18.8 C
Sunday, May 26, 2024

UnitedHealth CEO Andrew Witty admits he paid $22 million ransom to hackers

Must read

- Advertisement -

Medical insurance supplier UnitedHealth paid a multimillion-dollar ransom to hackers who broke into one of its subsidiaries, disrupting healthcare suppliers throughout the nation for months, CEO Andrew Witty confirmed on Wednesday. 

In a listening to earlier than the Senate Committee on Finance, Witty mentioned the choice to pay the $22 million ransom was totally his. “This was one of many hardest choices I’ve ever needed to make,” he mentioned. UnitedHealth admitted last month that it had paid a ransom to the hackers who breached the Change Healthcare system — which is owned by UnitedHealth — however didn’t disclose the sum. In March, the corporate attributed the breach to BlackCat, the identical entity accountable for the MGM on line casino hack in Las Vegas. That very same month, Wired reported that BlackCat, which additionally goes by ALPHV, obtained a $22 million transaction on Bitcoin on March 1st.

BlackCat beforehand claimed it netted greater than six terabytes of information as a part of the hack, which it carried out in February of this yr. The ransomware gang mentioned the information included “delicate” medical information, according to CBS News.

“Criminals used compromised credentials to remotely entry Change Healthcare Citrix portal, an utility used to allow distant entry to desktops,” Witty mentioned throughout his testimony, including that the portal “didn’t have multifactor authentication.” 

“This hack may’ve been stopped with cybersecurity 101,” mentioned Sen. Ron Wyden (D-OR), the chair of the committee. After Witty confirmed United would require multifactor authentication companywide going ahead, Wyden mentioned it “shouldn’t have taken the worst cyberattack ever within the healthcare sector for an settlement to do that naked minimal.”

- Advertisement -

The results of the hack had been far-reaching. After the breach was found, United shut down the Change Healthcare system for per week, which prevented hospitals, clinics, and pharmacies throughout the nation from getting paid. Throughout the listening to, Witty mentioned the system is now “broadly again to regular.” However some senators instructed Witty that hospitals and different healthcare suppliers are nonetheless ready on funds. Wyden (D-OR) instructed Witty that some suppliers who filed claims in February had been instructed they’d have to attend till June to receives a commission.

UnitedHealth manages greater than one-third of all affected person information within the US and oversees 1 in 10 docs throughout the nation, in accordance with a letter the American Hospital Affiliation despatched to the Division of Well being and Human Providers in March. In his opening remarks, Wyden known as United a “healthcare leviathan” and described the hack as a “dire warning concerning the penalties of too-big-to-fail mega-corporations.”

Source link

More articles

- Advertisement -

Latest article