Wyden Asks FTC and SEC to Probe Cyberattack on UnitedHealth
The FTC and SEC should hold UnitedHealth Group accountable for “negligent cyber practices” that exacerbated a February ransomware attack against the company, Senate Finance Committee Chairman Ron Wyden, D-Ore., wrote the agencies Thursday. UHG confirmed hackers initially breached a remote…
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
access server because it wasn’t protected with multifactor authentication, Wyden said: “The cyberattack against UHG could have been prevented had UHG followed industry best practices. UHG’s failure to follow those best practices, and the harm that resulted, is the responsibility of the company’s senior officials.” Wyden urged the FTC and SEC to investigate UHG’s “numerous cybersecurity and technology failures” and determine if it broke federal laws. The FTC confirmed receiving the letter but declined comment. The SEC said Chair Gary Gensler will respond to Congress directly. UHG defended the company’s response to the attack on Change Healthcare. A spokesperson said Thursday: “The fact that the company moved quickly and effectively in response to this attack is testament to our company’s commitment to strong cybersecurity.” UGH is looking forward to working with policymakers and stakeholders to develop “strong, practical solutions,” the company said.