2:I[6932,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],"default"]
3:I[3500,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],""]
5:I[9812,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],""]
6:I[1160,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],"default"]
7:I[5750,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],"Image"]
8:I[6731,[],""]
a:I[2923,[],""]
c:I[5960,["500","static/chunks/500-1193d1955921814f.js","185","static/chunks/app/layout-aefed4accc7284b3.js"],"ThemeProvider"]
4:T73e,[{"@context":"https://schema.org","@type":"Article","headline":"Preventing ransomware by catching an MFA bypass against a healthcare claims portal","description":"A ransomware-linked actor marketed access to a children’s hospital claims portal, including the MFA secret. Unit6 shut down the identity and drove phishing-resistant controls before patient data was touched.","url":"https://unit6tech.com/customer-stories/healthcare-mfa-bypass","mainEntityOfPage":"https://unit6tech.com/customer-stories/healthcare-mfa-bypass","image":"https://unit6tech.com/images/unit6-cover.webp","author":{"@type":"Organization","name":"Unit6"},"publisher":{"@type":"Organization","name":"Unit6"},"articleSection":"Healthcare / hospital system | North America","articleBody":"A healthcare provider relied on an external claims portal protected by MFA. Unit6 observed a financially motivated actor selling access and the associated MFA seed. Valid username/password for an active portal user. The corresponding TOTP seed enabling full MFA bypass. Evidence the credentials and MFA material had already been tested successfully. Attackers could log in as a legitimate user while passing MFA checks. Access to browse or export claims data and patient-linked financial records. Pre-ransomware staging to identify high-value internal systems. Regulatory and reputational fallout under healthcare privacy laws."},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://unit6tech.com/"},{"@type":"ListItem","position":2,"name":"Customer stories","item":"https://unit6tech.com/customer-stories"},{"@type":"ListItem","position":3,"name":"Preventing ransomware by catching an MFA bypass against a healthcare claims portal","item":"https://unit6tech.com/customer-stories/healthcare-mfa-bypass"}]}]9:["slug","healthcare-mfa-bypass","d"]
b:T40e,[{"@context":"https://schema.org","@type":"Organization","@id":"https://unit6tech.com/#organization","name":"Unit6","url":"https://unit6tech.com","logo":{"@type":"ImageObject","url":"https://unit6tech.com/favicon.ico"},"description":"Unit6 turns adversary plans into foresight you can act on — decoding infrastructure, staging boxes, and recon chatter so you can stop attacks before they start.","sameAs":["https://www.linkedin.com/company/unit6tech"]},{"@context":"https://schema.org","@type":"WebSite","@id":"https://unit6tech.com/#website","url":"https://unit6tech.com","name":"Unit6: The Preventive Intelligence Company","description":"Unit6 turns adversary plans into foresight you can act on — decoding infrastructure, staging boxes, and recon chatter so you can stop attacks before they start.","publisher":{"@id":"https://unit6tech.com/#organization"},"inLanguage":"en","potentialAction":{"@type":"SearchAction","target":"https://unit6tech.com/search?q={search_term_string}","query-input":"required name=search_term_string"}}]0:["bunrciYijO3DOgSF60x8R",[[["",{"children":["customer-stories",{"children":[["slug","healthcare-mfa-bypass","d"],{"children":["__PAGE__?{\"slug\":\"healthcare-mfa-bypass\"}",{}]}]}]},"$undefined","$undefined",true],["",{"children":["customer-stories",{"children":[["slug","healthcare-mfa-bypass","d"],{"children":["__PAGE__",{},[["$L1",["$","div",null,{"className":"relative min-h-screen overflow-hidden bg-gradient-to-b from-slate-50 via-white to-sky-50 text-slate-900 dark:from-[#03030c] dark:via-[#05031a] dark:to-[#010108] dark:text-white","children":[["$","div",null,{"className":"pointer-events-none absolute inset-0","children":[["$","div",null,{"className":"absolute -top-20 left-1/2 h-[560px] w-[560px] -translate-x-1/2 rounded-full bg-sky-500/20 blur-[220px]"}],["$","div",null,{"className":"absolute inset-y-0 right-0 h-full w-1/2 bg-gradient-to-l from-indigo-500/10 via-transparent to-transparent blur-[220px]"}],["$","div",null,{"className":"absolute bottom-0 left-0 h-[420px] w-[420px] rounded-full bg-emerald-400/10 blur-[180px]"}]]}],["$","$L2",null,{}],["$","main",null,{"className":"relative z-10 mx-auto flex w-full max-w-5xl