A group of US senators, including Senator Elizabeth Warren of Massachusetts and Senator Richard Blumenthal of Connecticut, are calling for a detailed response from the federal government’s lead cybersecurity agency, CISA, regarding the ransomware attack on an insurance company in February. The attack targeted Change Healthcare, a unit of UnitedHealth Group Inc., resulting in billions of dollars of payments being disrupted and patient medical data being stolen.
The senators have raised several questions about CISA’s role in addressing the breach and a broader understanding of the risks posed by ransomware and the agency’s efforts to combat it. In their letter to CISA, they asked about how the agency collaborated with other US government entities to address the hack, what information was provided to UnitedHealth regarding the BlackCat hacker group responsible for the breach, and how often such attacks occur. They also inquired about efforts to establish a warning system and how payments can be made with cryptocurrencies to prevent future attacks.
The senators emphasized that understanding the cybersecurity landscape is crucial in light of this incident. The attack on Change Healthcare exposed vulnerabilities that could compromise an entire industry. The breach disrupted payments and jeopardized the financial stability of some clinics while potentially impacting UnitedHealth’s profits by up to $1.6 billion. The top executive at UnitedHealth was scheduled to address this issue before Congress just after receiving this letter from the senators.
