UnitedHealth data breach leaked info on over 100 million people

On February 12, criminals used compromised credentials to remotely access a Change Healthcare Citrix portal, an application used to enable remote access to desktops. The portal did not have multi-factor authentication. Once the threat actor gained access, they moved laterally within the systems in more sophisticated ways and exfiltrated data. Ransomware was deployed nine days later.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top