Daily Cyber Threat Brief – Ep 1089
March 16, 2026
Host: Dr. Gerald Auger, Simply Cyber Media Group
Episode Overview
Today’s episode dives into eight top cybersecurity news stories relevant to industry practitioners, business leaders, and those aiming to stay ahead in cyber threats. Dr. Gerald Auger brings his signature blend of practical, unfiltered expertise, vibrant analogies, and community interaction. Topics range from ransomware in Middle Eastern healthcare to the latest on Canadian data breaches and practical security tool updates, accompanied by real talk on cyber resilience and the state of the industry.
Key Topics & Deep Dives
1. Ransomware Breach at Royal Bahrain Hospital
[12:53]
- Payload Ransomware group claims breach, threatening to release 110GB of patient data from Royal Bahrain Hospital (largest in the region).
- Uses a double extortion model (encrypt + exfiltrate data).
- Auger’s Insight: While Payload is new, the technique isn’t—most “new” ransomware actors are rebrands or splinter groups.
- Three Ransomware Impacts:
- Classic encryption for ransom.
- Pure data exfiltration.
- Network DDoS for ransom.
- Healthcare Targeting: Healthcare continues to be heavily targeted for its complex, porous IT and focus on patient safety over cyber.
- Memorable Quote:
“Just because I walked uphill both ways to school doesn’t mean that you do. I can give you a Segway and you can roll to school.” – Dr. Auger [04:30]
2. Loblaw’s Canadian Retail Data Breach
[19:32]
- Loblaw, major Canadian retailer, reports basic customer data accessed (name, email, phone).
- No passwords/financials breached. Impact appears minimal; no threat actor identified.
- Starbucks parallel: Story brings up similar Starbucks incident, blending details.
- Auger’s Take: “Nothing burger” story, minimal impact, mostly public information leaked, demonstrative of perfunctory breach reporting.
- Humorous Quote:
“I’m not really changing my underwear because name, email, and phone number got data breached.” – Dr. Auger [22:58]
3. New York’s Water Sector Cyber Regulations
[25:17]
- Regulations begin 2027: Cyber training, incident response plans, reporting, cyber leads for water utilities.
- $2.5M grant and technical assistance available.
- Significance: Water/wastewater underfunded, talent retention low; regulations good, but public sector faces serious human resource constraints.
- Key Insight: Tabletop exercises are vital for preparedness; most orgs excel at preventive controls, lack in response/recovery maturity.
- Notable Quote:
“I get a little passionate about tabletop exercises.” – Dr. Auger [30:01]
4. Massive Data Breach: Telus Digital (Canada)
[33:35]
- Telus Digital (BPO arm of Telus) breached: Nearly 1PB (petabyte) of data potentially stolen.
- Attributed to ShinyHunters—young, aggressive cybercrime group.
- Ransom demand: $65 million.
- ShinyHunters focus on straight financial gain, not espionage.
- Context: Telecom is a hot target globally due to sensitive traffic data and account access.
- Industry Analysis: Ransom demands typically start at 1–3% of company revenue, not the outlandish numbers sometimes reported.
- Auger’s Sarcasm:
“$65 million, bro. Sure. Steam games don’t go on sale often enough, you know what I mean? We need our $65 million.” [35:51]
5. Poland’s National Centre for Nuclear Research – Attack Blocked
[45:24]
- Hackers targeted the IT systems (not OT/industrial).
- Attack detected and blocked—no reactor or critical systems compromised.
- Auger distinguishes IT vs OT:
- IT: User-facing systems (email, websites)
- OT/ICS: Physical/industrial systems (plant controls, valves)
- Victory Lap Insight: Effective tabletop exercises and recovery plans are why the breach didn’t escalate.
- Call to Reframe:
“We shouldn’t call our industry cyber security… We should call it cyber resiliency, because that’s actually what we’re getting paid to do.” – Dr. Auger [49:28]
6. Starbucks Employee Portal Breach (Phishing Attack)
[52:54]
- Hackers phished user credentials to access the Starbucks Partner Central portal: 900 employees affected.
- MFA was present but session tokens were compromised.
