
TSYS Ransomware Attack, Canvas Data Breach & HIPAA Security Failures Explained
From Security Squawk - The Business of Cybersecurity by Bryan Hornung Reginald Andre & Randy Bryan
May 5, 2026 · 41 min
About this episode
The episode discusses recent ransomware attacks and data breaches affecting TSYS and Instructure, along with HIPAA security failures in healthcare.
A major U.S. payment processor just got hit by ransomware, again. TSYS, one of the largest payment processors in the country, has been attacked by the Everest ransomware group for the second time in five years. Industry experts warned this was coming. It happened anyway. At the same time, ShinyHunters claims it stole 275 million records from Instructure, the company behind Canvas, the learning platform used by over 9,000 schools. Names, student IDs, and billions of private messages between students and teachers are now at risk. And in healthcare, regulators just fined four companies $1.165 million for ransomware-related failures, not because they were hacked, but because they ignored basic security requirements that have been in place since 2003. In one case, attackers sat inside a network for 16 months undetected. These aren't advanced attacks. These are failures to do the fundamentals. This Week's Cybersecurity Breakdown 1. TSYS Ransomware Attack (Everest Group) A repeat breach at a major payment processor: Systems encrypted and data exfiltrated Second major incident in five years Also impacts Fiserv Raises serious questions about systemic risk in payment infrastructure 2…
People in this episode
Hosts: Bryan Hornung, Reginald Andre, Randy Bryan
Topics covered
- ransomware
- data breach
- cybersecurity
- payment processing
- education sector
- HIPAA compliance
Keywords
- TSYS
- Everest ransomware
- Instructure
- Canvas data breach
- HIPAA fines
- ransomware attack
- data security
- education data
- payment processor
Mentioned in this episode
Organizations: TSYS, Everest, ShinyHunters, Instructure, Canvas, Salesforce, HHS
More episodes of Security Squawk - The Business of Cybersecurity
- DentaQuest Breach Exposes 2.6 Million — and Why "Confident" Small Businesses Keep Getting Hit · June 9, 2026 · 35 min
- The Biggest Cybersecurity Threat Isn't Malware Anymore | NYC Hospitals, Carnival & FBI Warning · June 3, 2026 · 35 min
- 7-Eleven Hacked, 143,000 Immigration Records Exposed, FBI Quietly Takes Over From CISA · May 26, 2026 · 35 min
- OpenAI Devices Hacked, Ozempic Supplier Offline & Change Healthcare Lawsuit · May 19, 2026 · 45 min
- AI Built Its First Zero-Day | 275M Student Records Stolen | 90% Hidden Ransomware · May 12, 2026 · 59 min
- Hackers Use Microsoft Teams to Break In - VPN Ransomware Surge - KPMG 2026 Warning · April 28, 2026 · 42 min
Explore listener stats, chart rankings, contacts and more on the Security Squawk - The Business of Cybersecurity podcast page.