Another major US hospital has suffered a cyberattack recently, and as a result, lost sensitive data on more than a million patients.
In an announcement published on its website, the Texas Tech University Health Sciences Center, and Texas Tech University Health Sciences Center El Paso (HSCs), confirmed suffering a “temporary disruption to some computer systems and applications.”
Subsequent investigation confirmed that the disruption was the result of a ransomware attack, in which “certain files and folders” were removed from the HSCs’ network. The attack allegedly happened on September 17, and was discovered more than a week later, on September 29.
Another hospital attackedIn the notice, it did not say how many people were affected, or who the attackers were, but in a separate filing with the U.S. Department of Health and Human Services Office for Civil Rights, it said the number was 1,465,000.
HSCs concluded that crooks stole sensitive data such as people’s names, date of birth, address, Social Security number, driver’s license number, government-issued identification number, financial account information, health insurance information and medical information, including medical records numbers, billing/claims data and diagnosis and treatment information.
The threat actor behind this attack is called Interlock, and appears to be a relatively new ransomware operation, which targets high-profile organizations and demands hundreds of thousands of dollars in ransom. The group recently added HSCs’ data to its leak website, where it showcased 2.1 million files, totaling 2.6 terabytes.
To combat the attack, HSCs are currently reviewing existing security policies and procedures, and are implementing additional safeguards to enhance system protection and monitoring, it was said in the announcement. Out of an abundance of caution, HSCs added, affected individuals are offered complimentary credit monitoring services, free of charge.
Via BleepingComputer
You might also likeIf you’ve been following the news from 12 Days of OpenAI, you’ll know that OpenAI has released ChatGPT search to the world as part of its Christmas-themed launch extravaganza.
This means that everybody with a ChatGPT account (you need to be logged in to use it) now gets access to ChatGPT search. OpenAI has also added ChatGPT search to Advanced Voice mode, and made it faster and better on mobile.
Previously, ChatGPT search was only available to ChatGPT Plus subscribers and people who had signed up to the waiting list. Now it’s available to everyone. All you need to do to use it is go to ChatGPT.com or open the ChatGPT app on your phone, tap or click on the little world icon in the ChatGPT prompt window and a blue 'Search' label appears, to indicate that whatever you type in next will become a web search, not a typical chatbot interaction.
Just what is an AI search engine anyway?An AI search engine differs from a conventional search engine, like Google, in a few key ways. First, you can use natural, conversational language instead of search terms. We’re all so conditioned to using Google these days that we default to a search term-based language when we use it, and not doing that can take a bit of getting used to.
So, for example, you could start off by asking “what are the best laptops around right now?”, in the same way you would in a conversation, and then when you get the results you can follow up with “I want one for gaming” and ChatGPT will know what you’re talking about, and give you some more results.
Second, there are no adverts. Some people enjoy sponsored content links in searches, since it quite often gives you a link to exactly what you’re looking for, but you won’t find any in ChatGPT search. It very much reminds me of the early, simpler days of Google.
Perplexity vs ChatGPTThe concept of an AI search engine isn’t that new, in fact there’s another contender in the field that has been doing it for longer than ChatGPT has, and that’s Perplexity. Perplexity is perhaps the original AI search engine. From the start it was designed to search the web and find results, then give you an accessible, and conversational answer.
Now we have two AI search engines going head to head, so it’s natural to want to compare them. I picked a range of subjects to ask both about, and I was quite shocked by the results.
I started with: “I love pizza, are there any good pizza restaurants near me?”
I was a bit surprised when both search engines initially recommended restaurants that were in my nearest city, rather than local to me; however, after I told them exactly where I lived I got better results – and very similar results – from both. In fact they recommended exactly the same restaurants. What really surprised me was the amount of detail I got from Perplexity – a lot more than I got with ChatGPT search.
ChatGPT search results: Uncluttered, plain and simple, but unexciting? (Image credit: OpenAI) Perplexity: Nicely organized results, lots of information, and colorful pictures! (Image credit: Perplexity)On web or mobile, ChatGPT’s search results appear as quite a boring text-based list. You get a simple description of each restaurant and a link to its website; that's it. In contrast Perplexity gives you a lot more information, and it's a lot more interesting to look, at since each result is broken down into subheadings – in this case Address, Highlights, Features and Rating. There are links to the websites, plus to the reviews online. You can choose to show all the sources in a list on the right-hand side of the page, where you also get a selection of images of the subject you're searching for.
It was the same when I tried other searches like, “Who will be the next James Bond?”, or “What laptop should I buy for Christmas?”. The ChatGPT search results were sparse and lacking in detail, while the Perplexity results had many more links to sources, and just felt more fleshed out and informed.
