DataBreachToday.com

Risk of Espionage and Disruption Key Risks, Lawmakers Warned
The British government is "extremely worried" about the Chinese and Russian cyber espionage and disruptive hacks, government officials told the UK Public Accounts Committee on Monday. The United Kingdom has faced a "substantial escalation in cyberthreats" in the last three years, lawmakers heard.

'Dark Storm Team" Takes Responsibility for 4 Major Outages on Monday
Repeated outages Monday on social media platform X - formerly Twitter - are the result of a distributed denial of service attack, asserted platform owner Elon Musk in a sporadically available tweet. The social media platform experienced four significant outages.

Mental Health Provider, Kansas Clinics Are Latest Victims of Cybercriminal Gang
A Kansas-based medical practice and a Rhode Island-based provider of mental health and addiction counseling and related services are the latest victims in a growing list of healthcare organizations reporting major data breaches by cybercriminal gang Rhysida.

Ousted Social Security Official Accuses DOGE of Bypassing Critical Data Protections
A former top official at the Social Security Administration has alleged that members of Elon Musk's controversial task force ignored critical security protocols to gain unauthorized access to sensitive data while disregarding established procedures designed to protect it.

GetVisibility's AI Mesh Integration Bolsters Data Classification, Risk Management
Forcepoint is buying Getvisibility to integrate its AI mesh technology, boosting data classification and risk assessment capabilities. The purchase fortifies Forcepoint’s cybersecurity solutions for highly regulated industries, with full integration expected by year-end pending regulatory approval.

Self-Described Hacktivists Appear to Remain Moscow Foreign Policy Extension
Russia's use of high-profile online nuisance attacks as a psychology ploy designed to amplify Moscow's geopolitical agenda continues. As Europe has rallied to support Ukraine, self-proclaimed Russian hacktivists have trumpeted their targeting of the U.K. and EU member states, instead of the U.S.

Biden-Era Cyber Aid Programs Are Still Available, but the Future Is Uncertain
Even though rural hospitals and other small healthcare providers don't have deep pockets, cybercriminals continue to target them with ransomware, often causing serious disruption and affecting large swaths of patients. What can be done to help them strengthen cybersecurity?

White House Order Centralizes Crypto Seized Through Civil, Criminal Forfeitures
The Trump administration pledged to not spend taxpayer dollars on cryptocurrencies deposited into a federal "Strategic Bitcoin Reserve" created by a Thursday evening executive order. The government has collected an estimated 200,000 digital coins through criminal and civil forfeiture.

MDR Leaderboard Remains Unchanged as Vendors Pursue Generative AI, Detection as Code
Behemoth CrowdStrike joined pure-play vendors Expel and Red Canary atop Forrester's ranking of MDR vendors. MDR providers historically focused on identifying and mitigating security threats in real time, but as competition intensified, they recognized the need to differentiate their offerings.

Also: the Recent Ransomware Surge, Crypto Reserve Controversy
In this week's update, four ISMG editors discussed the recent surge in ransomware attacks, implications of the U.S. military's pause on cyber operations against Russia and President Trump's bold but controversial plan to create a national cryptocurrency reserve.

Artificial intelligence-based tools are among the most promising advancing technologies for healthcare sector organizations to help to address cybersecurity resource shortages, said Chris Tyberg, CISO of medical device and consumer health product manufacturer Abbott.

The use of artificial intelligence is not only reshaping healthcare delivery in the sector but also healthcare cybersecurity within organizations, said Anahi Santiago, CISO of ChristianaCare, the largest healthcare delivery organization in the state of Delaware.

Russian cryptocurrency exchange Garantex, a money laundering destination for Russian and North Korean hackers, is no more after international law enforcement seized its servers. Prosecutors in the United States indicted the exchange's two principals in federal court.

No, But It Will Shift Their Focus to More Strategic and Creative Roles
Artificial intelligence is reshaping cybersecurity workflows, automating tasks and enhancing efficiency. But does that mean security professionals are at risk of being replaced? Not quite. AI is redefining roles, rather than eliminating them, to focus more on strategic thinking and problem-solving.

Legacy apps and medical devices continue to pose persistent and considerable risk to healthcare IT environments, and many organizations are still unaware of their prevalence in their settings, said Keith Fricke, partner and principal consultant at tw-Security, who discusses mitigation steps to take.

State privacy laws, such as Washington State's My Health My Data Act, could throw a curve ball in the use of certain consumer information for artificial intelligence and machine learning endeavors, said regulatory attorney Adam Greene of the law firm Davis Wright Tremaine.

Also: BianLian Ransomware Hackers Aren't Really Mailing You
This week, the U.S. sanctioned the Nemesis admin, Poco RAT spotted in Latin America, Apple challenged a British order to weaken encryption and the FBI warned against scam letters purportedly from BianLian. Also, a Nigerian tax scammer extradited to the U.S., a new botnet and a Webex vulnerability.