The Security Gap Behind the Change Healthcare Attack

A Costly Oversight

A recent cyberattack on Change Healthcare, which significantly disrupted healthcare systems nationwide, was attributed to a lack of multifactor authentication (MFA) on a key server. UnitedHealth CEO Andrew Witty addressed the U.S. Senate, acknowledging that hackers exploited this vulnerability to carry out a ransomware attack, encrypting critical systems and impairing insurance claim processing.

What Is Multifactor Authentication (MFA)?

Multifactor authentication is a security measure that requires users to provide multiple forms of identification before gaining access to an account or system. By combining something the user knows (like a password), something the user has (like a smartphone or security token), and sometimes even something the user is (like a fingerprint or facial recognition), MFA significantly strengthens the security of any digital platform. 

This extra layer of protection makes it far more challenging for unauthorized users to gain access, reducing the risk of cyberattacks like phishing and credential stuffing.

The Importance of Multifactor Authentication

Members of the Senate Finance Committee highlighted the importance of implementing basic cybersecurity measures such as MFA, which adds a layer of protection beyond simple passwords. Senator Ron Wyden emphasized that this oversight reflected a fundamental gap in cybersecurity practices. Hackers used compromised credentials, including stolen passwords, to access Change Healthcare’s network, resulting in UnitedHealth paying a $22 million ransom in Bitcoin to limit further damage.

Reinforcing Patient Data Protection

UnitedHealth promptly disconnected affected systems and rebuilt the platform to ensure no remnants of the compromised environment remained. Witty expressed frustration that this critical server lacked MFA, noting that the security measure is standard across UnitedHealth.

The Office for Civil Rights is currently investigating whether the attack exposed protected health information and if Change Healthcare complied with patient privacy laws. UnitedHealth is offering two years of complimentary credit monitoring and identity theft protection to individuals affected.

Need for Robust Cybersecurity Measures

As one of the largest healthcare companies in the U.S., UnitedHealth encounters attempted intrusions every 70 seconds, according to Witty. This incident underscores the importance of implementing robust cybersecurity measures, particularly in the healthcare sector, where ransomware attacks have recently surged.

Protect Your Data with GCS SecureCloud

GCS SecureCloud brings an all-in-one suite of cloud security services to your organization. With end-to-end data protection through backup and recovery, multi-factor authentication, and cloud migration, it delivers the security and flexibility required to keep your data safe and accessible. 

Contact us today to ensure your organization is equipped with comprehensive cybersecurity measures that safeguard your critical data.

Pin It on Pinterest