This Week Health
Alex's Lemonade Stand This Week Health
<- Back to Insights
May 8, 2024

Change Healthcare lacked safeguards even as it gave security advice

Roll Call
|
Contributed by: Drex DeFord
Summary
UnitedHealth Group Inc.'s acquisition of Change Healthcare Inc. has been marred by a significant cybersecurity breach that occurred due to a lack of multi-factor authentication on one of Change's web portals, contradicting the cybersecurity measures the company publicly advocated. Despite UnitedHealth's company-wide requirement for such protections, this oversight allowed hackers from the BlackCat/ALPHV group to infiltrate Change Healthcare's systems in February, leading to the exfiltration of data and a subsequent ransomware attack that disrupted the payment processes to healthcare providers. UnitedHealth CEO Andrew Witty disclosed to the Senate Finance Committee the payment of $22 million in ransom to restore services, amidst criticism that basic cybersecurity practices could have prevented the breach. The incident has highlighted the challenges of enforcing cybersecurity discipline within large organizations and has drawn attention to the need for improved security standards across the health care industry.

Explore Related Topics

Subscribe Now to Receive Seven Top Stories Daily to Your Inbox

Subscribe News
Healthcare Transformation Powered by Community

© Copyright 2024 Health Lyrics All rights reserved