UnitedHealth, the largest U.S. health insurance provider, blamed a Russia-based ransomware gang for the huge data breach of U.S. medical data.
And of course it some dumb shit like someone with privileged access who doesn’t have two factor enabled.
Source (from the posted article):
During a House hearing into the cyberattack in April, UnitedHealth’s CEO Witty confirmed that the cybercriminals broke into one of its employee systems using stolen credentials that were not protected with multi-factor authentication (MFA), a security feature that can help to protect against the misuse of password theft.
Was wondering how so many people since I’ve never heard of Change Healthcare:
Change Healthcare is one of the largest handlers of health, medical data, and patient records, as it processes patient insurance and billing across the U.S. healthcare sector, including thousands of hospitals, pharmacies, and medical practices. As such, Change handles huge amounts of health and medical-related information on around a third of all Americans