The breach started on February 12 when hackers somehow obtained an account password for a portal allowing remote access to employee desktop devices. The account failed to use multifactor authentication (MFA), a standard defense.
Once the threat actor gained access, they moved laterally within the systems in more sophisticated ways and exfiltrated data. The account, on a portal platform provided by software maker Citrix, wasn't configured to use MFA.
#change-healthcare #ransomware-attack #multifactor-authentication #cybersecurity #healthcare-data-breach
[
add
]
[
|
|
...
]