CISA Advisories

Cardiac Data Held Hostage & A Researcher Almost Hijacked the World Cup 🏥⚽

Two stories from today's threat landscape show just how wide the attack surface has become — from your cardiologist's office to the world's biggest sporting event.

🏥 Cardiac Patients' Medical Data Stolen and Held for Ransom

A cybercriminal contacted iRhythm — a company that makes heart monitoring devices worn by cardiac patients — on June 9th, claiming to have stolen a significant amount of sensitive data. That includes proprietary company information, patient health records, and personal details pulled from third-party business apps. The attacker then demanded payment to keep it quiet.

iRhythm says its core medical devices and clinical systems were not compromised, and it doesn't store payment card data. But here's the real concern: medical records are some of the most valuable data a criminal can hold. Unlike a stolen credit card you can cancel, your health history is permanent. This data can be used for years to run targeted phishing scams, commit insurance fraud, or steal medical identities — all of which disproportionately affect people who are already dealing with serious health issues.

If you or someone you know uses an iRhythm cardiac monitor, stay alert for suspicious communications claiming to be from healthcare providers or insurers.

Read more →

⚽ A Researcher Could Have Rickrolled the Entire FIFA World Cup

A security researcher discovered that simply registering as a FIFA player agent gave them access to FIFA's internal Microsoft systems — including live streaming controls for World Cup 2026 matches. With a basic "no roles" account, they could see RTMP stream keys and start/stop controls for every live match broadcast. They even verified live access using a media player before immediately alerting FIFA, CISA, and the FBI.

The implications are staggering: a single bad actor with this access could have interrupted, replaced, or manipulated the live broadcast feed for matches watched by hundreds of millions of people worldwide. It took a full night of escalation before the issue was patched — and FIFA never publicly acknowledged the researcher's report.

This is a perfect example of why "low privilege" accounts and third-party vendor access are such common attack vectors. Attackers don't need to break down the front door when a side entrance is left wide open.

Read more →

Stay ahead of threats with GOCO Security at gocosecurity.com

Comments

Popular Posts