Change Healthcare went without cyber insurance before debilitating ransomware attack
In response to the attack, Change Healthcare technology infrastructure has been rebuilt from the ground up. Change Healthcare’s data center network and core services have been rebuilt with added server capacity and greater reliance on the cloud.
Questions about insurance reimbursements and the extent of the breach, which also exposed the personal information and medical data of an estimated one-in-three US citizens, were the focus of two hearings featuring Witty last Wednesday, before the House Finance and House Energy and Commerce Committees.
Vulnerable portal lacked MFA
During the hearings, Witty explained how cybercriminals used compromised credentials to remotely access a Change Healthcare Citrix portal, an application used to enable remote access to desktops, on Feb. 12, nine days before the ransomware attack.
“The portal did not have multi-factor authentication,” Witty admitted.
Having gained access into Change Healthcare’s systems, the cybercriminals moved laterally within its systems to expand the scope of the breach before exfiltrating data.
UnitedHealth Group completed its acquisition of Change Healthcare in October 2022. The health conglomerate inherited an ageing technology infrastructure with points of weakness that, with the benefit of hindsight are now all too obvious.
Source link
lol
In response to the attack, Change Healthcare technology infrastructure has been rebuilt from the ground up. Change Healthcare’s data center network and core services have been rebuilt with added server capacity and greater reliance on the cloud. Questions about insurance reimbursements and the extent of the breach, which also exposed the personal information and medical…