frantically to limit its impact on the nation’s healthcare payment processes. In the US, 50% of all medical claims are processed through change.

Also readNurturing Responsible Online Behavior in Students by Building a Culture of Digital Citizenship

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.

CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.