A ransomware group operator extracts a $22 million ransom from UnitedHealth Group. Image credit: Philippe Spitalier

Single ransomware attack has $2.45 billion impact -- with "direct response" costs hitting $776 million

One Citrix appliance with no MFA = $2 billion in damages.

A ransomware attack on Change Healthcare in February will cost its parent company up to $2.45 billion, CFO John F. Rex told investors on a call this week – significantly up from earlier estimates of a total $1.6 billion, amid continuing fallout from the incident and subsequent colossal data breach.

The incident saw attackers compromise a Citrix appliance (that entered the company’s network via an earlier acquisition) that did not have MFA set up, move laterally through the provider’s network, find and cripple its domain-joined backups, and then detonate ransomware nine days later.