The ransomware gang used stolen credentials to remotely access Change Healthcare's systems lacking multi-factor authentication, stealing substantial health data impacting a large portion of the U.S. population.
Security lapse with no multi-factor authentication on the Citrix portal enabled lateral movement for data exfiltration; investigators will scrutinize this gap post-attack for system deficiencies.
[
add
]
[
|
|
...
]