UnitedHealth CEO testifies on hack before U.S. Senate and House

UnitedHealth CEO Andrew Witty began his first of two scheduled testimonies in front of Congressional panels on Wednesday, answering questions from lawmakers about the recent cyberattack at the company's technology unit that impacted almost all patients and providers. The hack at Change Healthcare, a provider of healthcare billing and data systems that processes about 50% of U.S. medical claims, on Feb. 21 caused widespread disruption in payment to doctors and health facilities.

"I believe the bigger the company, the bigger the responsibility to protect its systems from hackers. UHG was a big target long before it was hacked. The FBI says that healthcare industry is the number one target of ransomware," Senate Finance Committee Chairman Ron Wyden said in opening remarks, adding that the hack was a national security threat. Health and personal data of a "substantial proportion" of Americans were stolen, UnitedHealth said last week.

"UnitedHealth Group has not revealed how many patients' private medical records were stolen, how many providers went without reimbursement, and how many seniors are unable to pick up their prescriptions as a result of the hack," said Wyden. "The failures of CEOs like Mr. Witty, who months in can't figure out how many people have had their data stolen, validates the FBI warning," he said.

In letters to the congressional committees Witty will face, the American Hospital Association said an internally survey of its members found that 94% of hospitals reported damage to cash flow and more than half reported "significant or serious" financial damage due to Change's inability to process claims. Hackers breached UnitedHealth's tech unit on Feb. 12 by using stolen login credentials that gave them remote access to its network, Witty will tell the Senate Finance Committee on Wednesday morning and the House Energy Subcommittee on Oversight and Investigations in the afternoon.

In a written testimony published earlier this week, Witty said UnitedHealth, the largest U.S. health insurer, has been working with the FBI and prominent cybersecurity firms to investigate the hack.

(This story has not been edited by Devdiscourse staff and is auto-generated from a syndicated feed.)