This Week Health

Don't forget to subscribe!

First, learn about third-party risk management as Drex discusses the recent data breach involving Presbyterian Healthcare Services and a law firm with access to sensitive patient data. Next, explore how lapses in multi-factor authentication led to Snowflake platform hacks—and the arrest of a suspect linked to these breaches. Finally, discover the emerging threat of “Advanced Persistent Teenagers,” where young, skilled hackers are creating challenges for organizations worldwide with social engineering and AI-powered attacks.

Remember, Stay a Little Paranoid 

Subscribe: This Week Health

Twitter: This Week Health

LinkedIn: Week Health

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

Transcript

 This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

Hey everyone, I'm Drex and this is the Two Minute Drill, where I do three quick stories twice a week, all part of one great community, the 229 Cyber and Risk Community here at This Week Health. Today's Two Minute Drill is brought to you by ORDR, the Asset Inventory and Intelligence Company. Did you know that you can know everything about everything on your network?

back to third party risk and:

There's a new story about Presbyterian Healthcare Services in Albuquerque reporting a breach, and the third party involved is a law firm who had access to info like social security numbers and dates of birth and health insurance information. The firm, Thomas Coburn, LLP, provides legal counsel to health systems on government billing and repayment, and at this point we don't know how many patients had data exposed, so.

Something new to chat about with your general counsel this week. You may recall me talking about this back in June. The company Snowflake, a software as a service analytics company who hosts several customers on their platform, including healthcare organizations. Well, over the summer, several of those customers were hacked.

And the customers who were hacked were using the Snowflake platform without multi factor authentication. At that time, MFA was off by default and customers had to choose to turn it on and that made it relatively easy for a bad guy to just grab a username and password and speed right into the customer's databases.

Well, Canadian authorities have arrested an individual suspected of being involved in that series of hacks and when the bad guys are caught, I love to talk about it. Oh, and by the way, in October, Snowflake turned MFA on as a default setting for all their customers. There's another story you should read.

It's about bored teenagers and the threat they now pose to organizations around the world from a cybersecurity perspective. The story borrows the security acronym APT, Advanced Persistent Threat, and they repurpose it to reflect the new concern, advanced persistent teenagers. These are skilled, highly financially motivated cyber thugs like Lapsus and Scattered Spider and others who've proven their skills over and over again.

Bored young people looking for excitement, finding their own community on the wrong side of this problem. And they're really great at social engineering and voice phishing and using AI tools. There's more on all these stories and a bunch of others at thisweekhealth. com slash news. Today's two minute drill was brought to you by ORDR.

Do you really know who all your devices are talking to? You can bring some ORDR to your enterprise. Find out more at ORDR. net slash healthcare. That's O R D R dot net slash healthcare. That's it for today's two minute drill. Thanks for being here. Stay a little paranoid and I'll see you around campus.

2 Minute Drill is Sponsored By

Our Shows

Related Content

1 2 3 303
Healthcare Transformation Powered by Community

© Copyright 2024 Health Lyrics All rights reserved