When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
To break into Change Healthcares IT systems, hackers abused a vulnerability in a Citrix remote desktop access product.
His testimony was published on the UnitedHealth website ahead of the discussion.
(Image credit: Shutterstock.com)
It was later reported that the company fell victim to aransomwareattack.
Apparently, the attackers used a compromised username/password combination to pull up the companys Citrix portal.
There was nomulti-factor authentication(MFA) set up at the time.
Currently it is still unknown which specific Citrix flaw was abused during the attack.
Reuters points out that U.S. officials issued multiple warnings about security loopholes in Citrix tools late last year.
Soon after, ALPHV shut the entire operation down and disappeared.
