6 Holiday Shopping Scams to Watch Out For
The holiday season is here, bringing the excitement of discovering amazing deals during Black Friday and Cyber Monday. But while you’re hunting for...
2 min read
Byron Martin : Jul 8, 2024
In recent months, a significant cybersecurity breach at Change Healthcare, a payment-processing company under UnitedHealth Group, has highlighted a chilling reality: cyberthreats can lurk undetected within our networks, ready to unleash chaos at any moment. This breach, carried out by the ALPHV/BlackCat hacker group, involved the hackers lying dormant within the company’s environment for nine days before launching a devastating ransomware attack. This incident severely impacted the US healthcare system and underscores an urgent message for all business leaders: a robust cybersecurity system and recovery plan are not optional but essential for every business.
The attack began with hackers using leaked credentials to access a Citrix portal, a crucial remote-access application that, alarmingly, lacked multifactor authentication. Once inside, the hackers navigated the system, exfiltrating data and eventually deploying ransomware that encrypted files and demanded a substantial ransom. This action stalled nationwide healthcare payment-processing systems, on which thousands of pharmacies and hospitals rely, rendering the system temporarily inoperable.
The personal health information and personally identifiable information of potentially millions of Americans were compromised. The hackers orchestrated an exit scam, demanding a second ransom, raising questions about whether UnitedHealth Group paid the hackers twice.
In April 2024, CEO Andrew Witty confirmed that the company paid a $22 million ransom to hackers before the U.S. Senate Committee on Finance.
“The decision to pay a ransom was mine,” Witty said. “This was one of the hardest decisions I’ve ever had to make, and I wouldn’t wish it on anyone.”
This breach necessitated a temporary shutdown, disconnecting entire systems from the Internet, a massive overhaul of the IT infrastructure, and significant financial losses estimated to reach $1.15 billion by year’s end. Actions taken included replacing laptops, rotating credentials, and rebuilding the data center network. Beyond financial costs, the impact on healthcare services and personal data was profound.
This incident is a powerful reminder that threats can dwell silently within networks, waiting for the right moment to strike. Reactive measures are insufficient; proactive steps are essential. Ensuring systems are secured, implementing multifactor authentication, regularly updating and patching software, and having a Disaster Recovery Plan in place are no longer optional — they are basic requirements for conducting business today.
The mindset of “It won’t happen to us” is a dangerous gamble. Cybersecurity is not just an IT issue; it’s a cornerstone of modern business strategy. It requires investment, training, and a culture of security awareness throughout the organization. The fallout from a breach extends far beyond the immediately affected systems. It can erode customer trust, disrupt services, and lead to severe financial and reputational damage, with the CEO often shouldering the blame.
As we consider the lessons from the Change Healthcare incident, CEO's must prioritize cybersecurity. Investing in comprehensive cybersecurity measures is not merely a precaution — it is a fundamental responsibility to customers, stakeholders, and the future. In the realm of cyber threats, what you can’t see can indeed hurt you.
Don’t wait until it’s too late — ensure your business is protected against the silent danger of cyber threats. Preparation is your most powerful defense.
If you’re unsure or want a second opinion, our cybersecurity experts offer a FREE Vulnerability Assessment. This assessment will detail if and where you’re vulnerable and what steps to take to secure your organization. Schedule yours by below or calling us at 509-396-6640.
Teknologize is a SOC 2 certified, Professional Technology Services company with clients throughout the Pacific Northwest. We have offices located in:
Tri-Cities, Washington 509.396.6640
Yakima, Washington 509.396.6640
Bend, Oregon 541.848.6072
Seattle, Washington 206.743.0981
Questions about your IT or Cybersecurity? Give us a call today!
The holiday season is here, bringing the excitement of discovering amazing deals during Black Friday and Cyber Monday. But while you’re hunting for...
Ah, the holiday season, when everything sparkles, sales soar, and your to-do list rivals Santa's naughty and nice list. For businesses, it's a time...
IMPORTANT: Microsoft recently announced the official end of support for Windows 10 on October 14, 2025. After this date, while your...