Chairman of the Senate Finance Committee Ron WydenThe Oregon Democrat called on the Biden administration to investigate the cybersecurity incident. in UnitedHealth group.
Thursday (May 30th) letter Dealt with To Federal Trade Commission (FTC) Chairman Lina M. Kahn and Securities and Exchange Commission (SEC) Chairman Gary GenslerWyden called on both agencies to investigate the incident.
In his letter, Wyden said the incident was “entirely preventable and was the direct result of corporate negligence,” and noted that UnitedHealth Group confirmed that the remote access servers the hackers compromised were not protected by multi-factor authentication (MFA).
“The cyberattack against UHG could have been prevented if UHG had followed industry best practices,” Wyden wrote. “UHG's failure to follow best practices, and the resulting damages, are the responsibility of UHG's senior executives, including its CEO and board of directors.”
In response to a request from PYMNTS, UnitedHealth Group issued an emailed statement saying: Transforming HealthcareThe company said that, like other recent cyber attacks, “highlights the need to strengthen cyber defenses and increase resilience” and that it looks forward to “working with policymakers and other stakeholders to collaborate on developing strong, practical solutions.”
“The fact that the company responded quickly and effectively to this attack will “This is our contribution to our strong cybersecurity efforts,” the statement said. “UnitedHealth Group has an experienced board of directors with effective and broad skills in managing risk, including cybersecurity. Members of the audit and finance committees that oversee our cybersecurity program have cybersecurity experience and have led organizations operating in industries that face significant cybersecurity risks.”
In an earlier response to the cyberattack on UnitedHealth Group’s Change Healthcare, the senator said: Mark R. WarnerDemocratic Virginia lawmakers introduced legislation in March that would accelerate Medicare payments to health care providers that suffer cyberattacks if the providers and their vendors meet minimum standards. Cybersecurity Standards.
“The recent hack of Change Healthcare is a reminder that the entire healthcare industry is vulnerable and needs to step up,” Warner said in a press release at the time. “This bill would provide significant economic incentives for healthcare providers and vendors to step up.”