To address these concerns, Rep. Gallego requested responses to the following:
- Please provide a detailed timeline of the breach, including when it was first discovered internally, the initial investigation into its scope and source, notification to authorities, and notification to senior leadership at Optum and UnitedHealth.
- What evidence was provided to the SEC or to the Cybersecurity and Infrastructure Security Agency (CISA) in the 24 hours after the incident became known to justify UnitedHealth’s description of a cyber-attack originating from a nation-state associated actor?
- Was anybody at UnitedHealth, Optum, or Change Healthcare aware of the reported vulnerability from ConnectWise regarding ScreenConnect, and, if so, was this vulnerability communicated to anybody in senior leadership at Optum or UnitedHealth?
- Were any actions taken to implement the security fix published by ConnectWise between Monday, February 19th and Wednesday, February 21st?
- How many pharmacy locations in Arizona have been impacted by the Change Healthcare system shutdown?
- How many patients have been forced to either forgo having a prescription filled or have paid out-of-pocket for medications when picking up a prescription?
- What is the current timeline for restoring prescription processing services to pharmacies?
- Was any patient data or Personally Identifiable information accessed during the breach, and, if so, have patients been notified?