When a cyberattack on Change Healthcare paralyzed much of the US health-care system, some lawmakers saw it as proof its parent company, UnitedHealth Group Inc., was too big.
UnitedHealth Chief Executive Andrew Witty saw it differently. He has said that the company’s size kept the hack, which crippled a network that handled $2 trillion in health claims a year, from being more harmful. It was “important for the country that we own Change Healthcare,” Witty said earlier this month.
Witty is expected to appear at House and Senate hearings on Wednesday. He is likely to be asked whether UnitedHealth, which runs the largest US health insurer, employs thousands of physicians, and manages prescription benefits for millions of Americans, has concentrated too much risk under one roof.
UnitedHealth, which has a market value of $451 billion, has estimated that the Feb. 21 attack could reduce its profit by as much as $1.6 billion this year, making it one of the costliest hacks ever. Merck & Co. said a 2017 cyberattack that was blamed on Russia cost the drugmaker $1.4 billion. The price tag for large disruptive breaches is more often in the tens of millions of dollars.
A company spokesman said in an email that UnitedHealth believes the hack “will likely be the largest