Wyden Demands Copies of Independent Audit Reports, Answers from UnitedHealth on Change Healthcare Cyberattack
Following Finance Committee Hearing with UnitedHealth Group CEO, Chairman Seeks More Answers on Nature of Hack
Washington, D.C. – Senate Finance Committee Chair Ron Wyden, D-Ore., sought more details from UnitedHealth Group (UHG) CEO Andrew Witty on a major cyberattack that imperiled the American health care system earlier this year and caused severe disruption to patients, doctors and hospitals across the country in a letter sent to the company.
“I write to seek answers to questions for the record following your testimony before the Senate Finance Committee in June 2024 that to date have not been satisfactorily answered,” Wyden wrote. “You testified about this incident before the Committee in June, during which you provided vague, unclear information about the incident and the degree to which it was caused by your company’s lax cybersecurity practices. Congress has a responsibility to conduct rigorous oversight to determine what legislative actions might be necessary in the wake of the most significant cyberattack against the U.S. health care sector to date.”
The letter asks UHG to provide copies of independent cybersecurity audit reports for the five years prior to the hack. Wyden also asked whether the company server that was initially compromised in the cyberattack had been subject to a security audit prior to the cyberattack, for additional details about the method that hackers used to gain widespread access to the company’s data and systems, and what steps the company has taken to defend against those methods being used again.
The letter comes after Wyden introduced legislation last month to set a minimum cybersecurity standard across the health care industry to prevent cyberattacks, mitigate disruption to the health care system and to protect Americans’ private information from hackers.
The full letter can be found here.
###
Next Article Previous Article