flex-col gap-16 px-6 pb-24 pt-32 lg:px-0","children":[["$","$L3",null,{"id":"customer-story-jsonld-healthcare-mfa-bypass","type":"application/ld+json","strategy":"beforeInteractive","children":"$4"}],["$","section",null,{"className":"space-y-4","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Customer story"}],["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Healthcare / hospital system"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"North America"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Anonymized"}]]}],["$","h1",null,{"className":"text-4xl font-semibold leading-tight text-slate-900 dark:text-white md:text-5xl","children":"Preventing ransomware by catching an MFA bypass against a healthcare claims portal"}],["$","p",null,{"className":"text-lg font-semibold text-slate-700 dark:text-slate-200","children":"A ransomware-linked actor marketed access to a children’s hospital claims portal, including the MFA secret. Unit6 shut down the identity and drove phishing-resistant controls before patient data was touched."}],["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-300","children":[["$","span","T1078",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1078"]}],["$","span","T1556.004",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1556.004"]}],["$","span","T1606.002",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1606.002"]}],["$","span","T1555.003",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1555.003"]}]]}],["$","div",null,{"className":"flex flex-wrap gap-4","children":[["$","$L5",null,{"href":"/book-a-demo","className":"w-full sm:w-auto rounded-full border border-transparent bg-gradient-to-r from-primary via-sky-500 to-pink-500 px-6 py-3 text-sm font-semibold text-white shadow-[0_15px_45px_rgba(14,165,233,0.35)] transition hover:scale-[1.02] hover:shadow-[0_25px_70px_rgba(236,72,153,0.35)]","children":"Book a demo"}],["$","$L5",null,{"href":"/platform","className":"w-full sm:w-auto rounded-full border border-slate-200 bg-white px-6 py-3 text-sm font-semibold text-slate-900 shadow-sm transition hover:border-slate-300 hover:bg-white/90 dark:border-white/20 dark:bg-white/5 dark:text-white dark:hover:border-white/40 dark:hover:bg-white/10","children":"Explore the platform"}]]}]]}],["$","section",null,{"className":"grid gap-6 lg:grid-cols-2","children":[["$","article",null,{"className":"rounded-3xl border border-slate-200 bg-white p-6 shadow-sm dark:border-white/10 dark:bg-white/5","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"The situation"}],["$","p",null,{"className":"mt-3 text-base text-slate-600 dark:text-slate-300","children":"A healthcare provider relied on an external claims portal protected by MFA. Unit6 observed a financially motivated actor selling access and the associated MFA seed."}],["$","div",null,{"className":"mt-4 space-y-3","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"What Unit6 detected"}],["$","ul",null,{"className":"space-y-2 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Valid username/password for an active portal user.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"Valid username/password for an active portal user."}]]}],["$","li","The corresponding TOTP seed enabling full MFA bypass.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"The corresponding TOTP seed enabling full MFA bypass."}]]}],["$","li","Evidence the credentials and MFA material had already been tested successfully.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"Evidence the credentials and MFA material had already been tested successfully."}]]}]]}]]}]]}],["$","article",null,{"className":"rounded-3xl border border-slate-200 bg-white p-6 shadow-sm dark:border-white/10 dark:bg-black/40","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Why it mattered"}],["$","ul",null,{"className":"mt-3 space-y-2 text-base text-slate-600 dark:text-slate-200","children":[["$","li","Attackers could log in as a legitimate user while passing MFA checks.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Attackers could log in as a legitimate user while passing MFA checks."}]]}],["$","li","Access to browse or export claims data and patient-linked financial records.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Access to browse or export claims data and patient-linked financial records."}]]}],["$","li","Pre-ransomware staging to identify high-value internal systems.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Pre-ransomware staging to identify high-value internal systems."