Tech News
Back to home
Technology

How weak passwords and other failings led to catastrophic breach of Ascension

Source

Ars Technica

Published

TL;DR

AI Generated

A US senator has urged the Federal Trade Commission to investigate Microsoft for cybersecurity negligence in the Ascension ransomware breach, which affected 140 hospitals and exposed 5.6 million patient records. The breach began with malware on a contractor's laptop, leading attackers to Ascension's Windows Active Directory, a critical network asset. The senator criticized Microsoft for supporting an outdated authentication protocol that allowed attackers to exploit vulnerabilities. The breach highlights the importance of strong security measures to prevent such catastrophic incidents.

Read Full Article

Similar Articles

How a cavalcade of blunders gave unauthorized users access to Claude Mythos — restricted model accessed by third parties, thanks to knowledge from data breach

How a cavalcade of blunders gave unauthorized users access to Claude Mythos — restricted model accessed by third parties, thanks to knowledge from data breach

Unauthorized users gained access to Anthropic's cybersecurity AI model, Claude Mythos, through a breach that exposed proprietary AI models. Despite Mythos' capabilities in finding vulnerabilities, it couldn't prevent unauthorized access through a third-party contractor. The breach stemmed from a hack at Mercor, which led to a chain of breaches involving third-party tools. This incident underscores the importance of cybersecurity and the vulnerability posed by the human element in digital security. As AI tools like Mythos become more prevalent, the need for robust security measures is increasingly crucial to prevent unauthorized access and data breaches.

Tom's Hardware
Teen suspected of holding $1.8 million in bitcoin from hacking Vegas casinos is out on bail — alleged perp could be tried as an adult, face possible prison time

Teen suspected of holding $1.8 million in bitcoin from hacking Vegas casinos is out on bail — alleged perp could be tried as an adult, face possible prison time

A 17-year-old suspected of involvement in a cyberattack on Las Vegas casinos has been released on bail, with prosecutors claiming he still holds $1.8 million in cryptocurrency from the hack. The attack, attributed to the group Scattered Spider, caused over $100 million in damages and received a $15 million ransom. The suspect surrendered to police in Nevada and may face trial as an adult for charges including extortion and conspiracy. Despite being released to his parents, the teen faces restrictions on his movements and internet usage.

Tom's Hardware
$115 million ransomware hacker arrested over extortion attacks — Scattered Spider alumnus allegedly involved in over 120 computer network intrusions targeting 47 U.S. entities

$115 million ransomware hacker arrested over extortion attacks — Scattered Spider alumnus allegedly involved in over 120 computer network intrusions targeting 47 U.S. entities

A 19-year-old UK hacker, allegedly part of the "Scattered Spider" group, has been arrested for extorting over $115 million from nearly 50 U.S. victims through ransomware attacks and data theft. Thalha Jubair is accused of 120 network intrusions targeting 47 U.S. entities, using social engineering to access corporate networks. Law enforcement agencies from multiple countries are involved in the investigation. Jubair is also accused of controlling ransom payments through cryptocurrency wallets. Another hacker, Owen Flowers, was arrested in London for involvement in a Transport for London hack and faces charges in the U.S. as well.

Tom's Hardware
Two UK teens charged in connection to Scattered Spider ransomware attacks

Two UK teens charged in connection to Scattered Spider ransomware attacks

UK teenager Thalha Jubair has been charged by federal prosecutors for his involvement in the Scattered Spider ransomware attacks on 47 US companies, resulting in over $115 million in ransom payments. The group demanded hefty ransoms from victims after breaching their networks and threatened to publish or sell confidential data. Another UK teen, Owen Flowers, was also charged in connection with a cyberattack on Transport for London. The recovery effort for the agency's public transit system lasted months due to the breach.

Ars Technica

We use cookies

We use cookies to ensure you get the best experience on our website. For more information on how we use cookies, please see our cookie policy.