Healthcare Innovation May 2, 2024
Pietje Kobus

Stolen credentials used to remotely access a UnitedHealth’s portal that didn’t have multi-factor protection, CEO testifies.

UnitedHealth Group’s CEO, Andrew Witty, testified on Wednesday, May 1, before the House Energy and Commerce Committee on the Change Healthcare cyberattack. In his opening statement, Witty told the committee that criminals used compromised credentials to remotely access a Change Healthcare Citrix portal, which enables remote access to desktops. Witty admitted that this portal did not have multi-factor authentication (MFA).

Witty said it will likely take several months to identify all impacted individuals. UnitedHealth, along with experts, is continuously monitoring the dark web to see if data has been leaked.

“This was one of the hardest decisions I’ve ever had to make,” Witty confided...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Congress / White House, Cybersecurity, Govt Agencies, Health IT, Insurance, Payer, Provider, Technology
Related Articles:
WEDI asks HHS to ensure info exchange capabilities after cyberattacks
Prior authorization a ‘major contributor’ to radiologists’ mounting administrative burdens, ACR tells Congress
Kansas Medicaid selects UnitedHealth, Blue Cross and Centene
UnitedHealth hits $1B affordable housing investment milestone
UnitedHealth 'really comfortable' with Medicare Advantage as competitors sweat

Share This Article