}]]}],["$","li","Regulatory and reputational fallout under healthcare privacy laws.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Regulatory and reputational fallout under healthcare privacy laws."}]]}]]}]]}]]}],["$","section",null,{"className":"grid gap-6 lg:grid-cols-[1.15fr_0.85fr]","children":[["$","article",null,{"className":"space-y-4 rounded-[28px] border border-slate-200 bg-white p-7 shadow-sm dark:border-white/10 dark:bg-white/5","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"What Unit6 did"}],["$","div",null,{"className":"space-y-4","children":[["$","div","Shut down the compromised identity",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Shut down the compromised identity"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Disabled the affected account and similarly patterned credentials.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Disabled the affected account and similarly patterned credentials."}]]}],["$","li","Invalidated all TOTP secrets, forcing secure re-enrollment.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Invalidated all TOTP secrets, forcing secure re-enrollment."}]]}]]}]]}],["$","div","Redesigned the authentication posture",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Redesigned the authentication posture"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Moved privileged and sensitive users to phishing-resistant MFA (FIDO2/WebAuthn).",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Moved privileged and sensitive users to phishing-resistant MFA (FIDO2/WebAuthn)."}]]}],["$","li","Enforced IP geo-fencing and anomaly-based blocking for portal access.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Enforced IP geo-fencing and anomaly-based blocking for portal access."}]]}]]}]]}],["$","div","Investigated the root cause",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Investigated the root cause"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Triaged likely infostealer or configuration-file origins for the leak.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Triaged likely infostealer or configuration-file origins for the leak."}]]}],["$","li","Reviewed logs for suspicious exports, unusual logins, and privilege escalation.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Reviewed logs for suspicious exports, unusual logins, and privilege escalation."}]]}]]}]]}],["$","div","Aligned with regulatory response",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Aligned with regulatory response"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Documented evidence timelines that could support potential reporting.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Documented evidence timelines that could support potential reporting."}]]}],["$","li","Ensured compliance and legal teams had technical detail for communication.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Ensured compliance and legal teams had technical detail for communication."}]]}]]}]]}]]}]]}],["$","div",null,{"className":"grid gap-4 md:grid-cols-2 lg:grid-cols-1","children":[["$","article",null,{"className":"rounded-2xl border border-slate-200 bg-white p-5 shadow-sm dark:border-white/10 dark:bg-black/40","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Outcome"}],["$","ul",null,{"className":"mt-3 space-y-2 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Attack path closed before PHI theft or ransomware deployment.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Attack path closed before PHI theft or ransomware deployment."}]]}],["$","li","Authentication upgraded from legacy MFA to phishing-resistant controls.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Authentication upgraded from legacy MFA to phishing-resistant controls."}]]}],["$","li","Security leadership demonstrated proactive neutralization of a credential and MFA compromise.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Security leadership demonstrated proactive neutralization of a credential and MFA compromise."}]]}]]}]]}],["$","article",null,{"className":"rounded-2xl border border-slate-200 bg-gradient-to-br from-slate-900 via-slate-800 to-slate-900 p-5 text-white shadow-[0_18px_70px_rgba(2,6,23,0.35)] dark:border-white/10 dark:from-[#070b20] dark:via-[#050317] dark:to-[#070b20]","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-white/60","children":"Unit6 edge"}],["$","ul",null,{"className":"mt-3 space-y-2 text-sm text-white/80","children":[["$","li","Detection of MFA bypass artifacts from underground ecosystems not visible to traditional tooling.