Change Healthcare, compromised by stolen credentials, did not have MFA turned on

Failing to turn on multifactor authentication, a common cybersecurity safeguard, “underscores pure negligence on the part of UnitedHealth,” one expert said.