Particle.news
Download on the App Store
12 ARTICLES
·
3h ago

Wyden Asks FTC to Probe Microsoft Over Ascension Ransomware and RC4 Defaults

Claiming RC4 defaults exposed hospitals, Wyden requests an FTC investigation.

Image
Image
A view shows the Microsoft logo on the day of the Hannover Messe, in Hanover, Germany, March 31, 2025. REUTERS/Fabian Bimmer
Image

Overview

  • In a Sept. 10 letter, Sen. Ron Wyden accused Microsoft of gross cybersecurity negligence tied to default Windows and Active Directory settings he says enabled the 2024 Ascension breach.
  • Ascension told Wyden’s staff the attack began when a contractor clicked a malicious Bing result, leading to domain compromise, Kerberoasting, and ransomware pushed across thousands of systems.
  • The incident exposed data for roughly 5.5–5.6 million patients and disrupted hospital operations, including EHR access and some surgeries and ambulance routes.
  • The FTC confirmed receipt of Wyden’s request, while Microsoft said RC4 is discouraged, accounts for less than 0.1% of its traffic, and will be disabled by default in certain Active Directory deployments starting Q1 2026.
  • Wyden cites years of federal warnings about RC4 and Kerberoasting and faults Microsoft for slow mitigation and non‑enforced strong defaults, including password policies for privileged accounts.