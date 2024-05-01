



Hackers broke into the computer systems of a UnitedHealth Group subsidiary and released ransomware after stealing someone's password, CEO Andrew Whitty testified Wednesday on Capitol Hill. . Cybercriminals entered through portals that did not have multi-factor authentication (MFA) enabled. Whitty told lawmakers during an hour-long Congressional hearing that he did not yet know how many patients and health care workers were affected by the February cyberattack on Change Healthcare. The hearing focused on how the hackers gained access to Change Healthcare, a separate unit of UnitedHealth that the company acquired in October 2022. Members of the House Energy and Commerce Committee asked Whitty why the nation's largest health insurance company did not have basic information. He takes cybersecurity safeguards before an attack. “Change Healthcare is a relatively old company and was using older technology, but since the acquisition they have been working on upgrading their technology,” Witty said. “But for some reason, and we continue to investigate, this particular server did not have his MFA.” Multi-factor authentication adds a second layer of security to password-protected accounts by having users enter an automatically generated code sent to their phone or email. Safeguards, a common app feature, are used to protect customer accounts from hackers who obtain or guess passwords. Witty said all Change Healthcare logins have multi-factor authentication enabled. The cyberattack came from a Russian base. Ransomware Gang ALPHV or BlackCat.the group itself alleged liability The attack claims to have stolen more than 6 terabytes of data, including “sensitive” medical records. The attack disrupted payment and claims processing across the country, disrupting claims and receiving payments and straining clinics and health systems. Witty admitted Wednesday that UnitedHealth paid Black Cat a $22 million ransom in the form of Bitcoin, a decision he made solely on his own, according to testimony prepared before the hearing. It is. Despite the ransom payment, lawmakers said Wednesday that some sensitive records from patients are still being posted on the dark web by hackers. Paying the ransom was “one of the hardest decisions I've ever had to make, and I wouldn't wish that on anyone,” Whitty said. Scale of attack — Change Healthcare processes 15 billion transactions annually. according to The filing with the American Hospital Association meant patients who are not UnitedHealth customers could also be affected. The company announced earlier this month that personal information potentially covering “a significant portion of the population of the United States” may have been exfiltrated in the attack. the violation has already been committed UnitedHealth Group costs approximately $900 millionsaid company officials last week when they reported first-quarter earnings, which do not include ransom payments. ransomware attack Disable the target computer system, is becoming increasingly common in the healthcare industry.Annual number of ransomware attacks against hospitals and other healthcare providers doubled from 2016 to 2021, according to a 2022 study published in JAMA Health Forum. More from CBS News Christopher J. Brooks Christopher J. Brooks is a reporter for CBS MoneyWatch. He previously worked as a reporter for the Omaha World-Herald, Newsday, and the Florida Times-Union. His reporting primarily focuses on the U.S. housing market, sports business, and bankruptcies.

