UBS Faced an 'Incident' that Briefly Impacted Trading Business

Plus, National Cyber Director shares his vision for private-sector collaboration.

SPONSORED BY

Good morning! Here’s what’s up.

People

Cyrus Ansari has joined Dorsey & Whitney LLP as a partner in the Technology Commerce group in Seattle.

Clips ✂️

UBS faced brief incident that impacted trading business, source says

UBS Group's global technology systems have been ‌nearly restored on Tuesday after a brief incident that impacted some of its trading business, a person familiar with the matter told Reuters.

The bank has identified the cause and deployed a ⁠fix, the person said. UBS has not issued a statement on the incident, which was first reported by Bloomberg.

The incident comes as markets grapple with increased volatility due to the ongoing conflict in the Middle East and growing concerns regarding private credit.

Several other financial institutions have also recently faced incidents ‌impacting ⁠their services, leading to a wider scrutiny of robustness of banks' digital channels.

Lloyds Banking Group faced a glitch last week that allowed customers to see each other's transactions online, ⁠the latest in a series of technical problems as banks around the world embrace digital services.

by Reuters

Trump administration isn’t pushing companies to conduct cyber offense, national cyber director says

National Cyber Director Sean Cairncross said Tuesday that the Trump administration isn’t aspiring to enlist the private sector to conduct offensive cyber operations, but instead to help the government by keeping them abreast of the threats they’re facing.

The recently-released national cyber strategy talks about incentivizing companies to disrupt the networks of adversaries.

“I’m not talking about the private sector, industry or companies engaging in a cyber offensive campaign,” Cairncross said at an event hosted by Auburn University’s McCrary Institute. “What I’m talking about are the technical capabilities, the ability of our private sector to illuminate the battlefield from what they’re seeing, to inform and share information so that the USG [U.S. government] can respond to get ahead of things.”

by CyberScoop

Medusa ransomware gang claims attacks on prominent Mississippi hospital, New Jersey county

A prominent ransomware gang has taken credit for a devastating attack on the biggest hospital in Mississippi and a large county in New Jersey.

The Medusa ransomware operation, which experts believe is run out of Russia, said recently it was behind the cyberattack on the University of Mississippi Medical Center (UMMC).

UMMC is one of the most important healthcare organizations in the state — employing 10,000 people and housing Mississippi’s only children's hospital, only Level I trauma center, only Level IV neonatal intensive care unit and the state’s only organ transplant programs.

The entire organization went dark for nine days at the end of February, forcing nurses and doctors to operate sophisticated systems with analog tools. The cancer infusion center had to reschedule patients while other units had to find ways to manage supplies and treatment with paper and pen.

by The Record

Geisinger, Nuance Reach $5 Million Settlement After Data Breach

Victims of a data breach at Geisinger Health and its information technology vendor Nuance Communications Inc. will benefit from a $5 million settlement that received final approval from a federal court.

A former Nuance employee had improperly downloaded over 1.2 million patient records from the Pennsylvania-based health care provider Geisinger. Class members will be able to benefit from credit monitoring and either reimbursement for out of pocket losses up to $5,000, or an pro rata cash payment, according to settlement documents in the US District Court for the Middle District of Pennsylvania.

by Bloomberg News

FCA tightens cyber reporting rules as UK firms face rising risk

The City watchdog has moved to tighten cyber and operational resilience rules for financial firms, as attacks grow more frequent and increasingly spread through third-party providers.

The Financial Conduct Authority (FCA) confirmed new requirements to standardize how firms report incidents and manage third-party risks, in a bid to improve visibility over disruptions ranging from cyber attacks to cloud outages.

The changes are designed to give regulators faster, clearer data when incidents hit, as well as to help firms understand what they need to report, and when.

“Resilience is being tested like never before,” said Mark Francis, director of specialists and wholesale sell-side at the FCA. “These changes give firms clearer rules and practical guidance to better manage disruption.”

The overhaul follows a series of high-profile outages and a sharp rise in supply chain exposure.

by City AM

Europe sanctions Chinese and Iranian firms for cyberattacks

The Council of the European Union has sanctioned three Chinese and Iranian companies and two individuals for cyberattacks targeting devices and critical infrastructure.

One of the two sanctioned Chinese companies, identified as Integrity Technology Group, provided "technical and material support" between 2022 and 2023 that led to hacking more than 65,000 devices in six EU states.

The other Chinese company is Anxun Information Technology, which provided hacking services targeting "critical infrastructure and critical functions of member states and third countries."

The two individuals added to the Council's sanctions list are the co-founders of Anxun Information Technology, believed to have played a significant role in cyberattacks against EU member states.

The sanctioned Iranian company is Emennet Pasargad, which has been attributed multiple influence campaigns and the compromise of an SMS service in Sweden.

by Bleeping Computer

SPONSORED BY

Incident Response Forum D.C. 2026 is set for Wednesday, April 22, 2026 at the historic Mayflower Hotel in Washington, D.C.!

Incident Response Forum is the only conference of its kind, bringing together hundreds of cybersecurity and incident response attorneys, in-house counsel and compliance executives, and other top professionals in the field. It is focused solely on the field of Incident Response – the work that begins after a data breach that has quickly become the fastest growing practice area at law firms and consulting firms – and is geared specifically for the legal and compliance professionals who have emerged as critical players during the aftermath of a data security incident.

Join us in person or tune in virtually to hear from nearly 50 luminaries in the incident response field—including senior officials from the DOJ and FBI, and lawyers and consultants from the best firms and in the world.

👉 UNTIL FRIDAY, MARCH 27: Please use the codes below to get a 25% early-bird discount (regular in-person registration fee is $1,500; regular virtual registration fee is $750). Please register here:

In-person attendance: UPDATE909DC25
Virtual attendance: UPDATE909V25

X