Over the last several months, your friends at Abyde have kept you updated on the latest in the Change Healthcare Breach. 

Since February 21st, this breach has held the healthcare industry captive, likely the most significant healthcare data breach in the United States ever. 

Change Healthcare, nestled under the UnitedHealth Group umbrella, processes about 50% of U.S. medical claims, is still picking up the pieces.

If you work in healthcare, you feel the sting of the attack. Almost all hospitals reported financial damages because of the attack. 

So, how did we get here? 

You’re getting answers, as CEO of UnitedHealth Group, Andrew Witty, is set to testify in front of two congressional panels today. 

Don’t worry, we’re not going in blind! While Witty might be on center stage today, a written testimony has already been released. Stay tuned because we’re decoding this testimony and answering your burning questions. 

Pack your bags! We’re taking a quick trip to the Capitol!

Party Crashers

This compliance catastrophe began on February 21st, with the BlackCat hacking group infecting Change Healthcare’s systems with ransomware. 

However, the team of malicious hackers had been plotting for over a week, being in Change Healthcare’s systems for nine days before the attack. 

How did they get in? 

It wasn’t a Mission Impossible stunt, avoiding lasers and jumping between buildings, but a simple case of compromised credentials. 

Using a stolen login, the black-hat hackers could log into a Change Healthcare application portal and remotely access desktops. This portal didn’t have a standard security protocol: multi-factor authentication.

Multi-factor authentication (MFA), like a code sent to your phone before logging in, is a typical security standard for protecting sensitive data. Implementing technical safeguards, like MFA, falls under the HIPAA Security Rule. 

Mopping up the Mess

While Change Healthcare is no stranger to hacking attempts – thwarting 450,000 intrusions a year – once the ransomware was identified, Change Healthcare sprung into action. According to Witty, the Change Healthcare team immediately severed connectivity with the data centers to avoid the spread of ransom. 

Change Healthcare started from the bottom up, rebuilding the foundation of its technology infrastructure, replacing thousands of laptops, implementing new credentials, and new servers with the help of Tech powerhouses like Amazon and Google. 

As of today, the ransomware only impacted Change Healthcare and none of UnitedHealth Group’s other organizations. 

Witty also admitted to meeting ransom demands, saying it was one of the toughest decisions he’s ever had to make. 

What’s Next? 

These uninvited party crashers have put the UnitedHealth Group in hot water. These congressional hearings are just the tip of the iceberg for the medical titan. 

Here at Abyde, we’re keeping a close eye on things, and you can bet we’ll keep you in the loop through our blogs and social media on the latest in these hearings. 

Want to stay on top of all things compliance? Follow us and watch for our This Week in Compliance series – it’s your one-stop shop for compliance info!