Zack Whittaker reports:
The ransomware gang that hacked into U.S. health tech giant Change Healthcare used a set of stolen credentials to remotely access the company’s systems that weren’t protected by multifactor authentication (MFA), according to the chief executive of its parent company, UnitedHealth Group (UHG).
UnitedHealth CEO Andrew Witty provided the written testimony ahead of a House subcommittee hearing on Wednesday into the February ransomware attack that caused months of disruption across the U.S. healthcare system.
Read more at TechCrunch.
His testimony confirmed a report last week that the threat actors gained access using stolen credentials. Why the portal had no multifactor authentication required has not been explained.