Reports suggest T-Mobil suffered a breach affecting nearly all their U.S. based customers. Upwards of 100 million customer records could soon be for sale on the dark web. In other cybersecurity news, a recent study highlights the ongoing vulnerabilities of U.S. hospitals.
Memorial Health Systems in the Eastern U.S. took action to take their network offline over the weekend to minimize the spread of a ransomware attack. Unfortunately, many critical operations for the hospital network were cancelled or postponed and officials are still working to verify if any information was stolen during the attack. It is believed that the Hive ransomware group is responsible, though official verification will only come if they add Memorial Health Systems data to their leak site.
Upwards of 100 million customer records are claimed to have been stolen from T-Mobile servers, with roughly a supposed 30 million social security numbers alongside other highly sensitive data already posted for sale on a dark web forum. The available records are currently listed for 6 Bitcoins, or roughly $270,000, while the rest are supposedly already being sold privately. T-Mobile is currently in the process of investigating the claims.
The Brazilian National Treasury scrambled to reduce the impact of a ransomware attack last Friday. The critical piece of infrastructure is the second Brazilian national institution attacked in the last year. Less than a year ago, the Brazilian Superior Electoral Court fell victim to a similar type of incident that took nearly a fortnight to resume normal operations.
Reports this week reveal the Singapore branch of Tokio Marine Holdings fell victim to a ransomware attack, which was fortunately stopped before any customer information could be extracted. Officials for Tokio Marine confirmed that no additional companies under their ownership were affected by this attack, and are working with local authorities to properly disclose any other findings.
Nearly half of all hospitals and medical facilities in the U.S. fell victim to some form of cyberattack with the past year, forcing many of those to take critical systems offline, according to a recently released study. Even though the cost of recovery for these attacks typically range from $200,000-500,000 per facility, a large majority remain unprotected from vulnerabilities like Wannacry and NotPetya. Though there are patches to protect against them, they aren’t installed on networks of more than 60% of study responders.