This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

 Everyone i'm Drex and This is the two minute drill where I cover three hot security stories twice a week. All part of the 229 Project Cyber Risk Community here at this Week Health. Hey, you can join that community. I'll keep you posted on the latest webinars and podcasts and other insider info, and I'll keep you looped in as we barnstorm the country on our 2 29 project City tour dinners and our summits.

It's easy to stay in the know. Go to this week, help.com/subscribe and sign up for all the latest insights, including all of our security and risk updates. Good to see everyone today. Here's some stuff you might wanna know about Central Maine. Healthcare continues to work through a potential cyber attack.

After seeing unusual activity, the system shut down and secured systems and began an investigation. Coincidentally, maybe Covenant Health with a hospital. Also located in Lewiston, Maine, has been dealing with its own cyber incident. No evidence that these are linked, but it does kind of make me wonder.

Now those fields are decrypted. I'm not totally sure what to make of that. And remember that these cyber thugs do have their own big data analytics teams to cross match and repackage stolen data. So sometimes they combine sources. Maybe that's what's happened. The bottom line is if you're an at and t customer, your data's probably out there if it wasn't already.

The final story today, there's a really interesting story about the website login.gov. The you may use this, the, the website is an identity verification site that's used by lots of governmental agencies as a way citizens can log into multiple government websites with a single identity. The website itself says.

One account for secure private access to participating government agencies. Well, the US Government Accounting Office, the GAO is audited login.gov, and they say that the biggest existing problem with the site is that it doesn't really have any process to manage the state of its backups. Apparently login.gov does backup its data, but it's never really tested those backups.

So auditors can't really be sure if what's on the backups. Is what's needed to restore the services in the event of, you know, some kind of cyber attack. And then obviously if there's a problem, that might mean that everyone using login.gov would lose access to all the sites that use the tech to allow them to log in.

And I say all that just to ask, do you test your backups? And how extensively have you restored systems and applications to make sure they actually work? I. From the backup. All of them, some of them. It's a fun question for your next staff meeting. Maybe you can stay updated on the latest healthcare innovation, tech and security news at our news site this week, health.com/news.

That's it for today's two minute drill. Thanks for being here. Stay a little paranoid and I'll see you around campus.