Topics
Latest
AI
Amazon
Image Credits:Patrick Sison / AP
Apps
Biotech & Health
clime
Image Credits:Patrick Sison / AP
Cloud Computing
Commerce
Crypto
endeavor
EVs
Fintech
fund-raise
gismo
Gaming
Government & Policy
Hardware
layoff
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
Social
Space
Startups
TikTok
Transportation
Venture
More from TechCrunch
case
Startup Battlefield
StrictlyVC
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
meet Us
The ransomware gang that whoop into U.S. health tech giant Change Healthcare used a set of steal credentials to remotely get at the company ’s systems that were n’t protected by multifactor authentication ( MFA ) , according to the principal executive director of its parent party , UnitedHealth Group ( UHG ) .
UnitedHealth CEO Andrew Wittyprovided the written testimonyahead of a House subcommittee get word on Wednesday into the February ransomware approach that caused months of disruption across the U.S. health care system .
This is the first clip the wellness insurance colossus has given an assessment of how hacker broke into Change Healthcare ’s systems , during which massive amounts of wellness data were exfiltrated from its organisation . UnitedHealth aver last week that the hackersstole health data on a “ square proportion of people in America . ”
Change Healthcare processes health insurance and billing claim for around half of all U.S. occupier .
According to Witty ’s testimonial , the criminal hackers “ used compromised credentials to remotely access a Change Healthcare Citrix portal . ” Organizations like Change practice Citrix software to let employees get at their work computers remotely on their internal electronic connection .
Witty did not elaborate on how the certification were stolen . The Wall Street Journalfirst reported the hacker ’s use of compromised credentialslast week .
However , Witty did say the portal “ did not have multifactor authentication , ” which is a basic security measures feature that prevents the abuse of slip passwords by requiring a second computer code sent to an employee ’s sure gimmick , such as their sound . It ’s not be intimate why Change did not put up multifactor authentication on this system , but this will likely become a focus for investigators trying to understand potential deficiencies in the insurer ’s system .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
“ Once the menace actor bring in access , they moved laterally within the organization in more advanced ways and exfiltrated data , ” said Witty .
Witty saidthe cyberpunk deploy ransomware nine days afterwards on February 21 , instigate the wellness giant toshut down its networkto check the breach .
UnitedHealth confirmed last week that the company paid a ransom to the hackers who claimed obligation for the cyberattack and the subsequent theft of terabytes of steal data . The hackers , know as RansomHub , are the second crowd to lay title to the data stealing after post a part of the steal data to the dark web and involve a ransom money to not sell the information .
UnitedHealth earlier this month say the ransomware attack cost it more than $ 870 million in the first poop , in which the company made close to $ 100 billion in tax income .
UnitedHealth says Change hacker steal wellness data on ‘ substantial proportionality of people in America ’