My overall recommendation? Perplexity is better. Both search engines produced similar results in terms of the sources found, but Perplexity presents the information in a better way, and with more detail that makes it easy to progress your search to the next thing you’re likely to be looking for, like a review.
Sorry, ChatGPT search – you’re good, but you’re still new to this game, and Perplexity has the edge right now.
You might also like...Last month, consumer body Which? revealed that many popular smart home devices, including air fryers, may be capturing unnecessary data and sharing it with third parties - facts that you could easily miss when choosing and setting up a new appliance. Now, consumer rights watchdogs in the US and the UK have outlined plans to force companies to be more transparent about what information they keep, and how it's used.
As Gizmodo explains, the Information Commissioner’s Office (ICO) in the UK is planning to issue new guidance to companies early next year specifically related to smart home tech and user privacy. According to the ICO, this "will outline clear expectations for what they need to do to comply with data protection laws and, in turn, protect people using smart products."
Meanwhile, in the US, the Consumer Financial Protection Bureau (CFPB) has proposed a new rule that would limit brokers' ability to sell personal information that might been acquired in data breaches. Under the proposed rule, these brokers would be treated like credit bureaus and background check companies, and held to the same standards.
How to keep yourself (and your data) safeThis is promising news, but how can you determine whether a smart home device is safe to use right now? Reading the privacy policy thoroughly is the obvious first step, but some can be prohibitively lengthy.
Home tech companion apps come with their own privacy policies too, but remember that just because a device has a companion app, or can be connected to Wi-Fi or Bluetooth, it's often not necessary to use its key functions. For example, my electric toothbrush has an app that awards you badges for brushing your teeth for two minutes twice a day, but it works perfectly fine without that. Similarly some of the best air fryers have an app that lets you adjust the temperature remotely and provides recipe ideas, but isn't mandatory for cooking your fries.
Your appliance may have Wi-Fi or Bluetooth connectivity, but you don't necessarily have to use it (Image credit: Getty Images)If your device does need to be online, The Mozilla Foundation's Privacy Not Included report is a good starting point. The foundation's researchers have pored over the privacy policies for dozens of products, including home security cameras, smart thermostats, and robot vacuum cleaners, to find out exactly how much data they gather, what their default privacy settings are, who your data may be shared with, and what could happen if the company suffers a data leak.
For example, the Garmin Index S2 smart scale collects a lot of personal information (gathering biometrics is its job, after all), but the company's privacy policy is transparent, neither shares nor sells your data, and has acted on previous advice from Mozilla to make it clearer that all users have the right to delete their data, regardless of where they live.
Ecobee (maker of one of the Ecobee SmartThermostat) also earned praise for its SmartCamera home security device, which sends encrypted video footage directly to your phone without being recorded. If you do choose to save any photos or clips, the company says they will be deleted from its servers automatically when you uninstall the app.
Make sure that any connected devices are set to receive automatic security updates so any vulnerabilities discovered are patched as soon as possible.
What's the worst that could happen?If your data isn't properly protected, the results can be devastating. Just last week, personal data from matchmaking site Senior Dating was discovered on data leak site Have I Been Pwned, exposing sensitive data relating to over 700,000 people, including photos, email addresses, and physical locations.
In October, a Brazilian driving school was found to have exposed the sensitive data of 400,000 people by leaving a database unsecured. Photos, full names, addresses, and government ID numbers were all left unsecured, putting people at serious risk of identity theft and harassment.
When we review a product here at TechRadar, we'll always let you know whether a mobile app is available, and what it actually does so you can make an informed choice about what data you're sharing.
You might also likeMicrosoft's CEO Satya Nadella has said the company wants to redefine what it means to be an Xbox fan as he doubles down on its multiplatform plan.
This comes from Microsoft's annual shareholder meeting last week, via GameFile, where Nadella and Microsoft’s vice president of investor relations, Brett Iverson, discussed the company's gaming strategy while also reflecting on its acquisition of Activision Blizzard.
When Iverson asked Nadella how he feels about the early return on that investment and current progress of Microsoft's gaming strategy, the CEO said he is "feeling, very, very good about where we are in gaming."
"In fact, right now, this is, like, the peak season in gaming, obviously with Black Ops and the new Call of Duty," said Nadella, referring to Black Ops 6' launch and day one release on Xbox Game Pass.
"It’s just been fantastic to see the launch and the marketing around it, the buzz around it and the love for gaming... If I think about it right, we chose the secular growth category in entertainment, which we think is gaming and said, ‘Let’s double down on it’."
The CEO pointed to the company's recent 'This is an Xbox' marketing campaign, which showcased the range of devices players can use to access Xbox games, explaining that it's a way Microsoft is "redefining what it means to be an Xbox fan: it’s about being able to enjoy Xbox on all your devices."