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-cyan-300"}],["$","span",null,{"children":"Detection of MFA bypass artifacts from underground ecosystems not visible to traditional tooling."}]]}],["$","li","Contextual risk scoring that distinguishes generic leaks from full impersonation risk.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-cyan-300"}],["$","span",null,{"children":"Contextual risk scoring that distinguishes generic leaks from full impersonation risk."}]]}],["$","li","A playbook connecting threat intelligence to identity security and compliance stakeholders.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-cyan-300"}],["$","span",null,{"children":"A playbook connecting threat intelligence to identity security and compliance stakeholders."}]]}]]}]]}]]}]]}],["$","section",null,{"className":"rounded-[32px] border border-slate-200 bg-white p-8 shadow-sm shadow-slate-200 dark:border-white/10 dark:bg-white/5","children":[["$","div",null,{"className":"flex flex-col gap-4 md:flex-row md:items-center md:justify-between","children":[["$","div",null,{"children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Browse other stories"}],["$","h2",null,{"className":"mt-2 text-2xl font-semibold text-slate-900 dark:text-white","children":"See more anonymized wins"}]]}],["$","$L5",null,{"href":"/customer-stories","className":"inline-flex items-center justify-center rounded-full border border-slate-200 px-6 py-3 text-sm font-semibold text-slate-900 shadow-sm transition hover:border-slate-300 hover:bg-white dark:border-white/20 dark:text-white dark:hover:border-white/30 dark:hover:bg-white/10","children":"Back to all stories"}]]}],["$","div",null,{"className":"mt-6 grid gap-4 md:grid-cols-2","children":[["$","$L5","industrial-ot-saas",{"href":"/customer-stories/industrial-ot-saas","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Specialty chemicals / industrial manufacturing"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"North America & Europe"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Stopping a nation-state from reaching industrial OT via a SaaS monitoring platform"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"An East Asia-aligned actor used stolen credentials to access an OT monitoring SaaS. Unit6 cut the access path and rebuilt controls before the adversary could reach production lines."}]]}],["$","$L5","bpo-campaign",{"href":"/customer-stories/bpo-campaign","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Outsourcing / workforce management / BPO"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"EMEA"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Exposing a multi-actor campaign against HR, payroll, and internal portals"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"Multiple actor clusters targeted an outsourcing firm’s kiosk, HR, and payroll surfaces simultaneously. Unit6 treated it as one campaign, closing credential abuse and hardening exposed services quickly."}]]}],["$","$L5","helpdesk-bruteforce",{"href":"/customer-stories/helpdesk-bruteforce","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"IT services / systems integrator"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Middle East"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Catching a helpdesk brute-force compromise before it became a company-wide breach"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A regional IT services provider exposed its ServiceDesk login without rate limits. Unit6 spotted the shift from brute-force to successful use, shut it down, and rebuilt access controls."}]]}],["$","$L5","satcom-bruteforce",{"href":"/customer-stories/satcom-bruteforce","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Satellite communications"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Catching a nation-state’s brute-force campaign against a global satellite operator"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A Chinese-directed cluster brute-forced internal support portals for a satellite operator and took over accounts. Unit6 surfaced the compromise and rebuilt authentication before operations were touched."}]]}],["$","$L5","fintech-ai-bruteforce",{"href":"/customer-stories/fintech-ai-bruteforce","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Fintech / payments processing"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Detecting AI-powered brute forcing against a fintech customer portal"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"AI-augmented actors brute-forced and sprayed a payments portal, taking over customer accounts. Unit6 cut off access, drove mandatory MFA, and hardened defenses against adaptive attacks."