I just have to LOL at this.
8 replies (most recent on top)
https://www.scmagazine.com/news/exclusive-cyberattack-on-change-healthcare-was-an-exploit-of-the-connectwise-flaw
I've also been seeing Optum claiming it's a "nation state." Yea... the "nation state" of India...
I had heard it was a simple email click by a new upper-management employee. I would love to blame Wipro, though. Maybe the upper management phishing story is misdirection.
TheConnectWise issue was communicated almost at the same time this occurred. Suspiciously close.
Wipro was attacked in 2019, through a vulnerability in the ConnectWise ScreenConnect software they used for remote desktop access to their clients. Just last week, a max-critical CVE-2024-1709 authentication bypass in ScreenConnect was published, primed for delivering ransomware. I cannot help but wonder if Wipro is still using that software, given one of their past employees still works for ConnectWise (Jitendra Pathak, Senior Vice President, Service Delivery), and they were once again exploited, with the downstream effect being a hit on Change Healthcare.
Over a hundred hours of downtime now.
Let’s offshore every thing, they said. It’ll be great, they said. What could possibly go wrong, they said? LOL.