"And, more importantly, I think in [the] long-term, as a company, we can bring the best of the AI innovation, cloud innovation, console innovation, PC innovation to build the best games that can be enjoyed by gamers everywhere," Nadella added.
You might also like...You’d be forgiven for thinking that Microsoft Teams fully replaced Skype when it launched in 2017, but its video conferencing predecessor is still going strong, and has jumped on the subscription train.
In a major change for the platform, Microsoft has quietly removed two of its key premium features – Skype Credit and custom phone numbers.
Instead, Microsoft is pushing Skype customers towards subscriptions for calling plans, ending the flexibility that one-time credits previously offered and potentially proving more costly for irregular users.
Skype goes subscription-basedThe change was first noticed by a moderator on Microsoft’s Skype forums, who stated: “Skype has stopped purchase of Skype Credit for all users. The only option available now are monthly calling subscriptions.”
Microsoft later confirmed the changes in an email to TechCrunch, adding it, “continuously evaluate(s) product strategy based on customer usage and needs.”
Anybody with credit already applied to their account can continue to use it, so long as they use it once every six months to keep it active, however new purchases for credit are no longer possible.
Calling landlines and mobile numbers now requires a subscription, and Skype-to-Skype calls remain free and unaffected. However, users of Skype’s virtual phone numbers for international calls or outbound SMS messaging have been most affected, because Microsoft has not confirmed a direct replacement.
In the years following its $8.5 billion acquisition of Skype in 2011, Microsoft has slowly deprioritized the platform and largely replaced it with Teams. The company no longer shares its user base in earnings reports, however increased competition from the likes of Zoom and Cisco have put pressure on Skype in a post-pandemic world where video conferencing remains a staple of hybrid working.
In the meantime, Skype’s interface still suggests that users can buy credits, leading to failed payments. Microsoft acknowledged inconsistency in its messaging, and promised to update it accordingly.
You might also likeThe Christmas season is all about being with family and having fun. Yet, while classic board games get replaced by their online counterparts, your online privacy is increasingly at risk – not the best way to start the new year!
For instance, five of the most popular holiday-themed gaming apps are specifically Christmas-related. Worse still, free festive apps are especially data-hungry, reportedly sharing five times more data with third parties than their paid version.
These are some of the worrying findings from new research conducted by Surfshark, one of the best VPN providers on the market. Keep reading as I explain everything you need to know to stay safe.
Christmas online gaming: how much data collect?To determine the real price we pay to enjoy festive apps, the Surfshark team analyzed the 21 most popular mobile game applications on the UK App Store across the Board Games, Family Games, and Christmas lists.
These included games, but also countdowns (Santa Tracker, Christmas Countdown!), photo editing (ElfYourself), festive music (Christmas Radio+), and gift-shopping aids (Gifster).
The App Store provides a list of 35 unique data points categorized into 16 unique data point categories. The experts analyzed the data set according to the number, type, and handling of the data points collected by each app. Needless to say, the team found most of these apps to be pretty data-hungry.
Make sure to delete all the festive apps you've downloaded after the holidays are up
While the average number of unique data points collected by the most popular festive apps is seven, some gather as many as 13 out of 35.
The digital adaptation of the famous board game, Monopoli Go! tops the list of data-hungry apps with 13 unique data points collected. All of them are data linked to you, while 10 are actively used for online tracking. This means the app shares your details, including your location, with data brokers or other third parties to build your profile across different websites for targeted advertising.
The third most popular free board game app, Hexa Sort, shows a similar behavior, collecting 13 unique data points, 10 of which are tracked, including location and purchase history. Bubble Pop!, and ElfYourself are also among the most data-hungry apps.
As expected, free apps collect and share the most data, and experts found that Christmas freebies share five times more data with third parties than paid apps.
As Tomas Stamulis, Chief Security Officer at Surfshark, explains, mobile app developers are increasingly taking regulations and data protection requirements into account.
In the past, gaming apps often requested broad access to your data, while today's developers are more likely to focus on information that is truly necessary for the software to function properly.
Yet, Surfshark's research nonetheless shows how free applications consistently put your privacy at risk by sharing significantly more data with third parties compared to paid apps. This, according to Stamulis, highlights the importance of evaluating privacy implications.
He said: "A responsible approach to data protection might encourage users to opt for paid versions of apps, look for alternative apps, or consider whether the app can function without granting permissions that may not be truly necessary. If such options aren’t provided, it raises important questions about the intent behind the data collection."
Another crucial thing to keep in mind is the aftermath of the Christmas season. The likes of Christmas Countdown!, Santa Tracker, and Christmas Radio+ could track and share your location data with third parties, for example, even when you're not using the app anymore. As a rule of thumb, you should delete all the festive apps you've downloaded after the holidays are over.
