Yazılar

FBI Investigating Cyberattack at Oracle Involving Patient Data Theft

/in /tarafından

The FBI is currently investigating a cyberattack at Oracle that resulted in the theft of patient data, according to a Bloomberg News report. The attack, which occurred after January 22, compromised Oracle’s servers, where hackers copied patient data to an external location. The breach is believed to have been an attempt to extort multiple medical providers in the United States.

Oracle, which acquired Cerner Corp. in 2022 for $28 billion, notified its healthcare customers about the breach earlier this month. However, it remains unclear how many patient records were affected and which healthcare providers were targeted. The breach involved older Cerner servers, where data had not yet been transferred to Oracle’s cloud storage.

While the FBI has declined to comment, Oracle confirmed it became aware of the breach on February 20. Oracle has not yet responded to further inquiries. The company’s involvement in healthcare IT through its Cerner acquisition has likely increased its exposure to cybersecurity risks in the healthcare sector.

Ukraine’s State Railway Partially Restores Online Services After Cyberattack

/in /tarafından

Ukraine’s state railway operator, Ukrzaliznytsia, has partially restored its online services following a large-scale cyberattack that disrupted both passenger and freight transport systems. The attack, first reported on Sunday, caused a major IT failure, forcing passengers to buy tickets on-site or onboard trains.

Restoration Efforts Underway

Ukrzaliznytsia announced via Telegram that online ticket sales have resumed in a backup format, allowing passengers to purchase and refund tickets. However, the system is currently under heavy load, leading to potential temporary technical issues. The company urged passengers to only use the service for urgent travel needs.

Impact and Response

Despite ongoing technical challenges, the first 12,000 tickets have already been purchased since services were restored. Ukrzaliznytsia continues to work on fully stabilizing its digital infrastructure in the wake of the cyberattack.

Australia Regulator Sues FIIG Securities for Cybersecurity Failures

/in /tarafından

The Australian Securities and Investments Commission (ASIC) announced on Thursday that it is suing FIIG Securities, a fixed-income broker, accusing the company of failing to implement proper cybersecurity measures over a four-year period. These alleged failures allowed a hacker to infiltrate FIIG’s IT network, resulting in the theft of approximately 385 gigabytes of confidential data.

The breach, which occurred between May 19 and June 8, 2023, affected 18,000 clients, who were notified that their personal information may have been compromised. Some of the stolen client data was later found on the dark web.

ASIC’s lawsuit claims that from March 2019 to June 2023, FIIG failed to take necessary steps to ensure the security of its digital infrastructure. The regulator stated that the company lacked adequate cyber risk management systems, which directly contributed to the attack.

“Advancing digital safety and resilience is a strategic priority for ASIC, and we have been actively engaging with companies to support the continuous improvement of cyber and operational resilience practices,” said ASIC Chair Joe Longo.

During the period when the cybersecurity issues occurred, JPMorgan held assets for FIIG and its clients, ranging in value from A$2.89 billion ($1.83 billion) to A$3.7 billion. However, JPMorgan declined to comment on the matter when contacted by Reuters, and FIIG did not respond to requests for comment.

According to ASIC, the deficiencies alleged include FIIG’s failure to adequately update and patch its software, as well as its insufficient resources to protect against and prevent cyberattacks.