UnitedHealth Group CEO Andrew Witty confirmed for the primary time that the corporate has paid a $22 million ransom to hackers who broke into its Change Healthcare subsidiary, with far-reaching consequences across the healthcare sector. Witty's comments got here during a hearing Wednesday before the U.S. Senate Finance Committee.
Change Healthcare offers payment, revenue management and other solutions corresponding to e-prescription software. When the threat was identified, the corporate shut down affected systems, temporarily stopping many doctors from writing prescriptions or being paid for his or her services.
UnitedHealth told CNBC in April that it paid a ransom to guard patient data. Previous reports had discovered a $22 million wire transfer on the Bitcoin blockchain, but the corporate had not previously confirmed the number.
“The decision to pay a ransom was mine,” Witty said. “This was one of the hardest decisions I have ever had to make and I would not wish it on anyone.”
UnitedHealth is one among the most important corporations on the planet with a market capitalization of around $450 billion. Its business units Optum – which serves 103 million customers – and Change Healthcare – which handles one in three patient records – merged in 2022.
Committee Chairman Sen. Ron WydenD-Ore., said in his opening statement that the Change Healthcare breach was a “bleak warning of the consequences of megacorporations that are too big to fail.”
“Companies this large have a duty to protect their customers and lead the way on this issue,” Wyden said.
Witty told the committee that cybercriminals accessed Change Healthcare through a server that was not protected by multi-factor authentication (MFA), which requires users to confirm their identity in at the very least two other ways. He said UnitedHealth has now implemented MFA in all external systems.
“As a result of this malicious cyberattack, patients and providers have experienced disruption and people are concerned about their private health information,” Witty said. “I would like to say very clearly to everyone affected: I am deeply sorry.”
Sen. Thom Tillis, R-N.C., held up a shiny yellow copy of “Hacking for Dummies” through the hearing and said UnitedHealth was answerable for fixing the breach.
“These are some basic things that have been overlooked. So it's a shame for internal audit, external audit and your systems people who are charged with redundancy, they're not doing their job,” Tillis said.
A filing with the U.S. Securities and Exchange Commission said UnitedHealth discovered in late February that a cyber threat actor had accessed part of Change Healthcare's information technology network.
Witty said Change Healthcare's core systems are back online, although some of its secondary support functions are still being restored.
UnitedHealth said in February that the Blackcat ransomware group was behind the attack. According to a, Blackcat, also known as Noberus and ALPHV, steals sensitive data from institutions and threatens to publish it unless a ransom is paid Release in December from the US Department of Justice.
UnitedHealth confirmed in April that the breach compromised files containing protected health information and personal data. The company said a data review is ongoing and therefore it could take months before the company can notify affected individuals.
Witty said Wednesday that UnitedHealth is working with regulators to assess the breach and notify people “as quickly as possible” if their data has been compromised.
In early March, UnitedHealth launched a short lived financial assistance program to support providers that experienced money flow disruptions as a consequence of the cyberattack. There aren’t any fees, interest or other costs along with payments, and providers have 45 days to refund the cash once their regular payment operations resume.
During the hearing, Witty said the corporate had not yet asked anyone for loan repayments and that it might be as much as providers to find out when their operations would officially return to normal.
Witty didn’t immediately disclose whether UnitedHealth will provide additional support to providers who could also be combating other loans and interest payments due to breach.
Sen. Michael Bennet, D-Colo., pressed Witty to share how UnitedHealth is working to make sure something just like the Change Healthcare breach doesn't occur again. Witty said the corporate plans to share its discoveries concerning the breach, adding that it must concentrate on reducing the speed of cyberattacks on the healthcare sector.
“We are clearly trying to assume our responsibility in this attack. We are also trying to learn from it,” he said.
image credit : www.cnbc.com