Sanjay Dixit’s Post

📣👀Update on Change Healthcare breach. 📣👀. CEO to testify before congress Wednesday. On the morning of Feb. 21, the cybercriminal gang AlphV, aka BlackCat, locked up Change Healthcare's systems and demanded a ransom to unlock them. Black Cat then conducted an Exit Scam by most reports, keeping the $22 Mil paid in ransom and the Cyber Criminal “affiliate” is now allegedly operating under the RansomHub moniker attempting to extort them again even after Change paid $22 Million to Black Cat in ransom for the same data. 🔥The cyber criminals seem to have broken into UnitedHealth's (UNH.N), opens new tab tech unit on Feb. 12 by exploiting a security vulnerability in software from private IT company Citrix that allows employees remote access to their desktop computers, the largest U.S. health insurer will testify before a House panel this week. ➡️UnitedHealth CEO Andrew Witty's testimony before the House Energy and Commerce Committee, slated for Wednesday, will follow weeks of disruption to American healthcare since the insurer's Change Healthcare unit was hacked. Witty will tell the House panel, according to a copy of his written testimony posted to the panel's website on Monday. "Not knowing the entry point of the attack at the time, we immediately severed connectivity with Change’s data centers to eliminate the potential for further infection," the testimony says. More to come Wednesday… #databreach #cybersecurity #awareness #ransomware **** Let’s connect ✅ https://lnkd.in/gdFPsShC

Just curious who made or didn't make the decision to not use MFA on public facing remote access servers, and how they a) thought this was a great idea, b) how no one was going to fund it with their record profits, and c) if there is a paper train from a mid level engineer saying not using MFA is a bad idea, only to be overruled because it was too expensive or complicated. "UnitedHealth confirms that Change Healthcare's network was breached by the BlackCat ransomware gang, who used stolen credentials to log into the company's Citrix remote access service, which did not have multi-factor authentication enabled." MFA is literally one of the easiest things to setup. This seems to be a great opportunity to hold various leaders responsible (CEO, CFO, CIO, CISO, Cxx and throw in the Board as well) for really bad decisions protecting patient data. How many people were impacted by this incredibly short sighted security practice. https://lnkd.in/ekTTECUs

Andrew Witty, CEO at UHG, recently testified that hackers used stolen credentials to gain unauthorized access to Change Healthcare's systems, underscoring a significant risk for all SaaS applications. Credential theft can bypass basic security measures, potentially leading to data breaches, ransomware attacks, or even complete data deletion in SaaS environments. This incident serves as a critical reminder of the importance of implementing SaaS backups to ensure business continuity for your vital applications. How are you protecting the data in your SaaS applications? Read more about the incident https://lnkd.in/gBSEbHkj. #SaaS #ChangeHealthcare #SaaSBackup

🔒 Your security is of the utmost importance to us. That's why we want to inform you about new information about the recent hacking incident that has affected the largest U.S. health insurer. According to the testimony, the criminals used compromised login credentials to access a Change Healthcare Citrix portal that did not have multi-factor authentication. If you have concerns or questions about your cybersecurity, please don't hesitate to contact us at 972-776-6366. Stay vigilant and stay safe! #Cybersecurity #StaySafe #GalleonVirtualServices 🔒   Read more about the incident: https://loom.ly/JUOTJW0

📢 If you don't lock the front door, someone eventually will enter your home unannounced. The recent announcement by UnitedHealth CEO on the cause of the recent #ransomware attack should be a stark reminder to everyone of why it is absolutely imperative to have #MultiFactorAuthentication fully enabled across your organization. Not partially. Fully. #MFA has matured tremendously over the years. The technology is easier to manage, use, and integrate. There are a bunch of proven options to include Microsoft Entra ID, Okta, and Duo Security. XenTegra is your preferred provider to assist you with your #IdentityandAccessManagement needs. Whether its consultatation, product purchase and deployment, or ongoing services, we can assist. Contract me today for more information. #XenTegraNC #XenTegra #IAM #CISO #Microsoft #EntraID #Okta #DuoSecurity https://lnkd.in/eBBh4Xwe

This is definitely a real wake-up call for all of us in the industry. The breach at UnitedHealth's tech unit shows just how vital multi-factor authentication is. It's essential we go beyond the basics to protect sensitive data. #databreach #cybersecurity #cybersecuritystrategy

It's concerning that a large corporation like Change Healthcare would leave a publicly accessible Citrix portal without multi-factor authentication (MFA), a basic security measure. While such negligence might be expected from a small business, it's alarming for a company of this scale. It's also imperative that vendors prioritize security by configuring external-facing portals with the highest access security turned on by default. This approach, known as 'secured by default,' would help prevent similar breaches and safeguard sensitive data. #mfa #accesssecurity #databreaches #SecuredByDefault https://lnkd.in/e8VSBT74

In February, the tech unit of UnitedHealth, a leader in U.S. healthcare insurance, experienced a devastating cyberattack. A sophisticated criminal gang exploited stolen login credentials to access Change Healthcare’s systems, causing widespread disruption. This breach showcases a critical oversight: the absence of multi-factor authentication (MFA). Why does this matter? MFA is a fundamental security measure. It's not just a recommendation; it's a necessity these days, where data breaches are not a matter of "if", but "when". The absence of MFA at such a critical access point within UnitedHealth’s infrastructure is alarming. It speaks volumes about the ongoing underestimation of cybersecurity threats by major organizations. As IT professionals, we must push for more than the minimum in cybersecurity. It’s not enough to react; we need to anticipate, strengthen, and protect. Each breach is a stark reminder of the need for comprehensive security strategies that go beyond compliance to genuine protection. Let this incident be a call to action. Invest in robust security measures. Educate your teams. Most importantly, implement MFA across all critical access points. Our commitment to security today defines our resilience tomorrow. Read more 👉 https://lnkd.in/gc9AcUnV Need help? 👉 https://lnkd.in/gSacdkv4 #healthcare #technology #cybersecurity #ITtips #cybersecurityawareness #SparkNav

The United Healthcare breach will become the Equifax breach of 2024. With the CEO having to report to US Congress today, expect a detailed breach report in the near future. One thing now confirmed is compromised credentials (i.e. stolen passwords) were the initial attack vector. Once again, another example of how cyber attackers are no longer just hacking into systems, their goal is to simply log into systems. Also another example of how strong MFA is a key control in today's environment, expect MFA to be a baseline standard if any organization wants cyber insurance.

🔄 Reposting for awareness: The recent breach at United Healthcare involved credentials that lacked MFA protection. Despite significant investments in cybersecurity tools 💻🔒, the frequency of attacks has tripled in recent years. Let's discuss how we can better protect our digital assets. #CyberSecurity #DataProtection #MFA