UnitedHealth hackers used stolen login credentials to break in, according to the CEO

UnitedHealth hackers used stolen login credentials to break in, according to the CEO
UnitedHealth hackers used stolen login credentials to break in, according to the CEO

Hackers infiltrated UnitedHealth’s IT section, gaining remote access to its network using stolen login credentials, according to the largest US health insurer, which will speak before a House subcommittee this week.

Hackers hacked UnitedHealth’s (UNH.N.) new tab IT unit on February 12 by using stolen login credentials to gain remote access to its network, according to the largest US health insurer, which will appear before a House panel this week.

UnitedHealth CEO Andrew Witty’s hearing before the House Energy and Commerce Committee will come after weeks of disruption in American healthcare due to the insurer’s Change Healthcare unit being hacked.

Witty will tell the House panel that on the morning of Feb. 21, the cybercriminal gang AlphV, also known as BlackCat, locked up Change Healthcare’s computers and demanded a ransom to open them, according to a copy of his written testimony uploaded to the panel’s website on Monday.

“Not knowing the entry point of the attack at the time, we immediately severed connectivity with Change’s data centers to eliminate the potential for further infection,” according to the statement.

According to the evidence, the hackers exploited compromised login credentials to gain remote access to a Change Healthcare Citrix portal that lacked multifactor authentication. Citrix Systems, a private technology business, provides a portal that permits remote access to an organization’s PCs.

Multi-factor authentication is a frequently used layer of security that stops hackers from using stolen passwords to gain access to networks. It is unknown why the Change Healthcare portal lacked this security feature, and a UnitedHealth spokeswoman did not reply to concerns about it.

The panel’s oversight and investigations subcommittee will hold a hearing to discuss the impact of the hack on patients and providers.

UnitedHealth has been collaborating with the FBI and leading cybersecurity firms to investigate the attack. According to the evidence, security professionals from Google, Microsoft (MSFT.O), Cisco (CSCO.O), and Amazon (AMZN.O) collaborated with Mandiant and Palo Alto Networks (PANW.O) teams to safeguard Change Healthcare’s systems following the intrusion.

Last week, Witty stated that the company had paid the hackers a ransom to ensure the decryption of Change Healthcare’s systems, although the amount of the payment is unknown.

The corporation has been scrambling to limit the disruption to healthcare payment processes across the country. Change processes account for half of all medical claims in the United States.

According to Witty’s testimony, as of April 26, UnitedHealth Group had offered thousands of healthcare providers more than $6.5 billion in accelerated payments and no-interest, no-fee loans.

Also readPublic transit apps prioritize cybersecurity measures to protect their digital systems and safeguard passenger data, says Narayan Mishra Co-founder & CTO at Tummoc – a public transit app

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.

CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.