By Tom Murphy | The Associated Press
The Change Healthcare cyberattack that disrupted health care systems nationwide earlier this year started when hackers entered a server that lacked a basic form of security: multifactor authentication.
UnitedHealth CEO Andrew Witty said Wednesday in a U.S. Senate hearing that his company, which owns Change Healthcare, is still trying to understand why the server did not have the additional protection.
His admission did not sit well with Senate Finance Committee members who spent more than two hours questioning the CEO about the attack and broader health care issues.
“This hack could have been stopped with cybersecurity 101,” Oregon Democratic Sen. Ron Wyden told Witty.
Multifactor authentication adds a second layer of security to password-protected accounts by having users enter an auto-generated code. It’s common on apps protecting sensitive data like bank accounts and meant to guard against hackers guessing passwords.
Change Healthcare provides technology used to submit and process billions of insurance claims a year. Hackers gained access in February and unleashed a ransomware attack that encrypted and froze large parts of the company’s system, Witty said.
The attack triggered a disruption of payment and claims processing around the country, stressing doctor’s offices and health care systems by interfering with their ability to file claims and get paid.
UnitedHealth quickly disconnected the affected systems to limit damage and paid a $22 million ransom, Witty said. The company is still recovering.
“We’ve literally built this platform back from scratch so that we can reassure people that there are not elements of the old attacked environment within the new technology,” Witty said, also noting that he was “deeply, deeply sorry” for the attack.
The CEO also told senators that all of the company’s core systems were now fully functional. That included claims payment and pharmacy processing.
Witty said his company had…
Read the full article here
