Technology

Hospital cyberattacks threaten patient safety

Published

4 days ago

March 20, 2026

Hospital cyberattacks threaten patient safety

NEWYou can now listen to Fox News articles!

If you watched a recent episode of “The Pitt” on Max, a streaming medical drama about life inside a high-pressure emergency department, you saw how quickly a hospital can spiral during a cyberattack. It made for gripping television. But in Mississippi, it was not a script. It was real life.

After a ransomware attack hit the University of Mississippi Medical Center, clinics across the state closed. Elective procedures were canceled. Phone systems and emails went down. Emergency care continued, but access to electronic medical records was disrupted.

When a hospital’s systems fail, the impact goes far beyond IT. It affects real people waiting for care. That is why hospital cyberattacks are no longer just a tech problem. They are a public safety issue.

Sign up for my FREE CyberGuy Report

Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

FIGURE DATA BREACH EXPOSES NEARLY 1M ACCOUNTS

A ransomware attack can lock hospital systems in seconds, disrupting access to critical medical records and patient care. (iStock)

Why hospitals have become prime targets

Hospitals cannot afford downtime. When systems fail, patient care is immediately affected, and the pressure to restore operations is intense. Ricardo Amper, founder and CEO of Incode Technologies, a digital identity verification and biometric authentication company, explains the reality.

“Hospitals are in a uniquely difficult position. If systems go down, patient care is immediately affected. That creates real pressure to restore operations fast, which is why ransomware groups often target healthcare.” He points to another major factor driving hospital cyberattacks. “Hospitals hold some of the most sensitive data that exists, including medical records, identity information and insurance details. That combination of urgency and high-value data makes them very attractive targets.”

Healthcare systems also rely on vendors and service providers. One weak link can open the door. “In healthcare, you’re only as secure as the entire ecosystem around you,” Amper said.

How AI-powered impersonation is changing the game

Many people imagine hackers breaking through firewalls. That still happens. But today, attackers often target people instead of systems. “What we’re seeing more and more is that attacks aren’t always about breaking into systems, they’re about tricking people,” Amper said.

Artificial intelligence (AI) has made impersonation easier and scalable. Criminals can clone voices, generate convincing emails or create deepfake videos that appear to come from a trusted doctor, vendor or IT administrator. “AI doesn’t replace social engineering, it supercharges it.”

In practical terms, that might mean an employee receives what looks like a legitimate request to reset a password or approve a login. One click can open the door. “An employee is tricked into giving up credentials or approving a fraudulent authentication request. The attacker logs in as a legitimate user, and from there, they move quietly through internal systems,” Amper explained. Because the activity appears to come from a real employee, it may go undetected until significant damage is done.

5 MYTHS ABOUT IDENTITY THEFT THAT PUT YOUR DATA AT RISK

Healthcare workers operate in high pressure environments, which makes social engineering and impersonation attacks more effective. (Paul Bersebach/MediaNews Group/Orange County Register/Getty Images)

Why hospitals are especially vulnerable to cyberattacks

Inside a hospital, speed matters. Decisions happen quickly, and staff move from one urgent task to the next. That constant pressure creates opportunities for attackers who rely on deception. “Healthcare professionals are focused on patients, not cybersecurity. They work in high-pressure environments where speed matters. That urgency can make it easier for attackers to exploit trust or distraction,” Amper said.

Many hospitals also operate with legacy systems layered over time. Security was often added after the fact rather than built in from the start. That complexity increases risk. He also challenges how leaders think about the problem. “One misconception is thinking of cybersecurity as just an IT problem,” Amper said.

Today’s hospitals depend on digital systems for intake, diagnostics and billing. When those systems fail, care delivery suffers. “Cybersecurity today is fundamentally about operational resilience. It’s about keeping the hospital running safely and continuously.”

What happens to your data after a breach

When a hospital is breached, the exposed data often goes beyond a credit card number. “Breaches can expose medical histories, Social Security numbers, insurance information, billing details and contact data,” Amper said.

That combination is powerful. Criminals can use it for identity fraud, insurance fraud and highly targeted scams. Unlike a credit card, a medical identity cannot simply be replaced. “Stolen medical data can’t simply be canceled and replaced. That makes it especially valuable and long-lasting in criminal markets.”

The impact may not show up right away. “The impact isn’t always immediate; it can surface months or even years later.”

When hospital networks are breached, sensitive medical histories, identity details and insurance data can be exposed for years. (iStock)

How hospitals can strengthen defenses

Identity now sits at the center of cybersecurity. “Identity has become the front line of cybersecurity. If an attacker can successfully impersonate a trusted user, many traditional defenses can be bypassed,” Amper said. Stronger identity verification, layered authentication and systems that can detect impersonation or deepfakes are becoming essential. The more certain a hospital is about who is accessing its systems, the harder it becomes for attackers to move quietly.