}]]}],["$","$L5","aviation-iab-warning",{"href":"/customer-stories/aviation-iab-warning","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Aerospace & aviation communications"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Early warning on initial access broker claims against aviation messaging systems"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"Unit6 spotted a broker selling access to an aviation messaging platform before abuse began. Accounts and endpoints were hardened and a rapid-response plan put in place."}]]}],["$","$L5","precision-manufacturing-recon",{"href":"/customer-stories/precision-manufacturing-recon","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"High-precision manufacturing / medtech & optics"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Europe & Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Disrupting state-sponsored recon and credential exposure against a high-precision manufacturer"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"State-linked actors targeted engineers and admin portals at a medtech/optics manufacturer. Unit6 neutralized exposed credentials and hardened privileged access before exploitation."}]]}],["$","$L5","dual-nation-state-sft-intrusion",{"href":"/customer-stories/dual-nation-state-sft-intrusion","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Enterprise software / communications"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Dual nation-state intrusion into a critical file transfer system — detected before impact"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"Two unrelated nation-state actors exploited the same secure file transfer stack simultaneously. Unit6 surfaced both compromises and stopped large-scale exfiltration before internal teams saw anomalies."}]]}],["$","$L5","supply-chain-ransomware-saas-admin",{"href":"/customer-stories/supply-chain-ransomware-saas-admin","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"SaaS / business intelligence platform"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Supply-chain ransomware campaign leveraging a compromised SaaS administrator — multi-tenant threat stopped early"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A ransomware group weaponized trusted admin pathways inside a business intelligence SaaS. Unit6 saw the compromise, coordinated fast revocation, and blocked cross-customer propagation."}]]}],["$","$L5","supply-chain-intrusion-pharmaceuticals",{"href":"/customer-stories/supply-chain-intrusion-pharmaceuticals","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Pharmaceuticals / healthcare"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Supply-chain intrusion into a global pharmaceutical enterprise — pre-ransomware phase blocked"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A Sophisticated Threat Actor attempted to pivot from a compromised SaaS provider into a pharmaceutical company via trusted admin links. Unit6 severed trust and stopped the intrusion in the staging phase."}]]}]]}]]}]]}],["$","footer",null,{"className":"relative isolate overflow-hidden bg-gradient-to-br from-slate-50 via-white to-sky-50 text-slate-900 dark:from-slate-950 dark:via-[#080a1a] dark:to-[#02030a] dark:text-slate-100","children":[["$","div",null,{"className":"pointer-events-none absolute inset-0","children":[["$","div",null,{"className":"absolute inset-0 bg-[radial-gradient(circle_at_top,_rgba(56,189,248,0.18),_transparent_55%)] opacity-60 dark:opacity-80"}],["$","div",null,{"className":"absolute inset-0 bg-[linear-gradient(120deg,_rgba(15,23,42,0.08)_1px,_transparent_1px)] bg-[length:220px_220px] opacity-30 dark:opacity-40"}]]}],["$","div",null,{"className":"container relative z-10 mx-auto px-6 py-16 lg:py-20","children":[["$","$L6",null,{"className":"mx-auto w-full max-w-5xl","layout":"stacked","source":"site-footer","title":"Stay ahead with the Unit6 newsletters","description":"Pick from company releases, the Weekly Cyber Threat Briefing, or Preventive Intelligence Weekly and only hear about what matters to you."