UnitedHealth CEO reveals cyberattack origins ahead of Change Healthcare hearings

(This sto­ry is from our new Health Tech newslet­ter. If you’d like to sign up, just click here.) 

Unit­ed­Health Group’s CEO An­drew Wit­ty is set to tes­ti­fy be­fore law­mak­ers on Wednes­day to ex­plain how the com­pa­ny han­dled cy­ber­at­tacks on its mas­sive tech­nol­o­gy plat­form, Change Health­care.

Cy­ber­crim­i­nals used com­pro­mised lo­gin in­for­ma­tion to ac­cess a por­tal that doesn’t have mul­ti-fac­tor au­then­ti­ca­tion on Feb. 12. They moved around the sys­tem to ex­tract da­ta and de­ployed ran­somware nine days lat­er, Wit­ty re­vealed in a tes­ti­mo­ny re­leased be­fore Wednes­day af­ter­noon’s hear­ing with the House En­er­gy and Com­merce Com­mit­tee’s sub­com­mit­tee on over­sight and in­ves­ti­ga­tions. Wit­ty is al­so due to tes­ti­fy in a Sen­ate Fi­nance Com­mit­tee hear­ing on Wednes­day morn­ing.

Unlock this article instantly by becoming a free subscriber.

You’ll get access to free articles each month, plus you can customize what newsletters get delivered to your inbox each week, including breaking news.