How to check if your information is on the dark web

After a hospital breach, many patients worry about whether their data has been sold or shared. One simple step is checking whether your email address appears in known data breaches. You can visit haveibeenpwned.com and enter your email address into the search bar. The site will show whether your information has appeared in past breaches tied to that email. If your email appears in a breach, take action immediately. Change passwords for affected accounts and make sure each account uses a unique password.

What patients should do after a hospital breach

If you receive a breach notification letter, do not panic. But do act. Amper offers clear guidance. “First, stay calm but take it seriously. Read the notice carefully and enroll in any credit or identity monitoring services offered.”

Then take practical steps right away:

Review insurance statements for unfamiliar claims
Check medical records for incorrect diagnoses or procedures
Monitor your credit reports
Consider placing a free credit freeze with the major credit bureaus if your Social Security number was exposed
Enable two-factor authentication (2FA) on email, financial and healthcare accounts wherever it is available
Be cautious of emails or calls referencing the breach
Reducing the amount of personal information available on data broker sites with a data removal service can also limit how easily scammers craft convincing follow-up attacks using your real details. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

“If something feels off, contact the hospital directly using official contact information. Don’t rely on links or numbers provided in unexpected messages.” He adds one final reminder. “Take your medical identity as seriously as your financial identity. Monitor your records, question anything unfamiliar and stay alert.”

Protect your accounts from long-term damage

Even if everything appears normal right now, take steps to secure your accounts. Credential leaks often surface weeks or months later.

Consider identity theft protection. Identity monitoring services can alert you if criminals try to open accounts in your name or misuse your personal information. See my tips and best picks on Best Identity Theft Protection at Cyberguy.com
Stop reusing passwords immediately. If attackers gain access to one working login, they often test it across dozens of websites automatically.
Change reused passwords first, starting with email, financial and cloud accounts. Each account should have its own unique password.
Consider using a password manager to generate and store strong passwords securely. You can also use breach scanning tools that alert you if your email address or passwords appear in future leaks. Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.
Install strong antivirus software on your devices to help detect malware, phishing links and credential-stealing threats that could target you after a breach. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com.

Taking these steps now can prevent a hospital breach from turning into long-term identity damage later.

Kurt’s key takeaways

When hospital cyberattacks disrupt care, the consequences ripple across entire communities. Appointments get canceled. Surgeries are delayed. Families worry. This is not only about stolen records. It is about trust in the healthcare system. Technology has transformed medicine. It has also created new risks. The challenge now is building resilience into every layer of care. Because the next cyberattack will not feel like a TV episode. It will feel personal.

And that raises an uncomfortable question. If your local hospital went offline tomorrow, would you trust that your medical identity and your care are truly protected? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Related Topics:cybercrime Featured Hackers Security

Click to comment

Technology

The US government just banned consumer routers made outside the US

Published

7 hours ago

March 24, 2026

Press Room

The US government just banned consumer routers made outside the US

In December, the Federal Communications Commission banned all future drones made in foreign countries from being imported into the United States, unless or until their maker gets an exemption. Now, the FCC has done the exact same for consumer networking gear, citing “an unacceptable risk to the national security of the United States and to the safety and security of U.S. persons.”

If you already have a Wi-Fi or wired router, you can keep on using it — and companies that have already gotten FCC radio authorization for a specific foreign-made product can continue to import that product.

But since the vast majority — if not all — consumer routers are manufactured outside the United States, the vast majority of future consumer routers are now banned. By adding all foreign-made consumer routers to its Covered List, the FCC is saying it will no longer authorize their radios, which de facto bans new devices from import into the country.

Now, router makers need to A) secure a “conditional approval” that lets them keep getting new products cleared for US entry while they work to convince the government that they’ll open up manufacturing in the US, or B) make the decision to skip selling future products in the US, like dronemaker DJI already did.

Like with the foreign drone ban, the FCC has a National Security Determination that it says justifies these actions, one which claims that “Allowing routers produced abroad to dominate the U.S. market creates unacceptable economic, national security, and cybersecurity risks,” and that “routers produced abroad were directly implicated in the Volt, Flax, and Salt Typhoon cyberattacks which targeted critical American communications, energy, transportation, and water infrastructure.”

“Given the criticality of routers to the successful functioning of our nation’s economy and defense, the United States can no longer depend on foreign nations for router manufacturing,” reads another passage.

It is true that a great many router vulnerabilities have surfaced over the years, which make them a popular target for hackers and botnets. It is also true that one China-founded company, TP-Link, is dominant in the US consumer market; US authorities had previously considered a specific TP-Link ban due to that dominance and national security concerns. (TP-Link has been attempting to distance itself from China, splitting off from the Chinese entity in 2022, establishing a global headquarters in California in 2024, and suing Netgear in 2025 for suggesting that TP-Link had been infiltrated by the Chinese government.)

