Hackers took advantage of a vulnerability in a Citrix remote desktop access product to break into Change Healthcare's IT systems.
The CEO of UnitedHealth, Change Healthcare's parent company, revealed this information ahead of his testimony in front of the House Energy and Commerce Committee.
The attackers used a compromised username/password combination to access the company's Citrix portal, which did not have multi-factor authentication (MFA) at the time.
ALPHV, a notorious ransomware-as-a-service vendor, breached Change Healthcare, stole sensitive customer data, and demanded $22 million in cryptocurrency as ransom.