A former FBI cybersecurity official has now called for the federal government to designate ransomware hackers—criminals who lock up computer systems and demand payment to restore them—as terrorists, escalating concerns about these attacks. The Medusa ransomware gang has claimed responsibility for recent attacks on the University of Mississippi Medical Center and a New Jersey county government, adding to the mounting list of targets.
The Medtronic breach has now been confirmed by a hacking group called ShinyHunters, who are threatening to leak the stolen data. Additionally, hackers have claimed to have stolen millions of records from ADT, the home security company. Missouri regulators have also taken action against Conduent, a benefits administration company, accusing them of refusing to cooperate with an investigation into their data breach.
Four separate cyberattacks hit sensitive organizations in recent weeks, affecting millions of everyday people. Schools lost student records, a medical device maker faced a confirmed hack, home security customers got caught in the crossfire, and Missouri regulators are now accusing a benefits company of stonewalling an investigation.
Here's what happened: Millions of students' personal information was stolen in a major education breach, according to Malwarebytes. Think of ransomware (a type of virus that locks your files until you pay money) like a burglar who breaks into your house, photographs everything, and then threatens to show the photos unless you pay him. That's essentially how these criminals operate—they steal your data, then demand cash.
Medtronic, which makes insulin pumps and pacemakers that keep people alive, confirmed hackers broke into their systems. The criminal group ShinyHunters is now threatening to leak patient information. ADT, the home security company millions of Americans use to protect their houses, also reported a breach affecting an unknown number of customers.
Meanwhile, Conduent—a company that handles government benefits—is under fire from Missouri regulators. The state says Conduent isn't cooperating with investigators trying to figure out what personal data got stolen.
Three practical steps to take today:
1. Use unique passwords for every important account (banks, email, school systems). A password manager app can store them safely.
2. Enable two-factor authentication (a second login step, usually a code texted to your phone) on email and financial accounts.
3. Watch your credit using free annual reports at annualcreditreport.com. Set fraud alerts if you notice suspicious activity.
The bottom line: These breaches remind us that your personal data is valuable to criminals. You can't prevent every hack, but protecting your passwords and monitoring your accounts costs nothing and stops most damage cold.