United HealthCare CEO says ‘possibly a 3rd’ of U.S. residents have been affected by current hack

Two months after hackers broke into Change Healthcare techniques stealing after which encrypting firm knowledge, it’s nonetheless unclear what number of Americans have been impacted by the cyberattack.

Last month, Andrew Witty, the CEO of Change Healthcare’s dad or mum firm UnitedWell being Group, stated that the stolen recordsdata embrace the private well being info of “a considerable proportion of individuals in America.”

On Wednesday, throughout a House listening to, when Witty was pushed to offer a extra definitive reply, testifying that the breach impacted “I feel, possibly a 3rd [of Americans] or someplace of that stage.”

Witty stated he was reluctant to offer a extra exact reply as a result of the corporate continues to be investigating the breach and attempting to determine precisely how many individuals have been affected.

UnitedWell being’s spokesperson Anthony Marusic didn’t instantly reply to a request for touch upon Witty’s estimate.

During a listening to within the Senate earlier on Wednesday, Witty stated that it’s going to seemingly take “a number of months,” earlier than the corporate can start notifying victims of the information breach.

In a written assertion filed by Witty forward of the 2 hearings, the CEO wrote that “to date, we have now not seen proof of exfiltration of supplies corresponding to medical doctors’ charts or full medical histories among the many knowledge.”

According to Witty’s testimony, the hackers “used compromised credentials to remotely entry a Change Healthcare Citrix portal,” which was not protected by multi-factor authentication, a primary cybersecurity measure that provides an additional step to log into accounts and techniques.

Had that portal had multi-factor authentication enabled, the breach might not have occurred. Several Senators grilled Witty on that failure, asking him whether or not UnitedWell being and Change Healthcare techniques are actually protected with multi-factor authentication.

During the Senate listening to, Witty stated: “We have an enforced coverage throughout the group to have multi issue authentication on all of our exterior techniques, which is in place.”

The House listening to is underway as of this writing, and we are going to replace this story as extra info turns into accessible.

Source hyperlink

Leave a Reply

Your email address will not be published. Required fields are marked *