- Auger critiques overblowing such incidents (not true hacking, just credential theft).
- Lesson: MFA is not a silver bullet—session hijacking remains a risk.
- Quote:
“Users aren’t hacking in, they’re logging in. Welcome to 2026. Have multi-factor authentication, please.” – Dr. Auger [53:41]
7. Better Leaks – Open Source Secrets Scanner
[57:09]
- New tool from creators of GitLeaks promises faster, more accurate detection of credentials/API keys in source code.
- Open source & MIT licensed; strong community backing (Amazon, RBC, Red Hat).
- Advice: Anyone using git (public or private) should integrate secret scanning.
- Auger’s Take:
“There’s no reason you shouldn’t have this scanner scan your repos—either daily or before every main commit.” [57:51]
8. Telecom Security and Public Apathy
[60:34]
- Despite past major breaches (Salt Typhoon/Chinese APTs in US telcos), policymakers face public indifference—too many breaches, too little urgency.
- Danger: “Breach fatigue” undermines the push for meaningful security improvement.
- Strategic Insight: Major communications sector compromise could be weaponized (as in Russia/Ukraine war).
- Memorable Quote:
“People are becoming numb to it. It’s a day that ends in ‘yeah’.” – Dr. Auger [61:18]
Community & Notable Moments
Welcome & Community Energy
[00:01] – [10:00]
- Multiple first-timers celebrated: Aditi, Nick Dixon, Destiny McCloney.
- Emphasis on inclusive, supportive atmosphere: “No stupid questions, no scammy bull crap.”
- Daily attendance advised for CPE (Continuing Professional Education) tracking.
Special Segment: Simply Cyber Community Member of the Week
[40:44]
- This week: Robert Wetze (Bow Tie Security) for mentorship and active Discord participation.
- $100 Amazon gift card, sponsored by ThreatLocker:
“He is giving like 500 word responses to questions. He is following up… all about service, all about mentorship, all about giving back.” – Dr. Auger
Memorable Analogy
- Ransomware Forms:
“It’s the equivalent of like a bully taking you by the wrist and punching you in the face with your own fist and being like, ‘Stop hitting yourself’…” – Dr. Auger [15:34]
Jawjacking – Q&A and Career Guidance
[Post-show, ~62:00+]
- Deep dives on GRC roles, risk frameworks (including FAIR), and beginner blue-team project ideas.
- Strong advice to communicate business risk in financial terms.
- Recommendations for getting into SOC: “You want to be a SOC analyst... This is easily the best $50 you could spend,” referencing Eric Capuano’s blue-team course.
- GRC special publications (NIST SP 800-37 and 800-53) highlighted for those targeting governance roles.
Timestamps for Key Segments
| Topic | Timestamp | |-----------------------------------------------|------------| | Opening & Newcomer Welcome | 00:01–10:00| | Ransomware at Royal Bahrain Hospital | 12:53 | | Canada - Loblaw Retail Breach | 19:32 | | New York Water Cyber Regulations | 25:17 | | Telus Digital Major Breach | 33:35 | | Poland’s Nuclear Research Attack | 45:24 | | Starbucks Partner Portal Incident | 52:54 | | Better Leaks Open Source Tool | 57:09 | | Telecom Security & Public Apathy | 60:34 | | Jawjacking (Career Q&A) | 62:00+ |
Language & Tone
Dr. Auger’s tone is energetic, candid, and laden with pop culture references, humor, and analogies—from wrestling to Bar Rescue. He pulls no punches in his analysis, emphasizes real-world application, and repeatedly champions inclusivity, mentorship, and practical career advice.
Summing Up
Episode 1089 of Daily Cyber Threat Brief stands out for its practical, engaging approach to both top headlines and underlying lessons—a must-listen (or read) for anyone seeking both community and cutting-edge security insight. Whether you’re a GRC nerd, SOC hopeful, or just trying to keep up with rapidly morphing cyber threats, this episode packs actionable takeaways, memorable moments, and a strong dose of wisdom (plus plenty of laughs).
Notable Quote to Close:
“Support, inclusion, empowerment. Thank you so much for coming.” – Dr. Auger [End]