AT&T has disclosed a significant data breach impacting the call and text records of nearly all its customers, affecting around 110 million people. The breach, which occurred between April 14 and 25, 2024, involved attackers exploiting Snowflake cloud accounts to steal massive amounts of metadata, including who contacted whom, call durations, and cell site identification numbers. Although the breach didn't include the content of calls or texts, the stolen data still poses significant privacy risks and could facilitate phishing attacks. The US Cybersecurity and Infrastructure Security Agency has issued an alert, and while law enforcement has made some progress, including apprehending at least one person, the stolen data is already being advertised on cybercrime marketplaces.

The Sweeping Danger of the AT&T Phone Records Breach wired

The Trust Exchange Framework and Common Agreement (TEFCA) July 2024 update highlighted ten key changes aimed at enhancing health data interoperability in the U.S. The updates focus on expanding participation criteria, improving data security measures, and streamlining data exchange processes. The enhancements are designed to facilitate more efficient and secure sharing of health information among providers, payers, and patients, ultimately aiming to improve healthcare outcomes and operational efficiency across the health system. The changes also emphasize compliance requirements and introduce new technological standards to support these goals.

10 Hot Takes From TEFCA's July 2024 Update - b.well publication

The article by Dr. Bertalan Mesko outlines five key reasons why artificial intelligence (AI) will not replace physicians despite its growing presence in healthcare. It emphasizes that the doctor-patient relationship relies on empathy and trust, which AI cannot replicate. While AI will automate many routine tasks and support professionals in areas such as diagnostics and resource optimization, complex problem-solving in medicine requires human creativity and expertise. Additionally, sophisticated digital technologies necessitate the competence of qualified medical professionals. The article concludes that collaboration between AI and humans, not replacement, is the most effective path forward for enhancing healthcare.

5 Reasons Why AI Won’t Replace Doctors & Physicians The Medical Futurist

A red team exercise by the US Cybersecurity and Infrastructure Security Agency (CISA) at an unnamed federal agency exposed significant security weaknesses that went unnoticed for five months. The exercise, simulating a nation-state cyber threat, began with the exploitation of an unpatched vulnerability (CVE-2022-21587) in the agency's Oracle Solaris enclave, leading to a comprehensive system breach. Despite early notification, the agency delayed patching the flaw for over two weeks, during which the exploit became publicly available. Further compromises were achieved through phishing and weak password attacks, with the red team gaining extensive access to privileged systems. The assessment highlighted inadequate detection capabilities, ineffective log management, and over-reliance on known indicators of compromise (IoCs). The exercise underscored the need for defense-in-depth strategies and stricter adherence to security patching deadlines.

CISA broke into US federal agency, wasn't spotted for months The Register