While security software like virtual private network (VPN) and ad-blocker services can only boost your privacy a little – by, for instance, masking your real IP address location and protecting your device from malware – they cannot prevent the applications from tracking you. However, you could use a data removal service like Incogni afterward to ask data brokers to delete all the details they have on you.
As businesses embrace multi-cloud environments for their flexibility, scalability, and agility, they encounter new challenges in managing these complex systems. Gartner predicts that by 2028, cloud environments will become a “business necessity” and over 70% of enterprises have already embraced some form of hybrid or multi-cloud solution. The ability to distribute workloads across multiple platforms, the reduced exposure to vendor lock-in, and the potential gains in cost and performance are simply too good to pass up.
The challenge of operational silosDespite the benefits, multi-cloud environments can create operational silos among network (NetOps), security (SecOps), and cloud operations (CloudOps) teams. This fragmentation in managing critical services like DNS, DHCP, and IP address management (collectively known as DDI) exposes businesses to downtime, increased costs, and security risks caused by a lack of control and visibility across the network. The more businesses distribute their workloads, the greater the risk of silos emerging, making a strong case for unified, automated, 360-degree management of DDI (DNS, DHCP, and IP Address Management) services.
Without a unified approach to managing these network services, there is an increased risk of misconfigurations, undetected issues, and downtime. For example, if one team doesn’t have visibility into changes made by another team, the impact of those changes might not be noticed until it causes a disruption. Cost is also a factor: fragmented management often leads to inefficiencies, such as duplicated efforts or the use of multiple tools that don’t integrate well. These inefficiencies drive up operational costs as businesses spend more time and resources managing their network manually or purchasing additional solutions to bridge gaps. Silos can also weaken security: SecOps teams might not have full visibility into what the cloud or IoT networks teams are doing, leading to potential security blind spots. This fragmented view makes it harder to detect and respond to security threats across the network, leaving vulnerabilities unaddressed.
The fragmentation trapDeploying different DDI solutions across multiple cloud platforms leads to a disconnected ecosystem, with teams juggling disparate tools and workflows. The disjointed management creates bottlenecks, slows response times, and increases the risk of errors as teams often fall back on manual workarounds. When DNS solutions from different vendors are used across a hybrid or multi-cloud setup, achieving full visibility and control over the network becomes nearly impossible, because each platform typically has its own tools, interfaces, and configurations. As mentioned above, teams are then forced into workaround solutions that stifle productivity and heighten the risk of human error.
Especially manual or duplicated work can delay application deployment by weeks, affecting a company's ability to innovate and compete. Competitors with more agile processes capitalize on opportunities faster, while businesses stuck in manual workflows are left behind, facing higher operational costs and possibly damaged reputations. Consider a tech company that manually provisions critical network services for new applications. This process can take anywhere from a month to six weeks, significantly delaying product launches. We saw one customer, for instance, manage to reduce their provisioning time from six weeks to just 15 minutes by adopting the automation capabilities of our DDI solution, dramatically accelerating their time-to-market. However, the true cost of manual provisioning isn’t just about delays; it’s about lost sales and missed opportunities.
Unified DDI managementTo overcome the challenge of fragmentation and gain control and visibility over their network, organizations need a unified approach to managing DNS, DHCP, and IP Address Management across all of their cloud environments. Consolidating the management of these services into a single platform eliminates silos, enhances collaboration, and improves operational efficiency. A Universal DDI solution provides full visibility across multi-cloud environments, ensuring that all network assets, regardless of their location, are visible and manageable from a single interface, reducing the risk of oversight and enhancing operational efficiency. In addition, scalability and flexibility allows such solutions to scale seamlessly with the business’s growth and adapt to changing needs, ensuring it can handle increasing workloads and evolving technological landscapes. But it goes further than this: Automation and orchestration capabilities minimize manual intervention, reduces errors, and accelerates response times further.
Security and compliance are also critical considerations, particularly when it comes to multi-cloud environments. A unified DDI solution can offer full visibility across the entire network, allowing organizations to detect and respond to security threats more quickly, while also ensuring that all data handling and processes meet regulatory standards. Fragmented management of DNS, DHCP, and IPAM, as noted above, only increases the risk of non-compliance, particularly with regulations like GDPR or CCPA, where even minor oversights can lead to costly fines and reputational damage. A centralized approach not only reduces these risks but also bakes essential security measures – such as DNS protection – directly into critical network services management, enhancing an organization’s overall security posture.
It's time to rethink how critical network services and security are managed in the multi-cloud environment. By adopting universal management of DNS, DHCP, and IP Address Management, businesses can eliminate silos, improve efficiency, and avoid the fragmentation trap, allowing them to fully capitalize on the benefits of multi-cloud environments.
We've featured the best cloud storage.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro