Originally published by Oasis Security.UnitedHealth Group confirmed that in February, the BlackCat/ALPHV ransomware group breached Change Healthcare by exploiting compromised credentials for a Citrix remote access portal that lacked multi-factor authentication (MFA)."On February 12, criminals used compromised credentials to remotely access a Change Healthcare Citrix portal, an application used to enable remote access to desktops. The portal did not have multi-factor authentication. Once the t...