Connect with us

Technology

Change Healthcare hackers breached using stolen credentials – no MFA, says UHG CEO

Published

on

The ransomware gang that breached US health tech giant Change Healthcare used a set of stolen credentials to remotely access the corporate’s systems that weren’t protected by multi-factor authentication, in response to the CEO of parent company UnitedHealth.

UnitedHealth CEO Andrew Witty gave written testimony ahead of Wednesday’s House subcommittee hearing on the February ransomware attack that caused months of disruption to the U.S. health care system.

For the primary time, the medical health insurance giant has assessed how hackers breached Change Healthcare’s systems, during which huge amounts of health data were extracted from its systems. Last week, UnitedHealth said hackers had stolen health data for “a significant portion of people in America.”

Change Healthcare processes medical health insurance claims and billing for about half of all U.S. residents.

According to Witty’s testimony, the hackers “used the compromised credentials to gain remote access to the Change Healthcare Citrix portal.” Organizations like Change use Citrix software to enable employees to remotely access work computers on internal networks.

Witty didn’t explain intimately how the credentials were stolen. Wall Street Journal was the primary to report the hacker’s use of compromised credentials last week.

Witty, nevertheless, said the portal “lacks multi-factor authentication,” which is a basic security feature that forestalls the misuse of stolen passwords by requiring a second code to be sent to an worker’s trusted device, comparable to a phone. It’s unclear why Change didn’t arrange multi-factor authentication on this technique, but it surely’s prone to be of interest to investigators trying to grasp potential deficiencies within the insurer’s systems.

“Once the attacker gained access, they moved around systems and extracted data in a more sophisticated way,” Witty said.

Witty said hackers deployed the ransomware nine days afterward Feb. 21, prompting the health care giant to shut down its network to contain the breach.

Last week, UnitedHealth confirmed that the corporate had paid a ransom to hackers who claimed responsibility for the cyberattack and subsequent theft of terabytes of stolen data. The hackers, generally known as RansomHub, are the second gang to say data theft after they posted among the stolen data on the dark web and demanded a ransom for not selling the data.

Earlier this month, UnitedHealth said a ransomware attack cost it greater than $870 million in the primary quarter through which the corporate had revenue of nearly $100 billion.

This article was originally published on : techcrunch.com
Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

Coatue raises $1 billion for AI betting

Published

on

By

Philippe Laffont

Coatue Management, a hedge fund that has invested heavily in tech startups throughout the pandemic boom, is raising $1 billion to support artificial intelligence corporations, Bloomberg reported on Monday.

The funds that can contribute to the corporate’s flagship fund will probably be obtained primarily from institutional investors. However, the report shows that wealthy individuals with accounts at brokerage Raymond James and Associates can even spend money on Coatue.

Coatue, which manages nearly $50 billion in assets, invested in greater than 170 VC-backed corporations in 2021, based on PitchBook data. Since then, Coatue has dramatically slowed its pace of investing in startups, supporting only 81 corporations in 2022 and around 30 corporations in 2023.

However, the cross-border investor shouldn’t be done investing in private corporations. According to PitchBook data, in 2024 Coatue supported 29 startups. The company’s latest AI-focused investments include Glean, Scale AI and Skild AI, which is constructing a general-purpose AI robot. Philippe Laffont, founding father of Coatue (pictured above), said they’re particularly enthusiastic about humanoid robots with artificial intelligence-powered brains.

This article was originally published on : techcrunch.com
Continue Reading

Technology

Mom and son Game Changer Academy founders help black gamers get 150,000. dollars in NIL transactions

Published

on

By

gamers, NIL, Black


Kendall Hamilton and his mother, Dr. Gigi, help Black gamers land lucrative name, image, likeness (NIL) deals and influence the industry through their organization Game Changer Academy.

In highschool, Hamilton rose to prominence as a player himself. Although his mother was initially concerned about his profession path, her support for Hamilton led to his promotion in Rocket League. Hamilton and his mother were among the many top ten players in the virtual game showing others Black families the right way to succeed in esports.

At Game Changer Academy, Hamilton is a performance improvement coach and mental health advocate. Thanks to his own success, he knows concerning the great opportunities the sport offers, akin to scholarships and NIL offers. Now he and his mother were working to make those offers available to other black players like him. So far, the mother and son duo have acquired over 150,000 for his or her clients. dollars.

As for Dr. Gigi, she uses her background in workforce development to help families turn passions into fruitful opportunities. She helped families learn the way gaming could lead on to scholarships and future offers. The licensed psychotherapist also wants to scale back the gap between black gamers and industrial success.

Their efforts are contributing to a greater emphasis on diverse players – 15% of them discover as black, in accordance with New Zoo. Understanding the potential financial gains from the booming industry, the duo stays committed to reaching Black youth captivated with esports to speed up their careers.

Their newest enterprise, Game On: Virtual Experience – Gaming, Mental Health, and Personal Development, hopes to proceed this mission. The event, which can happen on November 4, will connect players and inform them concerning the opportunity to shape their future in this industry. Additionally, there shall be speak about protecting your mental health while pursuing your passions while constructing an empire.

Game Changer Academy is diversifying the esports industry and preparing Black gamers to take the sector. Registration for the event is now open to all families with ready-to-play players.


This article was originally published on : www.blackenterprise.com
Continue Reading

Technology

Columbus says ransomware gang stole personal information of 500,000 Ohioans

Published

on

By

The city of Columbus, the capital of Ohio, confirmed that hackers stole the personal information of 500,000 residents during a July ransomware attack.

In filing In an interview with Maine’s attorney general, Columbus confirmed that a “foreign threat actor” breached its network to access information including residents’ names, dates of birth, addresses, identification documents, social security numbers and checking account information .

Ohio’s most populous city, with about 900,000 people, said about half 1,000,000 people were affected, even though it didn’t confirm the precise number of victims.

The regulatory filing comes after Columbus was the goal of a ransomware attack on July 18 this 12 months by city officials he claimed “thwart” it by disconnecting your network from the Internet.

Rhysida, the ransomware gang accountable for last 12 months’s cyber attack on the British Library, claimed responsibility for the August attack on Columbus. At the time, the gang said it had stolen 6.5 terabytes of data from the Ohio city, including “databases, internal employee logins and passwords, a full server dump of city emergency services applications, and … access from city video cameras,” in response to local news reports.

Rhysida demanded 30 bitcoins, or roughly $1.9 million on the time of the cyberattack, as payment for the stolen data.

Two weeks after the cyberattack, Columbus Mayor Andrew Ginther told the general public that the stolen data was likely “corrupted” and “unusable.”

The accuracy of Ginther’s statement was called into query the day after David Leroy Ross, a cybersecurity researcher also often called Connor Goodwolf, revealed that the personal information of a whole lot of 1000’s of Columbus residents had been placed on the dark web.

In September, Columbus sued Ross, alleging that it “threatened to make stolen city data available to third parties who otherwise would not have readily available means to obtain stolen city data.” A judge issued a brief restraining order against Ross, stopping him from accessing the stolen data.

In a listing published Monday by TechCrunch on the leak site, Rhysida claims to have transferred 3.1 terabytes of “unsold” data stolen from Columbus, amounting to greater than 250,000 files.

This article was originally published on : techcrunch.com
Continue Reading
Advertisement

OUR NEWSLETTER

Subscribe Us To Receive Our Latest News Directly In Your Inbox!

We don’t spam! Read our privacy policy for more info.

Trending