No evidence suggests patients' medical histories and personal data were accessed during a February ransomware attack,
Sen.
Wyden said
He said
Wyden said
"This corporation is a healthcare leviathan," he said. "The bigger the company, the bigger the responsibility to protect its systems from hackers."
The
Those records account for about a third of the nation's patient records and include information of people's "sensitive diagnoses,treatments and medical histories that reveal everything from abortions to mental health disorders," Wyden said.
Data on many military personnel are among those records, which Wyden said is a "clear national security threat."
Witty addressed the committee and its concerns regarding the potential breach of individuals' personal and private medical health data.
"Our response to this attack has been grounded in three principles," Witty told the committee, "to secure the systems, to ensure patient access to care and medication, and to assist providers with their financial needs."
Witty said cyber experts continue to investigate the attack that occurred on
He said the portal wasn't protected by multi-factor authentication.
"To contain infection, we immediately severed connectivity and secured the perimeter of the attack to prevent malware from spreading," Witty said. "It worked. There is no evidence of spread beyond
He said corporate officials then contacted the
"My overarching priority has been to do everything possible to protect people's personal health information," Witty told the committee, adding that the decision to pay a ransom was his.
Witty said nothing indicates anyone's doctors charts or personal medical histories were accessed during the ransomware attack, but the investigation will continue for several months.
Identifying and notifying people whose health and personal information was accessed during the cyberattack won't be possible until the investigation is completed, he said, because the files containing that information were compromised in the attack.
Witty told the committee
Witty said
Concerned individuals also can visit ChangeCyberSupport.com to learn more about the available services.
They also can call 866-262-5342 to sign up for the free credit monitoring and identity theft protections.
Federal law enforcement opened an investigation into the matter in March.
TWIW gallery
Copyright 2024 United Press International, Inc. (UPI). Any reproduction, republication, redistribution and/or modification of any UPI content is expressly prohibited without UPI's prior written consent., source