(NEWSnet/AP) — The Change Healthcare cyberattack that disrupted systems earlier this year started when hackers entered a server that lacked a basic form of security: multifactor authentication.

At a U.S. Senate hearing Wednesday, UnitedHealth CEO Andrew Witty said his company, which owns Change Healthcare, is trying to ascertain why the server did not have the additional protection.

Senate Finance Committee members spent more than two hours questioning the CEO about the incident.

Multifactor authentication adds a layer of security to password-protected accounts by having users enter an auto-generated code. It is intended to prevent a hacker’s ability to guess passwords.

Change Healthcare provides technology used to submit and process billions of insurance claims each year. Hackers gained access in February and unleashed a ransomware attack that encrypted and froze large parts of the company’s system, Witty said.

The attack triggered disruption of payment and claims processing, stressing doctor’s offices and health care systems by interfering with the ability to file claims and receive payment.

UnitedHealth disconnected the affected systems to limit damage and paid a $22 million ransom, Witty said.

“We’ve literally built this platform back from scratch so that we can reassure people that there are not elements of the old attacked environment within the new technology,” Witty said, also noting he is “deeply, deeply sorry” for the incident.

The CEO told senators the company’s core systems are fully functional. 

Follow NEWSnet on Facebook and X platform to get our headlines in your social feeds.

Copyright 2024 NEWSnet and The Associated Press. All rights reserved.