UMMC's Ransomware Shutdown and PayPal's 6-Month Data Breach [Prime Cyber Insights]

[00:00] Aaron Cole: From Neural Newscast, this is Prime Cyber Insights, Intelligence for Defenders, Leaders, and Decision [00:05] Aaron Cole: Makers. [00:06] Chad Thompson: Critical infrastructure is in the crosshairs this Sunday, February 22, 2026. [00:12] Chad Thompson: We're tracking a massive ransomware shutdown at the University of Mississippi Medical Center [00:17] Chad Thompson: and a long-term breach at PayPal. [00:20] Chad Thompson: Joining us today is Chad Thompson, a director-level AI and security leader with a systems-level [00:26] Chad Thompson: perspective on automation and enterprise risk. [00:28] Chad Thompson: Chad, it's great to have you. [00:31] Chad Thompson: We have to start with the health care crisis in Mississippi. [00:34] Chad Thompson: Since Thursday, the University of Mississippi Medical Center has shuttered all 35 clinics. [00:39] Chad Thompson: We're talking about canceled chemotherapy and elective procedures because their epic electronic [00:45] Chad Thompson: health records and phone systems are completely down. [00:48] Chad Thompson: The FBI is surging resources, but staff are essentially working off paper right now. [00:53] Chad Thompson: At the same time, we're seeing PayPal confirm a breach where a hacker had access from July [00:59] Chad Thompson: to December of last year due to a code error in their working capital loan application. [01:04] Lauren Mitchell: Lauren, the PayPal incident is particularly concerning because of that six-month window. [01:10] Lauren Mitchell: While it only hit about 100 users, the exposure of social security numbers and business addresses for that long creates a massive tail of risk. [01:19] Lauren Mitchell: It's a reminder that even in highly regulated financial environments, small code changes can lead to persistent undetected access. [01:27] Lauren Mitchell: This connects directly to the supply chain pressure we're seeing with the ransomware attack on chip testing giant advent tests this week. [01:34] Chad Thompson: Right. AdBinTest is a linchpin in semiconductor manufacturing. [01:39] Chad Thompson: If their operations stall, the entire global chip supply fuels it. [01:44] Chad Thompson: But it's not all bad news on the tech front. [01:46] Chad Thompson: Cogen Security just pulled in $42 million in funding. [01:50] Chad Thompson: They're using AI to automate the prioritization of vulnerabilities. [01:54] Chad Thompson: Chad, with the volume of exploits we're seeing, how vital is that AI-driven automation for enterprise resilience? [02:00] Lauren Mitchell: It's essential. [02:02] Lauren Mitchell: Look at the Forescout data from 2025. [02:05] Lauren Mitchell: Over 500 ICS advisories with an average severity score of 8.07. [02:13] Lauren Mitchell: Humans can't keep up with that volume manually. [02:16] Lauren Mitchell: However, we're seeing the double-edged sword. [02:19] Lauren Mitchell: The UAE just reported foiling terrorist cyber attacks where the actors actually used AI to develop offensive tools. [02:29] Lauren Mitchell: We are moving toward an era where AI on AI defense is the only way to maintain operational stability. [02:36] Chad Thompson: That automation gap is glaring when you look at the Beyond Trust flaw CVE-2026 to 1731. [02:45] Chad Thompson: It has a CVSS of 9.9, and attackers were exploiting it within 24 hours of the proof-of-concept [02:53] Chad Thompson: hitting earlier this month. [02:55] Chad Thompson: We're also watching a critical stack-based buffer overflow in Grandstream GXP 1600 series phones. [03:04] Chad Thompson: Rapid7 says it allows silent, transparent interception of calls. [03:09] Chad Thompson: If you're an SMB using those phones, you need firmware 1.0.7.81 immediately. [03:17] Chad Thompson: The enforcement side is pushing back, though. [03:20] Chad Thompson: Interpol just announced a massive operation across Africa, netting 651 arrests and recovering over $4 million from romance scams and BEC schemes. [03:32] Chad Thompson: It's a significant blow to organized cybercrime networks. [03:36] Chad Thompson: Meanwhile, Lauren, Bumble is facing a class-action lawsuit over that shiny hunter's breach, alleging they didn't do enough to protect sensitive user data. [03:47] Lauren Mitchell: The Bumble case and the EU Parliament's decision to block AI features on corporate tablets highlight the growing tension between utility and privacy. [03:58] Lauren Mitchell: The Parliament is literally disabling these features because they can't guarantee data won't leak to external clouds. [04:05] Lauren Mitchell: This is why CISA is opening another comment period for CIR-CIA reporting rules. [04:13] Lauren Mitchell: They need the industry to help clarify how we report these incidents without it becoming a purely administrative burden. [04:22] Chad Thompson: Speed of reporting is going to be the theme of 2026. [04:25] Chad Thompson: From UMCC's paper and pen recovery to PayPal's six-month detection gap, the window for response [04:32] Chad Thompson: is shrinking. [04:33] Chad Thompson: Organizations that can't automate their defense are going to find themselves on the wrong [04:38] Chad Thompson: side of the next major breach. [04:39] Chad Thompson: Chad, thank you for your insights on the systemic risks we're facing. [04:44] Chad Thompson: For sure. [04:45] Chad Thompson: And for our listeners, check those grants stream firmwares and stay vigilant on those PayPal accounts. [04:51] Chad Thompson: We'll be here to track the fallout. [04:53] Chad Thompson: We'll see you next time, Lauren. [04:55] Chad Thompson: For more information, visit pci.neuralnewscast.com. [05:00] Chad Thompson: Neural Newscast is AI-assisted, human-reviewed. [05:05] Chad Thompson: View our AI transparency policy at neuralnewscast.com. [05:09] Aaron Cole: This has been Prime Cyber Insights on Neural Newscast. [05:13] Aaron Cole: Intelligence for defenders, leaders, and decision makers. [05:16] Aaron Cole: Neural Newscast uses artificial intelligence in content creation [05:20] Aaron Cole: with human editorial review prior to publication. [05:23] Aaron Cole: While we strive for factual, unbiased reporting, AI-assisted content may occasionally contain [05:29] Aaron Cole: errors. Verify critical information with trusted sources. Learn more at neuralnewscast.com.