Would You like a feature Interview?
All Interviews are 100% FREE of Charge
In a hearing Wednesday before the U.S. Senate Finance Committee, united health group CEO Andrew Whitty acknowledged for the first time that the company paid a $22 million ransom to hackers who broke into the systems of subsidiary Change Healthcare.
Change Healthcare offers other solutions such as payment, revenue management, and e-prescription software.
This cyberattack had a wide-ranging impact across the healthcare sector. Once the threat was detected, the company disconnected affected systems, leaving many doctors temporarily unable to fill prescriptions or receive payments for services.
UnitedHealth told CNBC in April that it paid the ransom to protect patient data. In previous reports, Discovered $22 million in transfers However, the company had not previously confirmed the numbers.
“As CEO, I made the decision whether to pay the ransom or not,” Witty said. “This is one of the hardest decisions I’ve ever had to make, and I wouldn’t wish it on anyone.”
UnitedHealth is one of the largest companies in the world, with a market capitalization of approximately $450 billion. His Optum, the company’s business unit that provides care to 103 million customers, and Change Healthcare, his three-in-one patient record company, merged in 2022.
Chairman Sen Ron WydenThe Oregon Democratic Party said in its opening remarks that the Change Healthcare breach serves as a “dire warning of the consequences of too-big-to-fail mega-corporations.”
“Companies this large have an obligation to protect their customers and lead on this issue,” Wyden said.
Whitty told the committee that cybercriminals access Change Healthcare through servers that are not protected by multi-factor authentication (MFA) and that users must verify their identity in at least two different ways. Ta. He said UnitedHealth now has MFA in place across all externally connected systems.
“As a result of this malicious cyberattack, patients and healthcare providers are experiencing disruption, and people are feeling anxious about their personal health data,” Whitty said. “To everyone affected, let me be clear: I deeply, deeply regret this.”
Sen. Thom Tillis, RN.C., held up a bright yellow copy of “Hacking for Dummies” during the hearing and said the violation was the responsibility of UnitedHealth to fix.
“It’s a shame for the internal audit, the external audit, and the systems people who were put on redundancy because this was missing the basics. They’re not doing their job,” Tillis said.
UnitedHealth discovered in late February that cyberattackers had accessed parts of Change Healthcare’s information technology network, according to a filing with the U.S. Securities and Exchange Commission.
Witty said Change Healthcare’s core systems are back online, but some of its secondary support functions are still being restored.
UnitedHealth announced in February that ransomware group Blackcat was behind the attack. Blackcat, also known as Noberus and his ALPHV, is said to be stealing sensitive data from institutions and threatening to release it unless a ransom is paid. Released in December From the United States Department of Justice.
UnitedHealth confirmed in April that files containing protected health information and personally identifiable information were compromised in the breach. The company said it could take several months to notify affected individuals as an investigation into the data is still ongoing.
Whitty said Wednesday that UnitedHealth will work with regulators to assess the breach and notify people “as soon as possible” if their information has been compromised.
In early March, UnitedHealth launched a temporary financial assistance program to help healthcare providers experiencing cash flow disruptions due to cyberattacks. There are no fees, interest or other costs in addition to the payment, and the provider has 45 days to repay the funds after standard payment operations resume.
Whitty said at the hearing that the company has not yet asked anyone to repay the loan and it is up to the provider to determine when operations officially return to normal.
Whitty did not directly say whether UnitedHealth would provide additional assistance to providers who may be in dispute with other loans or interest payments due to violations.
Colorado Sen. Michael Bennet pressed Whitty to share how UnitedHealth is working to ensure something like the Change Healthcare breach never happens again. Whitty said the company plans to share its findings about the breach with other companies and should focus on how to reduce the rate of cyberattacks in the healthcare sector.
“It’s clear that we’re trying to take responsibility for this attack, and we’re trying to learn from it,” he said.