Change Healthcare, compromised by stolen credentials, did not have MFA turned on.

CHANGE Healthcare (Company); INTERNET security; IDENTIFICATION documents; MULTI-factor authentication; RANSOMWARE

Change Healthcare, a healthcare giant, experienced a cyberattack when a ransomware group gained access to their systems using compromised credentials. The group accessed a Change Healthcare Citrix portal, which did not have multifactor authentication (MFA) enabled. The attackers were able to move within the systems and exfiltrate data, leading to a ransomware deployment. The breach, caused by the failure to enable MFA, resulted in significant disruption to Change Healthcare's operations and the theft of sensitive data. UnitedHealth Group CEO Andrew Witty apologized for the incident and called for mandatory security standards and improved cybersecurity infrastructure in the healthcare industry. [Extracted from the article]

Copyright of Healthcare Dive is the property of Industry Dive and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)