A cyberattack causing chaos for British healthcare and affecting systems in nearly 100 countries originated with a leaked National Security Agency hacking tool, CNN reports. According to the New York Times, the ransomware, which encrypts data so users can't access it, was disseminated through email Friday, infecting computers in Britain, Japan, the Philippines, Vietnam, Turkey, Russia, and more. Britain's healthcare system, including hospitals, doctors' offices, and ambulance companies, was majorly impacted. "We have no idea what drugs people are on or the allergies they have," one doctor tells the BBC. "We can't access the appointments system." Surgeries were disrupted and ambulances were diverted. The ransomware hit telecommunications companies and hospitals elsewhere, as well, with most of the affected computers in Russia, Ukraine, and Taiwan.
Security experts say the vulnerability exploited by Friday's cyberattack was first found by the NSA. Shadow Brokers, a group that's been leaking NSA hacking tools since last year, leaked this one last month. Microsoft released a fix for the vulnerability last March, but Friday's targets hadn't updated their systems yet. The ransomware attack came with a message demanding about $300 worth of Bitcoin to release victims' data. The message warns the ransom demand will double after three days and will be taken off the table after a week, the Washington Post reports. It's unclear who's behind the cyberattack. More than 75,000 systems have been hit by the attack, which one UK security expert says is "turning into the biggest cybersecurity incident I've ever seen." (More cyberattack stories.)