General Electric is investigating claims that a threat actor breached the company's development environment in a cyberattack and leaked allegedly stolen data.
General Electric (GE) is an American multinational company with divisions in power, renewable energy, and aerospace industries.
Earlier this month, a threat actor named IntelBroker attempted to sell access to General Electric's "development and software pipelines" for $500 on a hacking forum.
After not selling said alleged access, the threat actor posted again that they are now selling both the network access and allegedly stolen data.
"I previously listed the access to General Electrics, however, no serious buyers have actually responded to me or followed up. I am now selling the entire thing here separately, including access (SSH, SVN etc)," the threat actor posted to a hacking forum.
"Data includes a lot of DARPA-related military information, files, SQL files, documents etc."
Ardent Health Services, a healthcare provider operating 30 hospitals across six U.S. states, disclosed today that its systems were hit by a ransomware attack on Thursday.
After the incident, it had to take its entire network offline, notify law enforcement, and hire external experts to investigate the attack's extent and impact.
"Ardent Health Services and its affiliated entities ("Ardent") became aware of an information technology cybersecurity incident on the morning of November 23, 2023, which has since been determined to be a ransomware attack," the organization said on Monday.
"As a result, Ardent proactively took its network offline, suspending all user access to its information technology applications, including corporate servers, Epic software, internet and clinical programs."
Impacted hospitals are currently diverting all patients requiring emergency care to other hospitals in their area. However, they can still provide medical screening and stabilizing care to patients arriving at their emergency rooms.
"Each Ardent hospital continues to evaluate its ability to safely care for critically ill patients in its Emergency Room as we work to bring hospital systems back online. This is rapidly changing, and the status of each hospital will be updated as the situation improves," Ardent added.
Patient care services are still active in Ardent's clinics, though certain non-urgent elective surgeries have been temporarily halted as the organization is working to restore encrypted systems.
There have been 209 publicly reported ransomware attacks on US health care organizations in 2023, up from 162 attacks in 2022, Allan Liska, a ransomware expert at cybersecurity firm Recorded Future, told CNN on Friday.
CNN — A network of hospitals in East Texas has not been able to accept ambulances to emergency rooms sinc Thanksgiving Day because of a “potential[cyber]security incident,” a hospital spokesperson told CNN on Friday.The hospital network, UT Health East Texas, is operating using “established downtime procedures” as the hospital investigates “a potential security incident” and works to bring computers back online, spokesperson Allison Pollan said in an email.
Pollan did not respond to subsequent phone calls seeking more information on the incident and how the hospitals were responding. She declined to answer further questions over email.
Headquartered in Tyler, Texas, UT Health East Texas operates 10 hospitals and more than 90 clinics in the region, and provides health care to thousands of patients annually, according to its LinkedIn page.
The East Texas health care system is just the latest hospital group that has been forced to turn ambulances away because of an apparent cybersecurity incident. The last nine months alone have seen cyberattacks divert ambulances from hospitals in Connecticut, Florida, Idaho and Pennsylvania.
The cyber incident at UT Health East Texas began on Thursday when the hospital network “became aware of a network outage” and moved to lock down its network, according to the hospital network’s statement to CNN.
The hospital network originally said Thursday that it expected computer networks to be “restored in the next 24-36 hours,” but it’s unclear if that will happen.
Officials at the Department of Health and Human Services, and US Cybersecurity and Infrastructure Security Agency (CISA) — two federal agencies charged with helping hospitals defend themselves from hackers — did not immediately respond to requests for comment. The FBI, which also responds to hacks of hospitals, did not immediately have a comment.
Federal officials and critical infrastructure operators such as hospitals and power plants are particularly wary of the threat of ransomware and other cyberattacks over long holiday weekends when many Americans have the day off — and cybersecurity teams may be stretched.
With more than 1.8 billion active accounts, Gmail is not only one of the most used services online but one of the most targeted by hackers. It’s not hard to understand why, as Gmail soaks up around half of all email client usage by U.S. market share. Compromise a Gmail account and a threat actor, whether their motive is criminal profit or surveillance-driven, can expect to harvest plenty of information to help their cause: everything from password reset notifications to details of online transactions.
Check for Gmail account activity
Check For Changes To Gmail Forwarding
Take The Google Account Security Check-Up
Follow the link below for a step-by-step of each of these steps.