(This story is from our new Health Tech newsletter. If you’d like to sign up, just click here.)
UnitedHealth Group’s CEO Andrew Witty is set to testify before lawmakers on Wednesday to explain how the company handled cyberattacks on its massive technology platform, Change Healthcare.
Cybercriminals used compromised login information to access a portal that doesn’t have multi-factor authentication on Feb. 12. They moved around the system to extract data and deployed ransomware nine days later, Witty revealed in a testimony released before Wednesday afternoon’s hearing with the House Energy and Commerce Committee’s subcommittee on oversight and investigations. Witty is also due to testify in a Senate Finance Committee hearing on Wednesday morning.
Witty said that the cybercriminal group, named ALPHV or BlackCat, encrypted Change systems so that the company wasn’t able to access them. UnitedHealth enlisted the help of the FBI and experts from Google, Microsoft, Cisco, Amazon and more on Feb. 21, the day the ransomware was deployed.
“As chief executive officer, the decision to pay a ransom was mine. This was one of the hardest decisions I’ve ever had to make. And I wouldn’t wish it on anyone,” he said in the testimony.
Witty said he’s committed to providing financial help to providers for “as long as it takes” to get claims and payments back to normal levels. As of last week, UnitedHealth has paid over $6.5 billion in accelerated payments to providers, he said.
After the attacks, UnitedHealth is calling for the government and the private sector to work together and build mandatory minimum security standards across the industry. This would include training and funding for institutions that could benefit from an extra boost, such as hospitals in rural communities.
Witty did not comment on the company’s antitrust issues. The Department of Justice has launched an antitrust investigation into UnitedHealth, the Wall Street Journal first reported in February.