Current:Home > reviewsUnitedHealth data breach caused by lack of multifactor authentication, CEO says -ProfitClass
UnitedHealth data breach caused by lack of multifactor authentication, CEO says
View
Date:2025-04-15 10:14:32
Hackers breached the computer system of a UnitedHealth Group subsidiary and released ransomware after stealing someone's password, CEO Andrew Witty testified Wednesday on Capitol Hill. The cybercriminals entered through a portal that didn't have multifactor authentification (MFA) enabled.
During an hourslong congressional hearing, Witty told lawmakers that the company has not yet determined how many patients and health care professionals were impacted by the cyberattack on Change Healthcare in February. The hearing focused on how hackers were able to gain access to Change Healthcare, a separate division of UnitedHealth that the company acquired in October 2022. Members of the House Energy and Commerce Committee asked Witty why the nation's largest health care insurer did not have the basic cybersecurity safeguard in place before the attack.
"Change Healthcare was a relatively older company with older technologies, which we had been working to upgrade since the acquisition," Witty said. "But for some reason, which we continue to investigate, this particular server did not have MFA on it."
Multifactor authentication adds a second layer of security to password-protected accounts by having users enter an auto-generated code sent to their phone or email. A common feature on apps, the safeguard is used to protect customer accounts against hackers who obtain or guess passwords. Witty said all logins for Change Healthcare now have multifactor authentication enabled.
The cyberattack came from Russia-based ransomware gang ALPHV or BlackCat. The group itself claimed responsibility for the attack, alleging it stole more than six terabytes of data, including "sensitive" medical records. The attack triggered a disruption of payment and claims processing around the country, stressing doctor's offices and health care systems by interfering with their ability to file claims and get paid.
Witty confirmed Wednesday that UnitedHealth paid a $22 million ransom in the form of bitcoin to BlackCat, a decision he made on his own, according to prepared testimony before the hearing. Despite the ransom payment, lawmakers said Wednesday that some of the sensitive records from patients have still been posted by hackers on the dark web.
The ransom payment "was one of the hardest decisions I've ever had to make and I wouldn't wish it on anyone," Witty said.
The scale of the attack — Change Healthcare processes 15 billion transactions a year, according to the American Hospital Association — meant that even patients who weren't customers of UnitedHealth were potentially affected. The company said earlier this month that personal information that could cover a "substantial portion of people in America" may have been taken in the attack.
The breach has already cost UnitedHealth Group nearly $900 million, company officials said in reporting first-quarter earnings last week, not including ransom paid.
Ransomware attacks, which involve disabling a target's computer systems, have become increasingly common within the health care industry. The annual number of ransomware attacks against hospitals and other health care providers doubled from 2016 to 2021, according to a 2022 study published in JAMA Health Forum.
Khristopher J. BrooksKhristopher J. Brooks is a reporter for CBS MoneyWatch. He previously worked as a reporter for the Omaha World-Herald, Newsday and the Florida Times-Union. His reporting primarily focuses on the U.S. housing market, the business of sports and bankruptcy.
TwitterveryGood! (55)
Related
- Hidden Home Gems From Kohl's That Will Give Your Space a Stylish Refresh for Less
- Boating this summer? It's important to take precautions—bring these safety items
- Lucas Glover overcomes yips to win 2023 Wyndham Championship on PGA Tour
- A simpler FAFSA is coming for the 2024-25 school year. Here's what to expect.
- Skins Game to make return to Thanksgiving week with a modern look
- He was on a hammock, camping in southeast Colorado. Then, authorities say, a bear bit him.
- Woman found dead on Phoenix-area hike, authorities say it may be heat related
- 3 dead, dozens injured as tour bus carrying about 50 people crashes on Pennsylvania highway
- Clay Aiken's son Parker, 15, makes his TV debut, looks like his father's twin
- Turn Your Home Into a Barbie Dream House With These 31 Finds Under $60
Ranking
- Elon Musk's skyrocketing net worth: He's the first person with over $400 billion
- U.S. eliminated from Women's World Cup in heartbreaking loss to Sweden
- Kate Spade 24-Hour Flash Deal: Get This $260 Crossbody Bag for Just $59
- Grappling with new law, fearful Florida teachers tossing books, resellers say
- Elon Musk's skyrocketing net worth: He's the first person with over $400 billion
- First-time homebuyers need to earn more to afford a home except in these 3 metros
- Pence disputes Trump legal team's claims, and says Trump asked him what he thought they should do after 2020 election
- Elon Musk says he may need surgery before proposed ‘cage match’ with Mark Zuckerberg
Recommendation
Off the Grid: Sally breaks down USA TODAY's daily crossword puzzle, Hi Hi!
Trump lawyer says Pence will be defense's best witness in 2020 election case as former VP disputes claims
WWE SummerSlam takeaways: Tribal Combat has odd twist, Iyo Sky and Damage CTRL on top
The Mega Millions jackpot has soared to $1.55 billion. Here’s how hard it is to win
Sarah J. Maas books explained: How to read 'ACOTAR,' 'Throne of Glass' in order.
Cambodia’s king appoints army chief Hun Manet as successor to his father, long-ruling Hun Sen
Fort Lauderdale airport temporarily evacuated over security investigation
Is it better to take Social Security at 62 or 67? Why it's worth waiting if you can.