UnitedHealth Group Rebuilds After Devastating Ransomware Attack
Cyberscoop
|
Contributed by: Drex DeFord
Summary
UnitedHealth Group's recovery from a significant ransomware attack on its Change Healthcare subsidiary is ongoing, requiring a complete overhaul of its computer systems, according to Chief Information Security Officer Steven Martin. Speaking at the Mandiant Worldwide Information Security Exchange, Martin revealed that only the cables were retained from the previous infrastructure, as the company replaced all routers, switches, and computing systems to enhance security. The attack, linked to the ALPHV group and occurring in February, resulted in profound disruptions for healthcare providers and ransom payments estimated at $22 million. After months of intensive effort and collaboration with Mandiant's incident response team, the restoration process is nearing completion, with Martin describing the recovery as a long-term commitment akin to running a marathon.
