US Senate hearing: UnitedHealth's CEO says the company paid a $22M ransom to the hackers who accessed a Change Healthcare server that wasn't protected by MFA
delayed payment, staff OT to deal with claims processing - despite United's current assistance. Ed Markey / @senmarkey : As American health care prices skyrocket, UnitedHealth's CEO makes millions despite an antitrust investigation by DOJ and system-disrupting cyberattack. Now, they want to buy Steward's physician group. We need guaranteed protections for patients & providers—not corporate greed. Michael McAuliff / @mmcauliff : UnitedHealth's CEO took a low-key beating today from senators, who were not impreses that Change Healthcare got hacked because it didn't do 2-factor authentication https://www.modernhealthcare.com/ ... via @modrnhealthcr Brittany Trang / @brittanytrang : Senators were not happy with UnitedHealth CEO Andrew Witty at today's Senate hearing. “'Is the dominant role of United too dominant?' Because it's into everything, and messing up United messes up everybody.” He faces the House next this afternoon. https://www.statnews.com/... CathyMcMorrisRodgers / @cathymcmorris : UnitedHealth failed to protect the American people's sensitive health information. At today's @HouseCommerce oversight hearing with the UnitedHealth CEO, we expect to get a comprehensive update on what happened, why it happened, and what they're doing to fix this problem. [video] Andy Greenberg / @a_greenberg : Change Healthcare hadn't confirmed the size of its ransom payment, but the CEO of its parent company UnitedHealth just told a senate hearing it was $22 million. That's the number we reported back in March. The blockchain doesn't lie. Updated this story: https://www.wired.com/...
The @UnitedHealthGrp cyber attack is the poster child for why it's so important for massive corporations to abide by bare minimum cybersecurity standards. I'll be pushing Congress and federal agencies to implement *and enforce* new cybersecurity requirements to protect patients.
Witty: “Cyber criminals entered a Change Healthcare portal, exfiltrated data, and on February the 21st deployed ransomware. The portal they accessed was not protected by multi-factor authentication.”
Wyden: Will you commit to requiring MFA company-wide within six months? Witty: “Yes, I'm happy to commit to that. In fact, I can confirm to you that, as of today, across the whole of UHG, all of our external-facing systems have got multi-factor authentication enabled.”
Andrew Witty is delivering his opening statement now. “As a result of this malicious cyberattack, patients and providers have experienced disruptions, and people are worried about their private health data To all those impacted, let me be very clear: I'm deeply, deeply sorry.”
UnitedHealth Group CEO Andrew Witty tells the Senate Finance Committee this morning the decision to pay a ransom was his. “This was one of the hardest decisions I've ever had to make and I wouldn't wish it on anyone,” he said.
Great moment in today's Senate hearing on the UnitedHealth Group's recent cyberattack. Senator Thom Tillis takes out the “Cybersecurity for Dummies” book, not sure exactly why... [image]
NEW: UnitedHealth CEO told Senators that the company has now enabled multi-factor authentication on “all of our external facing systems.” The cyberattack against United's subsidiary Change Healthcare was caused by a server that did not have MFA enabled. https://techcrunch.com/...
Senate hearing on UnitedHealth/Change hack has focused on security, such as lack of multifactor authentication. Another key point: providers still are struggling financially —delayed payment, staff OT to deal with claims processing - despite United's current assistance.
As American health care prices skyrocket, UnitedHealth's CEO makes millions despite an antitrust investigation by DOJ and system-disrupting cyberattack. Now, they want to buy Steward's physician group. We need guaranteed protections for patients & providers—not corporate greed.
UnitedHealth's CEO took a low-key beating today from senators, who were not impreses that Change Healthcare got hacked because it didn't do 2-factor authentication https://www.modernhealthcare.com/ ... via @modrnhealthcr
Senators were not happy with UnitedHealth CEO Andrew Witty at today's Senate hearing. “'Is the dominant role of United too dominant?' Because it's into everything, and messing up United messes up everybody.” He faces the House next this afternoon. https://www.statnews.com/...
UnitedHealth failed to protect the American people's sensitive health information. At today's @HouseCommerce oversight hearing with the UnitedHealth CEO, we expect to get a comprehensive update on what happened, why it happened, and what they're doing to fix this problem. [video]
Change Healthcare hadn't confirmed the size of its ransom payment, but the CEO of its parent company UnitedHealth just told a senate hearing it was $22 million. That's the number we reported back in March. The blockchain doesn't lie. Updated this story: https://www.wired.com/...