Tag Archive for: Outage

AT&T says outage triggered by company work on network, not hack – Orange County Register

/in


By Jillian Deutsch, Todd Shields, Jake Bleiberg and Jennifer Jacobs | Bloomberg

AT&T Inc. said a widespread outage that took hours to resolve Thursday was caused by “an incorrect process” while expanding the wireless network.

The software issue interrupted wireless service for hundreds of thousands of subscribers and prompted the FBI and US Department of Homeland Security to investigate the outage.

“Based on our initial review, we believe that today’s outage was caused by the application and execution of an incorrect process used as we were expanding our network, not a cyber attack,” an AT&T spokesman said in a statement. “We are continuing our assessment of today’s outage to ensure we keep delivering the service that our customers deserve.”

AT&T said all wireless service was restored Thursday afternoon, capping a day of frustration that began in the early hours of the morning New York time. AT&T customers filed more than 1.5 million outage reports on service-tracking website Downdetector.

The federal government began investigating whether the network failure was caused by a cyberattack, according to two US officials familiar with the situation, who requested anonymity to discuss sensitive information.

The Federal Communications Commission also has been in touch with AT&T to try and ascertain the cause, White House spokesman John Kirby told reporters earlier. “DHS and the FBI are looking into this as well, working with the tech industry, these network providers, to see what we can do from a federal perspective to enhance their investigative efforts to figure out what happened here,” Kirby said.

Early Thursday, mobile-phone customers from multiple carriers started reporting problems, but it soon became clear that AT&T’s network was the culprit. Outages were reported from cities including New York, Houston, Atlanta, Miami, Chicago and Dallas. The service disruption upended communications with emergency responders, and officials took to social media urging AT&T customers to use landlines to call 911 for emergencies.

With about 87 million subscribers, AT&T is the third-largest US retail wireless carrier, behind Verizon Communications Inc. and T-Mobile US…

Source…

Lurie Children’s Hospital faces computer network outage amid nationwide cybersecurity alert

/in


Computer outage impacts Lurie Childrens Hospital

The Chicago areas largest childrens hospital is currently grappling with a computer network outage, coinciding with a nationwide alert regarding cyber attacks targeting hospitals.

CHICAGOThe Chicago area’s largest children’s hospital is currently grappling with a computer network outage, coinciding with a nationwide alert regarding cyber attacks targeting hospitals.

This is not the first time Lurie Children’s Hospital has faced data-related issues. Last year, the hospital experienced a leak of social security numbers, names, birthdays, and addresses.

Concerns arose on Wednesday morning when parents noticed online irregularities. A message on the hospital’s website indicates an ongoing network outage affecting the internet, emails, phone service, and access to MyChart, a platform crucial for patients containing important health information, the ability to schedule doctor’s visits, and details on upcoming procedures.

Sources informed FOX 32 that a memo was circulated, stating that phone, email, and online medical records were disabled as a precautionary measure.

While Lurie Children’s Hospital has not confirmed any hacking or compromise of their systems, an expert sheds light on potential scenarios.

“It could have been a ransomware attack, where you have a group of individuals who targeted an institution, shut down their system and said, ‘hey if you don’t pay me X amount, we’re not going to turn things back on.’ It could be foreign nationals, quite possibly the Chinese. I know that’s been floated recently in testimony this week before Congress. Their efforts to penetrate and be able to disable US infrastructure is becoming quite rampant,” said Ross Rice, former FBI agent.

Efforts to obtain clarification from Lurie Children’s Hospital about the situation have been made, but as of now, there has been no response.

An alert on the hospital’s website states that they are actively working to resolve the issue.

Source…

LoanDepot outage drags into second week after ransomware attack

/in


a silhouetted woman holds a smartphone with the LoanDepot logo displayed on the screen.

Image Credits: Rafael Henrique / SOPA Images / LightRocket / Getty Images

LoanDepot customers say they have been unable to make mortgage payments or access their online accounts following a suspected ransomware attack on the company last week.

The mortgage and loan giant said on January 8 that it was working to “restore normal business operations as quickly as possible” following a security incident that involved the “encryption of data,” a common hallmark of a ransomware attack.

Users on social media and forums discussing the incident say they have struggled to access their account information or submit payments. Some say they have been unable to close deals during the ongoing disruption at LoanDepot, while others had better luck on the phone with the company.

LoanDepot’s updating cyber incident page says several LoanDepot customer portals returned online as of Thursday, albeit with limited functionality.

When reached by email, LoanDepot spokesperson Jonathan Fine declined to comment, but did not dispute that the incident was linked to ransomware. Fine would not say if the company was aware of a ransom demand, or say if the company yet knows what kind of customer data was compromised.

LoanDepot has not yet updated regulators on the company’s recovery since its initial disclosure to the SEC on January 8.

According to its website, LoanDepot has millions of customers.

Read more on TechCrunch:



Source…

Russian hackers send emails with malware, taking advantage of national mobile operator Kyivstar’s outage

/in


Russian hackers are taking advantage of the outage at Kyivstar, one of Ukraine’s national mobile operators, to send out emails containing malware to Ukrainians using archive files named “Amount owed by subscriber”, “Request”, “Documents”, etc., the State Service of Special Communications has warned.

Source: State Service of Special Communications and Information Protection of Ukraine (SSSCIP) and the Government Computer Emergency Response Team (CERT-UA)

Quote from SSSCIP: “Hackers persist in exploiting issues that are bothering thousands of Ukrainians to spread malware. This time, experts from CERT-UA, the Governmental Computer Emergency Response Team of Ukraine, have uncovered a massive email campaign with the subject line ‘Amount owed under your Kyivstar contract’ and an attachment named ‘Amount owed by subscriber.zip’.

Ukrainians have received emails regarding ‘Amount owed under your Kyivstar contract’, which contained attachments in the form of an archive named ‘Amount owed by subscriber.zip’ with attached password-protected RAR archives.

Moreover, CERT-UA has detected the spreading of emails with the subject heading ‘Security Service of Ukraine (SSU) request” with an attachment named ‘Documents.zip’. It includes a password-protected RAR archive ‘Request.rar’ followed by an executable file, ‘Request.exe’. As in the previous case, opening the archive and running the file leads to exposure to a RemcosRAT remote access programme.”

Details: The mobile operator Kyivstar experienced a large-scale outage on the morning of 12 December.

The CERT-UA team detected a massive email distribution with the subject line “Amount owed under your Kyivstar contract” and the attachment “Amount owed by subscriber.zip” on 21 December.

The ZIP archive contains a two-part RAR-archive “Amount owed by subscriber.rar”, containing a password-protected archive bearing the same name. The latter includes a document with the macro “Customer debt.doc”.

Once activated, the macro code will download the file “GB.exe” to the computer and run it using the SMB protocol via the file explorer (explorer.exe).

On its part, this file is an SFX archive containing a BATCH script to download the executable file “wsuscr.exe” from…

Source…