The Congressional testimony revealed that UnitedHealth's Change Healthcare subsidiary paid $22 million in ransom after a breach, highlighting security failures like stolen credentials, lack of multi-factor authentication, and undetected access for days, compromising a substantial amount of personally identifiable information and creating potential national security threats. ```
https://www.darkreading.com/cyberattacks-data-breaches/unitedhealth-congressional-testimony-rampant-security-fails