by James Cavenaugh | May 11, 2026 | Ransomware & Data Recovery
In February 2024, Change Healthcare, a subsidiary of UnitedHealth Group, got hit with ransomware that shut down a big chunk of the U.S. healthcare payment infrastructure for weeks. Pharmacies couldn’t process prescriptions. Medical practices couldn’t...
by James Cavenaugh | May 8, 2026 | Ransomware & Data Recovery
In July 2020, Garmin got hit with WastedLocker ransomware. Their website, their fitness apps, their pilot flight planning tools, their customer service, all of it was offline for about a week. Reuters covered the outage. Users couldn’t sync their watches. Pilots...
by James Cavenaugh | May 6, 2026 | Identity & Access Security
In October 2023, 23andMe disclosed in an SEC filing that attackers had gained access to about 6.9 million customer accounts. The word “breach” got used a lot in the coverage. It’s not really the right word. 23andMe themselves pushed back on it. They...
by James Cavenaugh | May 4, 2026 | Identity & Access Security
In September 2023, MGM Resorts and Caesars Entertainment both got owned by the same threat group inside of ten days. Caesars paid a ransom that reporting later put at around $15 million. MGM refused to pay, took their systems offline, and disclosed to the SEC that the...
by James Cavenaugh | May 1, 2026 | Email Security
Business email compromise at a law firm or CPA practice doesn’t always start with your firm. About half the time, from what the FBI’s IC3 reports show, the attacker compromises a vendor or a client first, and then uses that mailbox to defraud you. Which...