It is not clear how simply moving production of routers domestically would make them safer. In the Volt Typhoon hack, Chinese state-sponsored hackers primarily targeted Cisco and Netgear routers, routers designed by US companies, according to the Department of Justice. They were vulnerable because those US companies had stopped providing security updates to the specific targeted routers, which had been discontinued by those companies.

While the FCC’s Covered List makes it sound like the US is banning all “routers produced in a foreign country,” it’s defined a bit more narrowly than that. It’s specifically banning “consumer-grade routers” as defined in NIST Internal Report 8425A, which refers to ones “intended for residential use and can be installed by the customer.”

“Virtually all routers are made outside the United States, including those produced by U.S.-based companies like TP-Link, which manufactures its products in Vietnam,” reads part of a statement from TP-Link via third-party spokesperson Ricca Silverio. “It appears that the entire router industry will be impacted by the FCC’s announcement concerning new devices not previously authorized by the FCC.”

Update, March 23rd: Clarified how TP-Link has distanced itself from China, and added company statement.

Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.

Sean Hollister

Technology

ATM jackpotting attacks surge across the US

Published

8 hours ago

March 24, 2026

Press Room

ATM jackpotting attacks surge across the US

NEWYou can now listen to Fox News articles!

You swipe your card and enter your PIN. You grab your cash and head out the door. It feels routine and secure. Most of us never give it a second thought. However, some ATMs are quietly being turned into cash machines for criminals.

The Federal Bureau of Investigation recently issued a cybersecurity alert about a rise in malware attacks targeting ATMs. These incidents are known as jackpotting attacks. In simple terms, hackers force machines to spit out money on command.

The numbers are growing. Since 2020, nearly 1,900 attacks have been reported. More than a third occurred just last year. In 2025 alone, losses have already exceeded $20 million. So what is really happening inside these machines, and why is the threat accelerating now?

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

HOW DEBIT CARD FRAUD CAN HAPPEN WITHOUT USING THE CARD

The FBI warns of rising ATM “jackpotting” attacks, where hackers force machines to dispense cash using malware. (TIM SLOAN/AFP via Getty Images)

How ATM jackpotting attacks work

This is not a Hollywood hacking scene. In many cases, attackers use generic keys to open the ATM’s maintenance cabinet. Once inside, they remove the storage drive. Then they load malware onto it or swap it with a compromised one.

After rebooting the machine, the malicious software takes control. One of the most widely used tools is a malware strain called Ploutus. It targets software known as XFS, which ATMs use to communicate with bank networks and authorize transactions.

Instead of asking the bank for permission, the malware overrides that process. It sends its own commands to the machine. The result? The ATM dispenses cash without a card, without an account and without a legitimate transaction. That is jackpotting.

Why are so many ATMs vulnerable?

Here is the uncomfortable truth. Many ATMs run on aging versions of Windows. Some machines have even displayed Windows 7 login screens. That operating system was released in 2009 and officially discontinued years ago.

Outdated software creates opportunity. If attackers find a vulnerability in the Windows operating system, they can exploit it across different ATM brands and financial networks. The FBI says these attacks are not tied to one specific bank or ATM manufacturer. Instead, they target common weaknesses shared across systems.

That makes the problem much bigger. And with hundreds of thousands of ATMs deployed across the U.S., upgrading and securing every machine will take time.

FEDS CHARGE 87 INDIVIDUALS IN MASSIVE ATM ‘JACKPOTTING’ OPERATION LINKED TO TREN DE ARAGUA GANG

Nearly 1,900 ATM jackpotting attacks have been reported since 2020, with losses topping $20 million in 2025 alone. (Robert Alexander/Getty Images)

What banks are being told to do

The FBI has outlined several defensive steps for financial institutions:

Monitor ATMs for unauthorized files and suspicious executables
Disable USB ports to prevent malware loading
Replace generic locks with keypad systems
Add secondary alarms and enhanced physical security

These are practical fixes. But rolling them out nationwide is a slow process. Meanwhile, attackers continue to look for weak targets.

Why this still matters to you

You might be thinking this sounds like a bank problem, not a personal one. Technically, consumers are not the direct victims in these cases. Unlike Bitcoin ATM scams that have cost individuals hundreds of millions, jackpotting attacks hit financial institutions. However, there is a ripple effect.

When banks lose money, insurance companies pay claims. Eventually, those costs show up somewhere. Higher fees. Increased service charges. Stricter policies. In the end, everyday customers absorb the impact. Cybercrime rarely stays contained.

