During a Senate Finance Committee hearing, UnitedHealth Group CEO Andrew Witty faced questioning on the Change Healthcare ransomware incident, offering free credit protection to consumers and facing criticism for delayed breach notifications. Chairman Ron Wyden compared credit monitoring to 'thoughts and prayers,' highlighting the inefficiency. Senators pressed Witty on the lack of multi-factor authentication (MFA) on the hacked server and criticized UHG's response
Sen. Thom Tillis raised concerns about internal audit failures and system redundancies. The hearing underscored the need for accountability and better cybersecurity practices in the face of escalating cyber threats. https://www.scmagazine.com/news/senators-grill-unitedhealth-ceo-on-change-healthcare-cyberattack