Cyber security experts Bryan Hornung, Randy Bryan, Reginald Andre, and Ryan O'Hara discuss a recent cyber attack on NextGen, a healthcare software giant that produces electronic health records and practice management systems for hundreds of large hospitals and clinics in the US, UK, India, and Canada. The company has responded to the attack, stating that they have immediately contained the threat, secured their network, and returned to normal operations. They are conducting a forensic review and have not uncovered evidence of access to or exfiltration of client data. The podcast hosts discuss the lack of information about the attack and speculate about the potential impact on Next Gen's customers.
The cybersecurity experts then discuss a recent cyber attack on T-Mobile that exposed the personal information of 37 million customers. The company has reassured that the hack did not include the most sensitive information that would put customer accounts and finances at risk. However, the group discussing the article expressed concern about T-Mobile's frequent cybersecurity breaches and the need for consumers to assume their data is already out there and take steps to protect it, such as freezing and locking their credit reports.
As a result, T-Mobile customers and the potential for phishing scams and MFA attacks. They also discussed a large-scale credential stuffing attack on PayPal accounts, where hackers used a dictionary of email addresses and passwords to gain access to accounts. The group noted that while PayPal quickly detected the unusual activity and did not report any financial losses, they advised users to change their passwords and enable MFA. They also discussed that many people are not taking the necessary steps to protect their personal information and identity.
The cyber security podcast crew then discussed concerns about the security of the TSA's no-fly list and the ease with which it can be accessed by hackers on unsecured regional airline computers. The speakers express concern about the lack of authentication and security measures in place to protect the list, and worry about the potential for hacking and misuse of the information. They also mention that ransomware payments have gone down but are still at record levels over the last few years. The show concludes with a reminder that there are always new attack vectors to be aware of.