This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

 Hey everyone. I'm Drex, and this is the two minute drill where I cover three hot security stories twice a week. All part of the 2 29 Project. Cyber and Risk community here at this week. Health, you can join the community. I'll keep you posted on the latest webinars and podcasts and all the other inside info, and I'll keep you looped as we barnstorm the country on our 2 29 Project City tour dinners and summits and something new coming, uh, a little bit later this year.

It's easy to stay in the know. Just go to this week, health.com/subscribe and sign up for all the latest insights, including all our security and risk updates. Of course, it's good to see everyone today hear some stuff you might wanna know about. Scattered Spider has traditionally taken an approach of hacking just one industry at a time.

They build some specialization on an industry's security weaknesses, and then they go clean their clock. This is the group that's responsible for cyber attacks on Caesar's Entertainment and MGM Resorts. A couple years ago, most recently, they focused on US and European retailers. Well, now Scattered Spider is targeting insurance companies.

Several of them in the past couple of weeks. According to Google threat, Intel Group, uh, victims include Erie Insurance, Philadelphia Insurance Companies, and Aflac. I know I can't say Aflac without hearing that duck too. My best tip, scattered Spider loves to social engineer victims by convincing help desks and IT support teams through password resets and re-registering devices.

All through, again, social engineering. And with recent advances in ai, it's getting easier and easier for them to create DeepFakes that look and sound a lot like people at your health system. So take some time. And go review all of those processes with your team. A week is a very long time. Last Tuesday, I told you to keep an eye out for possible attacks from Iran as the Israeli Iran conflict just started to ramp up.

Well, in the past week, US forces have bombed targets in Iran and yesterday. Iran struck US military targets in Qatar as a response, and who knows what will have transpired in the hours between the time I record this and the time it's posted. So let me double down on this. Even though Iran has shut down their connection to the internet to prevent hackers from getting to them, you should expect that attacks will come on us.

Critical infrastructure that means us, it's probably imminent. And now you are on the front lines, so keep your eyes open and let me know how I can help. Back in May, I talked about a series of dark web leaks of 184 million compromised credentials, and that seemed like bad news. Well, 1.6 billion login credentials, including passwords have now been exposed.

Cyber researchers are pretty sure these aren't all new, but they're likely a centralized collection of 30 or more data sets, and that came from a lot of breaches over the past few years. Just so you know, these credentials are sold in the dark web for not a lot of cash, and the new leak appears to include at least some new data so you know what to do.

Strong passwords, two factor authentication, limit user access to just the things that they're supposed to have access to and nothing more. Um. Don't reuse passwords across sites or other applications. And for your personal stuff, take a look at pass keys. There's an article from Forbes on this week, health.com/news that gives you more details about how to make those transitions to pass keys, and I will add some of those details to Thursday's two minute drill extra, the podcast for people who'd rather read their cyber podcasts.

If you can stay up to date on all the latest healthcare, innovation, tech and security news at our news site this week, health.com/news. That's it for today's two minute drill. Thanks for being here. Stay a little paranoid and I'll see you around campus.