CyberWire Daily

UnitedHealth breach numbers confirmed.

Oct 25, 2024

A massive data breach at UnitedHealth affects over 100 million patients, raising serious privacy concerns. Amazon clashes with APT29 over cybersecurity issues. Vulnerabilities in the AWS Cloud Development Kit could lead to account takeovers. The podcast features insights from Itzik Alvas on the risks of non-human identities, crucial for enhancing organizational security. Finally, Muni Metro is ditching floppy disks for safety improvements. Buckle up for a deep dive into modern cybersecurity challenges!

26:42

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

UnitedHealth's data breach affecting over 100 million individuals underscores the urgent need for enhanced patient privacy and stronger cybersecurity measures.

The discussion on non-human identities highlights the crucial importance of managing programmatic access keys to reduce organizational vulnerabilities and improve cybersecurity.

Deep dives

UnitedHealth Breach and Its Implications

UnitedHealth recently confirmed that a healthcare data breach affected over 100 million individuals, revealing sensitive information such as health insurance details and medical records. This security incident, linked to the Black Cat ransomware group, highlighted vulnerabilities in remote access protocols and the lack of multi-factor authentication. The company ended up paying a ransom of $22 million, although the attackers later escalated the situation, leading to an estimated total cost of around $2.4 billion. Additionally, a breach at One Point Patient Care impacted nearly 800,000 individuals, emphasizing ongoing challenges in protecting patient privacy within the healthcare industry.

Intro

6min

Geopolitical Influences and Cybersecurity in Open Source and Energy

2min

Comprehensive Cybersecurity Resources for Awareness Month

3min

Addressing Security Risks of Non-Human Identities in Organizations

3min

Cybersecurity Challenges and Modernization

8min

UnitedHealth confirms breach numbers. Patient privacy pains. Amazon vs. APT29. CDK vulnerability threatens user security. Fog and Akira take aim at SonicWall. Level up or log off. LinkedIn in hot water. Open source, closed doors. Watt's the risk? Today, we are joined by Itzik Alvas, Entro Security’s CEO and Co-Founder, discussing their research team's work on non-human identities and secrets management. And Muni Metro hits Ctrl+Alt+Delete on floppy disks!

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today, we are joined by Itzik Alvas, Entro Security’s CEO and Co-Founder, discussing their research team's work on non-human identities and secrets management. You can learn more here.

Selected Reading

UnitedHealth: 100 Million Individuals Affected by the Change Healthcare Data Breach (Heimdal)

OnePoint Patient Care data breach impacted 795916 individuals (Security Affairs)

Amazon identified internet domains abused by APT29 (AWS Security Blog)

RDP configuration files as a means of obtaining remote access to a computer or "Rogue RDP" (CERT-UA#11690) (CERT-UA)

AWS Cloud Development Kit flaw exposed accounts to full takeover (The Register)

Arctic Wolf Labs Observes Increased Fog and Akira Ransomware Activity Linked to SonicWall SSL VPN (Arctic Wolf)

Lazarus Group Exploits Chrome 0-Day for Crypto with Fake NFT Game (Hackread)

LinkedIn hit with $335 million fine for using member data for ad targeting without consent (The Record)

Linux creator approves de-listing of several kernel maintainers associated with Russia (The Record)

U.S. CISA adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog (Security Affairs)

Cybersecurity Isn't Easy When You're Trying to Be Green (Dark Reading)

Goodbye, floppies - San Francisco pays Hitachi $212 million to remove 5.25-inch disks from its light rail service (TechSpot)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

CyberWire Daily

UnitedHealth breach numbers confirmed.

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

UnitedHealth Breach and Its Implications

Ransomware Threats and Vulnerabilities

Managing Non-Human Identities in Cybersecurity

CyberWire Guest

Selected Reading

Share your feedback.

Want to hear your company in the show?

Remember Everything You Learn from Podcasts