}],["$","div",null,{"className":"mt-12 grid gap-10 lg:grid-cols-[minmax(0,2fr)_repeat(3,minmax(0,1fr))]","children":[["$","div",null,{"className":"space-y-6","children":[["$","$L7",null,{"src":"/images/icons/unit6-icon.svg","alt":"Unit6 logo","width":140,"height":48,"priority":true}],["$","p",null,{"className":"text-sm text-slate-600 dark:text-slate-300","children":"The Preventive Intelligence Company"}]]}],[["$","div","Product",{"children":[["$","p",null,{"className":"text-sm font-semibold uppercase tracking-[0.3em] text-slate-500 dark:text-slate-300","children":"Product"}],["$","ul",null,{"className":"mt-4 space-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","li","Platform overview",{"children":["$","$L5",null,{"href":"/platform","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Platform overview"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Platform overview"}]]}]]}]}],["$","li","Use cases",{"children":["$","$L5",null,{"href":"/use-cases","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Use cases"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Use cases"}]]}]]}]}],["$","li","Integrations",{"children":["$","$L5",null,{"href":"/integrations","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Integrations"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Integrations"}]]}]]}]}],["$","li","Comparison",{"children":["$","$L5",null,{"href":"/comparison","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Comparison"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Comparison"}]]}]]}]}]]}]]}],["$","div","Resources",{"children":[["$","p",null,{"className":"text-sm font-semibold uppercase tracking-[0.3em] text-slate-500 dark:text-slate-300","children":"Resources"}],["$","ul",null,{"className":"mt-4 space-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","li","Gaming lab",{"children":["$","$L5",null,{"href":"/resources/gaming","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Gaming lab"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Gaming lab"}]]}]]}]}],["$","li","Customers",{"children":["$","$L5",null,{"href":"/customer-stories","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Customers"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Customers"}]]}]]}]}],["$","li","Blog",{"children":["$","$L5",null,{"href":"/blog","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Blog"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Blog"}]]}]]}]}],["$","li","Security",{"children":["$","$L5",null,{"href":"/security","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Security"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Security"}]]}]]}]}],["$","li","Privacy",{"children":["$","$L5",null,{"href":"/privacy","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Privacy"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Privacy"}]]}]]}]}]]}]]}],["$","div","Get started",{"children":[["$","p",null,{"className":"text-sm font-semibold uppercase tracking-[0.3em] text-slate-500 dark:text-slate-300","children":"Get started"}],["$","ul",null,{"className":"mt-4 space-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","li","Book a demo",{"children":["$","$L5",null,{"href":"/book-a-demo","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Book a demo"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Book a demo"}]]}]]}]}],["$","li","Custom quote",{"children":["$","$L5",null,{"href":"/get-a-custom-quote","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Custom quote"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Custom quote"}]]}]]}]}],["$","li","Talk to sales",{"children":["$","$L5",null,{"href":"mailto:sales@unit6tech.com","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Talk to sales"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Talk to sales"}]]}]]}]}]]}]]}]]]}],["$","div",null,{"className":"mt-12 flex flex-col gap-6 border-t border-slate-200 pt-8 dark:border-white/10 md:flex-row md:items-center md:justify-between","children":[["$","div",null,{"className":"flex flex-wrap items-center gap-x-6 gap-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","span",null,{"children":["© ",2025," Unit6 Inc. All rights reserved."]