HOW TO SAFELY VIEW YOUR BANK AND RETIREMENT ACCOUNTS ONLINE

Cybercriminals are exploiting outdated ATM software to override bank controls and trigger unauthorized cash withdrawals. (Justin Sullivan/Getty Images)

How to protect yourself when using ATMs

While ATM jackpotting attacks primarily target banks, you can still take smart steps to protect yourself when using cash machines.

1) Use ATMs in well-lit, secure locations

Choose machines inside bank branches or in busy areas with foot traffic. These locations are more likely to be monitored and maintained.

2) Avoid late-night or isolated ATMs

Criminals need physical access to tamper with machines. High traffic areas during regular business hours reduce that risk.

3) Watch for unusual ATM behavior

If a machine suddenly reboots, freezes or behaves strangely, stop immediately. Do not insert your card. Report the issue to the bank right away.

4) Look for signs of tampering

Check for loose panels, exposed wiring or unusual attachments near the card slot or keypad. If something looks off, use a different machine.

5) Cover the keypad when entering your PIN

Shield your PIN with your hand as you type. This protects you from hidden cameras and shoulder surfers who may try to capture your code.

6) Set up real-time transaction alerts

Enable text or app notifications for withdrawals and account activity. Instant alerts help you act quickly if anything unexpected appears.

7) Check your bank statements regularly

Even though jackpotting bypasses customer accounts, fraud tactics evolve. Review your transactions often so you can catch unauthorized charges early.

8) Consider identity theft monitoring

Identity theft protection services can provide alerts about unusual financial activity across your accounts. Think of it as an added layer of awareness rather than a fix for ATM malware. See my tips and best picks on Best Identity Theft Protection at Cyberguy.com.

9) Use contactless or in-app ATM withdrawals

Many banks offer cardless access through secure mobile apps. This reduces exposure to skimming devices and physical tampering.

10) Keep your banking app updated

Install updates promptly to ensure you have the latest security patches and protections.

Staying alert lowers your risk and reinforces good habits, even when attackers are targeting financial institutions rather than individual customers.

Kurt’s key takeaways

ATM jackpotting attacks reveal something important. Even familiar machines can hide modern vulnerabilities. Most of us rarely think about the software running inside a cash dispenser. Yet those systems rely on the same operating foundations as home and office computers. When they fall behind on updates, criminals notice. The FBI alert is not a reason to panic. It is a reminder that digital security touches nearly every part of daily life, even the simple act of withdrawing cash.

How much trust do you place in the technology you use every day without ever seeing how it works? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Technology

Two of my favorite color e-book readers are the cheapest they’ve been in months

Published

19 hours ago

March 23, 2026

Press Room

Two of my favorite color e-book readers are the cheapest they’ve been in months

Color isn’t essential in an e-reader, but let’s be honest, it’s a nice perk that can bring digital books, magazines, comics, cookbooks, and other publications to life. The catch is that color ebook readers tend to be substantially pricier, which makes today’s deals stand out. Right now, the Kindle Colorsoft (16GB) and Kobo Libra Colour are matching their lowest prices to date, with the Amazon e-reader going for $169.99 ($80 off) at Amazon and Best Buy, and the Libra Colour going for $199.99 ($30 off) via Rakuten’s online storefront.

At their core, both are excellent e-readers with 7-inch, 300ppi E Ink displays, which drop to 150ppi when viewing color. The Colorsoft’s display is slightly more vibrant in most instances, but the difference isn’t dramatic. Each also offers IPX8 water resistance, so you don’t need to worry about spills and can comfortably read in the bath or by the pool.

Which one makes more sense for you largely depends on where you buy your books, how much storage you need, and whether you like to take notes. The Colorsoft is great if you’re heavily embedded in Amazon’s ecosystem, as buying and accessing Kindle books is intuitive and doesn’t require any sideloading. As the more affordable option in Amazon’s lineup, the standard Colorsoft delivers a nearly identical reading experience to the Signature Edition, and it supports Amazon’s “Send to Alexa Plus” feature, which lets you send notes or documents to Amazon’s AI-powered assistant for summaries, to-do lists, reminders, and more. The downside is that it lacks wireless charging and an auto-adjusting front light — which are standard on the step-up model — and comes with 16GB of storage instead of 32GB.

That said, if I didn’t already own so many Kindle books, the Libra Colour would be my pick. It offers double the storage at 32GB and includes intuitive physical page-turn buttons. You can also write notes while reading, given that it offers stylus support, and it includes built-in notebook templates, as well as the ability to convert handwriting to typed text. It also supports EPUB and a wider range of file formats, and lets you save articles for offline reading with Instapaper. And it also offers adjustable warm lighting, which makes reading at night a little easier on the eyes.