Hey everyone, I'm Drex, and this is the Two Minute Drill, where we do at least three stories, at least two times a week, all part of one great community, the 229 Cyber and RISC community, here at This Week Health. I try to make these clips mostly plain English and mostly non technical, so it's easy to share across your entire organization.

And ORDR is the exclusive sponsor of the Two Minute Drill. ORDR is Healthcare's connected asset visibility and security company. ORDR is a great way to find and eliminate blind spots, Find out more at ThisWeekHealth. com slash ORDR. That's O R D R, ThisWeekHealth. com slash ORDR. Thanks for joining me today.

Here's some stuff you might want to know about. The U. S. Department of Health and Human Services announced that hospitals and health systems can require UnitedHealth Group, the owner of Change Healthcare, to notify their patients if their data was stolen in the Change Healthcare cyber attack. There was concern that the dual notification of patients about the breach, one from Change and one from their local healthcare organization, would be confusing to patients and at another cost, the hospitals who've already taken a significant financial hit because of the breach.

There's more about this on the Office of Civil Rights webpage. Make sure your organization is coordinating with change to confirm that the notification process is working as intended. On the last two minute drill, I mentioned that Ticketmaster was involved in a breach that exposed data from more than 500 million customers.

Well, news happens, and then it changes fast because over the past couple of days, the breach was blamed on the company Snowflake, a cloud data warehouse company. But when you dig in a little more, while the bad guys who claim to have the data say they gained access through a Snowflake employee's account, Snowflake is saying it's not them to blame.

But it's the poorly secured customer account, not a direct compromise of Snowflake's own systems. The bottom line here is that if you're a Snowflake customer and a lot of healthcare organizations are, it's probably worth a call and a little research to make sure that you're properly configured and that you have multi factor authentication turned on for everyone.

And while you're at it, delete those old accounts and make sure permissions and privileges are properly assigned to the accounts you do have running. And honestly, that's not just for Snowflake. That goes for everything in your environment. Those fundamental steps will go a long way in cutting the cyber thugs off at the pass.

Remember, stolen logon credentials are used, depending on the report you read, in 70 to 90 percent of modern attacks. The bad guys are, for the most part, not hacking in. They're logging in. And finally, a quick update on the Ascension cyber event. The health system's reporting that they have EHR capabilities restored in three markets, Florida, Austin, and Alabama, and they continue to make progress on their pharmacy programs.

However, remediation of other systems is still going to take some time. Remember the cyber event and then the associated outages started back on May 7th. By the way, all the stories I talked about today are available at ThisWeekHealth. com. It's a great way to start your day and catch up on the latest news.

Thanks again to our partner, ORDR, the exclusive sponsor of the Two Minute Drill. Did you know that ORDR integrates with more than 180 security, network, infrastructure, and clinical solutions? It's true. Drop me a note, I'll tell you more. And that's it for today's Two Minute Drill. Thanks for listening, stay a little paranoid, and I'll see you around campus.