}],["$","$L5",null,{"href":"/terms","className":"transition-colors duration-300 hover:text-slate-900 dark:hover:text-white","children":"Terms"}],["$","$L5",null,{"href":"/privacy","className":"transition-colors duration-300 hover:text-slate-900 dark:hover:text-white","children":"Privacy"}]]}],["$","div",null,{"className":"flex gap-3","children":[["$","$L5","LinkedIn",{"href":"https://www.linkedin.com/company/unit6tech","target":"_blank","rel":"noopener noreferrer","aria-label":"LinkedIn","className":"group relative flex h-11 w-11 items-center justify-center overflow-hidden rounded-full border border-slate-200/70 bg-white text-slate-900 transition-all duration-300 hover:-translate-y-1 hover:border-slate-400 focus:outline-none focus-visible:ring-2 focus-visible:ring-sky-200/80 dark:border-white/15 dark:bg-white/10 dark:text-white dark:hover:border-white/60","children":[["$","span",null,{"className":"absolute inset-0 rounded-full bg-gradient-to-br from-sky-400/40 via-emerald-300/30 to-pink-300/30 opacity-0 transition duration-300 group-hover:opacity-100"}],["$","svg",null,{"stroke":"currentColor","fill":"currentColor","strokeWidth":"0","viewBox":"0 0 448 512","className":"relative text-lg transition duration-300 group-hover:scale-110","children":["$undefined",[["$","path","0",{"d":"M416 32H31.9C14.3 32 0 46.5 0 64.3v383.4C0 465.5 14.3 480 31.9 480H416c17.6 0 32-14.5 32-32.3V64.3c0-17.8-14.4-32.3-32-32.3zM135.4 416H69V202.2h66.5V416zm-33.2-243c-21.3 0-38.5-17.3-38.5-38.5S80.9 96 102.2 96c21.2 0 38.5 17.3 38.5 38.5 0 21.3-17.2 38.5-38.5 38.5zm282.1 243h-66.4V312c0-24.8-.5-56.7-34.5-56.7-34.6 0-39.9 27-39.9 54.9V416h-66.4V202.2h63.7v29.2h.9c8.9-16.8 30.6-34.5 62.9-34.5 67.2 0 79.7 44.3 79.7 101.9V416z","children":[]}]]],"style":{"color":"$undefined"},"height":"1em","width":"1em","xmlns":"http://www.w3.org/2000/svg"}]]}],["$","$L5","X (Twitter)",{"href":"https://twitter.com/unit6tech","target":"_blank","rel":"noopener noreferrer","aria-label":"X (Twitter)","className":"group relative flex h-11 w-11 items-center justify-center overflow-hidden rounded-full border border-slate-200/70 bg-white text-slate-900 transition-all duration-300 hover:-translate-y-1 hover:border-slate-400 focus:outline-none focus-visible:ring-2 focus-visible:ring-sky-200/80 dark:border-white/15 dark:bg-white/10 dark:text-white dark:hover:border-white/60","children":[["$","span",null,{"className":"absolute inset-0 rounded-full bg-gradient-to-br from-sky-400/40 via-emerald-300/30 to-pink-300/30 opacity-0 transition duration-300 group-hover:opacity-100"}],["$","svg",null,{"stroke":"currentColor","fill":"currentColor","strokeWidth":"0","viewBox":"0 0 512 512","className":"relative text-lg transition duration-300 group-hover:scale-110","children":["$undefined",[["$","path","0",{"d":"M389.2 48h70.6L305.6 224.2 487 464H345L233.7 318.6 106.5 464H35.8L200.7 275.5 26.8 48H172.4L272.9 180.9 389.2 48zM364.4 421.8h39.1L151.1 88h-42L364.4 421.8z","children":[]}]]],"style":{"color":"$undefined"},"height":"1em","width":"1em","xmlns":"http://www.w3.org/2000/svg"}]]}]]}]]}]]}]]}]]}]],null],null]},["$","$L8",null,{"parallelRouterKey":"children","segmentPath":["children","customer-stories","children","$9","children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$La",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","notFoundStyles":"$undefined","styles":null}],null]},["$","$L8",null,{"parallelRouterKey":"children","segmentPath":["children","customer-stories","children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$La",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","notFoundStyles":"$undefined","styles":null}],null]},[["$","html",null,{"className":"antialiased __variable_41251a","lang":"en","suppressHydrationWarning":true,"children":[["$","head",null,{"children":[["$","$L3",null,{"id":"gtm-base","strategy":"lazyOnload","children":"\n            (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':\n            new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],\n            j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=\n            'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);\n            })(window,document,'script','dataLayer','GTM-KMD6X5T8');\n          "}],["$","$L3",null,{"id":"structured-data","type":"application/ld+json","strategy":"beforeInteractive","children":"$b"}],null]}],["$","body",null,{"className":"__className_f367f3","children":[["$","noscript",null,{"children":["$","iframe",null,{"src":"https://www.googletagmanager.com/ns.html?id=GTM-KMD6X5T8","height":"0","width":"0","style":{"display":"none","visibility":"hidden"}}]}],["$","$L3",null,{"id":"theme-init","strategy":"beforeInteractive","children":"\n            try {\n              const storedTheme = localStorage.getItem('theme');\n              const prefersDark = window.matchMedia('(prefers-color-scheme: dark)').matches;\n              const theme = storedTheme === 'light' || storedTheme === 'dark' ? storedTheme : (prefersDark ? 