UnitedHealth confirms that Change Healthcare’s network was breached by the BlackCat ransomware gang, who used stolen credentials to log into the company’s Citrix remote access service, which did not have multi-factor authentication enabled. […]
from https://www.bleepingcomputer.com/news/security/change-healthcare-hacked-using-stolen-citrix-account-with-no-mfa/