The cyberattack on Change Healthcare earlier this year, which caused widespread disruptions in health care systems, was traced back to a server lacking basic security measures, specifically multifactor authentication. During a U.S. Senate hearing, UnitedHealth CEO revealed that the hackers gained access to the server, leading to the ransomware attack that affected the company's operations.
Senate Finance Committee members expressed concern over the lack of cybersecurity measures, with Senator Ron Wyden emphasizing that the attack could have been prevented with basic cybersecurity practices.
Multifactor authentication, a standard security feature for protecting sensitive data, adds an extra layer of security by requiring users to enter an auto-generated code in addition to their password. Change Healthcare, a provider of technology for processing insurance claims, fell victim to the attack in February, causing disruptions in payment and claims processing nationwide.
UnitedHealth responded by disconnecting affected systems to contain the damage and paid a $22 million ransom. The company is currently in the process of rebuilding its platform to ensure the security of its systems.
Despite the challenges faced, UnitedHealth has confirmed that all core systems, including claims payment and pharmacy processing, are now fully operational. The company is also offering free credit monitoring and identity theft protection for two years to those affected by the breach.
The Office for Civil Rights is investigating whether protected health information was compromised and if Change Healthcare adhered to patient privacy laws. While personal information of a significant portion of the population may have been exposed, the company has not detected any release of full medical histories or doctor charts.
Cybersecurity experts note a rise in ransomware attacks, particularly in the health care sector. UnitedHealth CEO acknowledged the ongoing threat of cyberattacks and expressed frustration over the lack of multifactor authentication on the compromised server.
As investigations continue and efforts to enhance cybersecurity measures progress, UnitedHealth remains committed to safeguarding its systems and ensuring the privacy of patient information.