"Deeply Sorry" UnitedHealth CEO Testifies Before Senate on Massive Cyber Attack

Andrew Witty, the CEO of UnitedHealth Group, testified before the Senate Finance Committee on May 1, 2024, regarding a devastating cyberattack that disrupted the U.S. healthcare system. The attack targeted UnitedHealth's Change Healthcare subsidiary, which processes about 50% of U.S. medical claims. Hackers gained access through a server that lacked multifactor authentication, a basic cybersecurity measure, and deployed ransomware that encrypted and froze large parts of Change Healthcare's system.

The breach impacted an estimated one-third of Americans, or more than 100 million people, and resulted in UnitedHealth paying a $22 million ransom in Bitcoin to the attackers.

Senators criticized UnitedHealth for the lack of multifactor authentication on the compromised server, with one lawmaker stating that the attack “could have been stopped with cybersecurity 101,” Oregon Democratic Sen. Ron Wyden told Witty, according to AP.

Witty expressed frustration over the security lapse and acknowledged that UnitedHealth faces attempted intrusions every 70 seconds. The company is working with regulators to assess the breach and notify affected individuals, offering free credit monitoring and identity theft protection.

UnitedHealth is now rebuilding the Change Healthcare platform from scratch to ensure there are no elements of the old attacked environment.

“We’ve literally built this platform back from scratch so that we can reassure people that there are not elements of the old, attacked environment within the new technology,” Witty said. He added that he was “deeply, deeply sorry” for the attack.

Why this matters: The Change Healthcare cyber attack is considered the biggest cybersecurity disruption to healthcare in U.S. history. It exposed the vulnerability of critical infrastructure to ransomware attacks and the need for stronger cybersecurity standards in the healthcare industry to protect sensitive patient data.

The incident triggered a disruption in payment and claims processing nationwide, stressing healthcare providers. UnitedHealth has launched a temporary funding assistance program to support providers impacted by the attack, with over $6.5 billion in accelerated payments and loans already distributed. The company is cooperating with the FBI and cybersecurity firms to investigate the attack and prevent future incidents.

Key Takeaways

• UnitedHealth CEO testified on a cyberattack that disrupted US healthcare system.
• Hackers accessed Change Healthcare, which processes 50% of US medical claims.
• Breach impacted over 100 million Americans, and UnitedHealth paid $22M ransom.
• Lack of multifactor authentication enabled the attack, which could have been prevented.
• Attack disrupted payments and claims processing, prompting UnitedHealth assistance program.