posts
The Breach That Started With a Single Unpatched System In February 2024, UnitedHealth Group's subsidiary Change Healthcare suffered a ransomware attack that disrupted healthcare payment processing across the United States for weeks. The attackers gained access through a Citrix remote access portal that lacked multi-factor authentication. One system.
In February 2024, a misconfigured system at Change Healthcare led to one of the most devastating ransomware attacks in U.S. healthcare history. The ALPHV/BlackCat group exploited a Citrix remote access portal that lacked multi-factor authentication — a basic security for system control that should have been in place years
In March 2022, Okta confirmed that the Lapsus$ threat actor group had compromised a support engineer's laptop and accessed internal systems for five days before detection. Five days. That's an eternity when an attacker has a foothold inside your environment. The breach highlighted a brutal truth:
