A ransomware attack on one software vendor exposed 823,000 people's Social Security numbers and bank account data across 80 community banks — and those banks didn't find out for 74 days. That's just one of three stories on today's Security Squawk that show exactly how the vendor trust chain is failing businesses right now. Bryan, Randy, and Reginald break down: a brand-new extortion crew called UNC6783 that's been hitting "several dozen" high-value corporations — including an alleged Adobe breach of 13 million support tickets — by breaking into their outsourced call centers and help desks instead of the companies themselves. Then Microsoft's new research on the Medusa ransomware group (tracked as Storm-1175), which is exploiting zero-day vulnerabilities before patches even exist and can go from initial access to full ransomware deployment in under 24 hours. And finally, the full Marquis Software story: a fintech vendor breach that cascaded through 80 community banks, led to a ransom payment, and ended with Marquis suing their own firewall vendor SonicWall for gross negligence while defending 36+ consumer class action lawsuits. If you trust vendors with your customer data — and you do — this episode is about what happens when that trust gets broken.

Chinese state-linked hackers breached the FBI's own surveillance system — and they got in through a vendor. That's not a spy novel plot; that's a confirmed federal "major incident" declared at the highest severity level under FISMA, and it happened in 2024. That's just the opener. On this episode of Security Squawk, Bryan Hornung, Randy Bryan, and Reginald Andre cover three stories that show exactly what happens when third-party risk, healthcare IT gaps, and a single phone call aren't taken seriously enough. SALT TYPHOON HACKS THE FBI — China's Salt Typhoon threat group targeted a vendor ISP with access to the FBI's court-authorized wiretap surveillance system. The breach was classified as a FISMA "major incident," the federal government's highest severity designation. BROCKTON HOSPITAL CYBERATTACK — April 6, 2026: ambulances diverted, chemo cancelled, pharmacies closed, staff on paper records. The same hospital was breached in 2021. Average healthcare ransomware recovery: $2.5M, 19 days, 33% increase in patient mortality. HIMS & HERS VISHING ATTACK — 2.5 million subscribers. $2.35 billion in revenue. Gone through one phone call. ShinyHunters used a single vishing call to steal an Okta SSO credential and access Zendesk support tickets. CA AG notified. Class action filed. Support the show: buymeacoffee.com/securitysquawk

A ransomware attack walked in through one email, sat silent for two days, then destroyed every computer in an Indiana sheriff's office — and the FBI is still investigating. That's just one of three cybersecurity stories that every business owner needs to hear this week. On this episode of Security Squawk, Bryan Hornung, Randy Bryan, and Reginald Andre cover: CHUBB'S 2026 CYBER CLAIMS REPORT — The average cyber insurance claim for large businesses nearly DOUBLED in one year, jumping from $2.2 million to $4.4 million. That's a 586% increase since 2021. And with premiums projected to rise 15-20% in 2026, the cyber insurance market is about to get expensive — even for small and mid-size businesses. ALAMO HEIGHTS ISD CYBERATTACK — A San Antonio-area school district serving 5,400 students went completely offline. Wi-Fi down. Gmail down. Third-party forensic investigators brought in. 27 Texas school districts hit in two years — and $55 million in state grants existed to prevent this. Only one-third applied. JACKSON COUNTY SHERIFF'S OFFICE RANSOMWARE ATTACK — A dormant ransomware payload entered through a phishing email, waited 48 hours, then activated and spread across every connected system. "Anything that it touched, it corrupted so bad, it won't be able to be used again." The sex offender registry may be permanently lost. Support the show: buymeacoffee.com/securitysquawk