This Week Health
Alex's Lemonade Stand This Week Health
SUBSCRIBE NOW to receive top 7 stories daily to your inbox
<--  All Stories

Change Healthcare hacked using stolen Citrix account with no MFA

May 1, 2024
Contributed by: Drex DeFord
UnitedHealth has disclosed that its subsidiary, Change Healthcare, was victim to a BlackCat ransomware attack after attackers used stolen credentials to access the company's Citrix remote access service, which lacked multi-factor authentication. The breach, occurring in late February 2024, led to significant operational disruptions, affecting vital services such as payment processing and insurance claims, with financial damages estimated at $872 million. UnitedHealth later admitted to paying a ransom in an effort to protect compromised data, despite the details of the attack not being fully disclosed. The organization has undertaken extensive remediation efforts, including system upgrades and network rebuilds, aimed at restoring affected services and enhancing security measures. Additionally, an update mentions that stolen Change Healthcare employee Citrix credentials were detected on February 8 by Hudson Rock's threat intelligence platform, though it's unclear if these credentials were directly linked to the ransomware attack.
Transform Healthcare - One Connection at a Time

© Copyright 2024 Health Lyrics All rights reserved