• Politics

    US Senator says Microsoft should be probed for ‘gross cybersecurity negligence’ after hospital ransomware attacks

    AnyFans Posted on

    By Ellen Jennings-Trace

    Copyright techradar

    US Senator says Microsoft should be probed for 'gross cybersecurity negligence' after hospital ransomware attacks

    Skip to main content

    Tech Radar Pro

    Tech Radar Gaming

    Close main menu

    the business technology experts

    België (Nederlands)

    Deutschland

    North America

    US (English)

    Australasia

    New Zealand

    View Profile

    Search TechRadar

    Expert Insights

    Website builders

    Web hosting

    Best web hosting
    Best office chairs
    Best website builder
    Best antivirus
    Expert Insights

    Don’t miss these

    US politicians call for further probes into possible DeepSeek security risks

    Microsoft to stop using China-based engineers for US military tech support

    Microsoft SharePoint attack now sees victim count rises to 400 organizations, including US nuclear agency

    SharePoint-ageddon attacks riddled with free Warlock ransomware – and thousands of services could be compromised

    Microsoft restricts access to its cyber early warning systems for some Chinese firms

    Microsoft says Russian hackers are planting fake antivirus software in embassy attacks

    Microsoft SharePoint server hack sees Chinese threat actor hit roughly 100 orgs – here’s what we know so far

    Cyber Security
    FTC calls on big tech to resist UK and EU demands to weaken encryption and censor content

    US warns Chinese tech firms may have ties to notorious cyber espionage group which hit hundreds of firms

    Microsoft flags dangerous cybercriminals ransacking organizations – and then letting you know about it via Teams

    The US Federal Court Filing System has been breached – and all the fingers are pointing to Russia

    Marks & Spencer’s cyberattack isn’t an exception – it’s a warning

    Microsoft SharePoint worries increase as ransomware gangs join the party, experts warn

    Get ahead of third-party risk or wave goodbye to your cyber resilience

    Microsoft wants to avoid another disastrous global outage – here’s how it plans to do it

    US Senator says Microsoft should be probed for ‘gross cybersecurity negligence’ after hospital ransomware attacks

    Ellen Jennings-Trace

    12 September 2025

    Wyden urges the FTC to probe the organization

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

    (Image credit: Shutterstock)

    Senator Ron Wyden has asked for a probe into Microsoft
    This comes after ransomware attacks, particularly on Ascension Healthcare
    Microsoft is accused of ‘gross cybersecurity negligence.’

    US Senator Ron Wyden has written a letter to the FTC Chairman to urge them to open an investigation into Microsoft over the company’s ‘negligent cybersecurity’ in relation to ransomware attacks against US critical infrastructure;

    “I urge the FTC to investigate Microsoft and hold the company responsible for the serious harm it has caused by delivering dangerous, insecure software to the U.S. government and to critical infrastructure entities, such as those in the U.S. health care sector,” Wyden wrote in a letter to FTC Chairman Andrew Ferguson.
    Earlier this year, millions were left at risk after Ascension Healthcare revealed a data breach, most likely at the hands of C10p ransomware.

    You may like

    US politicians call for further probes into possible DeepSeek security risks

    Microsoft to stop using China-based engineers for US military tech support

    Microsoft SharePoint attack now sees victim count rises to 400 organizations, including US nuclear agency

    Karberoasting attacks
    Senator Wyden’s office has reportedly obtained new information – “the hack began when a contractor clicked on a malicious link after conducting a web search on Microsoft’s Bing search engine.”

    Following this, a contractor’s laptop was infected with malware, which the letter claims was due to “dangerously insecure default settings on Microsoft software allowed the hackers to ultimately gain highly privileged access to the most sensitive parts of Ascension’s network.”
    “Without timely action, Microsoft’s culture of negligent cybersecurity, combined with its de facto monopolization of the enterprise operating system market, poses a serious national security threat and makes additional hacks inevitable.”
    The attacks reportedly used something called ‘Kerberoasting’ – a technique which exploits insecure encryption technologies from all the way back in the 1980’s known as ‘RC4’. These are still supported by Microsoft software, and Wyden argues Microsoft should warn customers about such dangers.

    Are you a pro? Subscribe to our newsletter
    Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
    Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
    Microsoft has, as yet, not released a patch or update for the vulnerability, nor has the firm reached out to warn customers.
    “RC4 is an old standard, and we discourage its use both in how we engineer our software and in our documentation to customers – which is why it makes up less than .1% of our traffic,” a Microsoft spokesperson told TechRadar Pro.
    “However, disabling its use completely would break many customer systems. For this reason, we’re on a path to gradually reduce the extent to which customers can use it, while providing strong warnings against it and advice for using it in the safest ways possible. We have it on our roadmap to ultimately disable its use. We’ve engaged with The Senator’s office on this issue and will continue to listen and answer questions from them or others in government.”
    You might also like

    Take a look at our picks for the malware removal software around
    Check out our choice for best antivirus software
    Chinese nationals will no longer be allowed to manage Pentagon cloud services

    Ellen Jennings-Trace

    Staff Writer

    Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

    You must confirm your public display name before commenting

    Please logout and then login again, you will then be prompted to enter your display name.

    US politicians call for further probes into possible DeepSeek security risks

    Microsoft to stop using China-based engineers for US military tech support

    Microsoft SharePoint attack now sees victim count rises to 400 organizations, including US nuclear agency

    SharePoint-ageddon attacks riddled with free Warlock ransomware – and thousands of services could be compromised

    Microsoft restricts access to its cyber early warning systems for some Chinese firms

    Microsoft says Russian hackers are planting fake antivirus software in embassy attacks

    Latest in Security

    China-related threat actors deployed a new fileless malware against the Philippines military

    NASA imposes blanket ban on Chinese nationals accessing worksites and calls

    This widely used Remote Monitoring tool is being used to deploy AsyncRAT to steal passwords

    This long-exposed SonicWall flaw is being used to infect organizations with Akira ransomware – so patch now

    Jaguar Land Rover backtracks, says hackers may have taken some data

    This macOS malware was laying dormant for years, but may have been silently infecting thousands of devices

    Latest in News

    You can run but you can’t hide – the worst Nintendo console ever is coming back for revenge as a Switch 2 accessory

    Nintendo reveals official title, teaser, and cast for its Super Mario Bros. Movie sequel – and one big name is missing from its line-up

    Nvidia RTX 5000 GPUs could soon get a speed boost thanks to MSI Afterburner – but many gamers might miss out here

    Did Prime Video cancel this hit spy show with 90% on Rotten Tomatoes? Here’s what we know so far

    How to watch The Traitors Ireland season 1 — it’s *FREE*

    US Senator says Microsoft should be probed for ‘gross cybersecurity negligence’ after hospital ransomware attacks

    LATEST ARTICLES

    You can run but you can’t hide – the worst Nintendo console ever is coming back for revenge as a Switch 2 accessory

    OpenAI for-profit restructuring given go-ahead by Microsoft in new non-binding deal

    Nvidia RTX 5000 GPUs could soon get a speed boost thanks to MSI Afterburner – but many gamers might miss out here

    Quordle hints and answers for Saturday, September 13 (game #1328)

    NYT Connections hints and answers for Saturday, September 13 (game #825)

    TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.

    Contact Future’s experts

    Terms and conditions

    Privacy policy

    Cookies policy

    Advertise with us

    Web notifications

    Accessibility Statement

    Future US, Inc. Full 7th Floor, 130 West 42nd Street,

    Please login or signup to comment

    Please wait…

    You Might Also Like