'dark' : 'light');\n              const root = document.documentElement;\n              root.classList.remove('light', 'dark');\n              root.classList.add(theme);\n              root.dataset.theme = storedTheme ?? 'system';\n            } catch (_error) {}\n          "}],["$","$Lc",null,{"children":["$","$L8",null,{"parallelRouterKey":"children","segmentPath":["children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$La",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":["$","main",null,{"className":"flex min-h-screen flex-col items-center justify-center bg-gradient-to-b from-slate-50 via-white to-sky-50 px-6 text-center text-slate-900 dark:from-slate-950 dark:via-slate-900 dark:to-slate-950 dark:text-white","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.35em] text-slate-500 dark:text-slate-400","children":"Page not found"}],["$","h1",null,{"className":"mt-4 text-4xl font-semibold sm:text-5xl","children":"Looks like that trail went cold."}],["$","p",null,{"className":"mt-4 max-w-xl text-base text-slate-600 dark:text-slate-300","children":"The page you are looking for has moved or no longer exists. Head back to the main site or explore our latest resources."}],["$","div",null,{"className":"mt-8 flex flex-col gap-3 sm:flex-row","children":[["$","$L5",null,{"href":"/","className":"rounded-full bg-slate-900 px-5 py-3 text-sm font-semibold text-white shadow-sm transition hover:bg-slate-800 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-slate-500 dark:bg-white dark:text-slate-900 dark:hover:bg-slate-100","children":"Back to homepage"}],["$","$L5",null,{"href":"/resources/gaming","className":"rounded-full border border-slate-200 px-5 py-3 text-sm font-semibold text-slate-700 transition hover:border-slate-300 dark:border-white/20 dark:text-white dark:hover:border-white/30","children":"View resources"}]]}]]}],"notFoundStyles":[],"styles":null}]}]]}]]}],null],null],[[["$","link","0",{"rel":"stylesheet","href":"/_next/static/css/2a2d44bd966c4d53.css","precedence":"next","crossOrigin":"$undefined"}],["$","link","1",{"rel":"stylesheet","href":"/_next/static/css/582d575b359aac35.css","precedence":"next","crossOrigin":"$undefined"}]],[null,"$Ld"]]]]]
d:[["$","meta","0",{"name":"viewport","content":"width=device-width, initial-scale=1"}],["$","meta","1",{"charSet":"utf-8"}],["$","title","2",{"children":"Preventing ransomware by catching an MFA bypass against a healthcare claims portal | Unit6 customer story | Unit6"}],["$","meta","3",{"name":"description","content":"A ransomware-linked actor marketed access to a children’s hospital claims portal, including the MFA secret. Unit6 shut down the identity and drove phishing-resistant controls before patient data was touched."}],["$","meta","4",{"name":"keywords","content":"preventive intelligence,adversary infrastructure,attack staging,threat reconnaissance,early warning security platform"}],["$","meta","5",{"name":"robots","content":"index, follow"}],["$","link","6",{"rel":"canonical","href":"https://unit6tech.com/customer-stories/healthcare-mfa-bypass"}],["$","meta","7",{"property":"og:title","content":"Preventing ransomware by catching an MFA bypass against a healthcare claims portal"}],["$","meta","8",{"property":"og:description","content":"A ransomware-linked actor marketed access to a children’s hospital claims portal, including the MFA secret. Unit6 shut down the identity and drove phishing-resistant controls before patient data was touched."}],["$","meta","9",{"property":"og:url","content":"https://unit6tech.com/customer-stories/healthcare-mfa-bypass"}],["$","meta","10",{"property":"og:site_name","content":"Unit6"}],["$","meta","11",{"property":"og:image","content":"https://unit6tech.com/images/unit6-cover.webp"}],["$","meta","12",{"property":"og:type","content":"article"}],["$","meta","13",{"name":"twitter:card","content":"summary_large_image"}],["$","meta","14",{"name":"twitter:creator","content":"@unit6tech"}],["$","meta","15",{"name":"twitter:title","content":"Preventing ransomware by catching an MFA bypass against a healthcare claims portal"}],["$","meta","16",{"name":"twitter:description","content":"A ransomware-linked actor marketed access to a children’s hospital claims portal, including the MFA secret. Unit6 shut down the identity and drove phishing-resistant controls before patient data was touched."}],["$","meta","17",{"name":"twitter:image","content":"https://unit6tech.com/images/unit6-cover.webp"}],["$","link","18",{"rel":"icon","href":"/favicon.ico","type":"image/x-icon","sizes":"20x32"}],["$","meta","19",{"name":"next-size-adjust"}]]
1:null