Latest Cybersecurity Stories

Read the handpicked cybersecurity stories. Know more about the ransomware incidents, data theft, and other cyber attacks affecting organizations worldwide.

The current page lists all the cybersecurity incidents and happenings for the current week.

Russian state media company operation disrupted by ‘unprecedented’ cyberattack

Russian state television and radio broadcasting company VGTRK was hit by a cyberattack on Monday that disrupted its operations, the company confirmed in a statement to local news agencies. While a VGTRK spokesperson initially downplayed the impact of the attack, claiming it did not cause significant damage, local media reported that the broadcast of several television channels owned by VGTRK, including Russia 1 and Russia 24, was cut off mid-program and resumed nearly an hour later.

An anonymous source at the company told the Russian media outlet Gazeta.ru that the hackers erased data from the company’s servers, including backups. Recorded Future News could not independently verify this information. Read the full story.

China’s Salt Typhoon Hacks AT&T and Verizon, Accessing Wiretap Data: Report

A sophisticated hacking group known as Salt Typhoon believed to be linked to China, has breached the systems of major U.S. telecom companies AT&T, Verizon, and Lumen Technologies, potentially compromising sensitive government data.

This was reported by the Wall Street Journal raising significant national security concerns, as the attackers may have accessed systems used to handle court-authorized wiretapping—critical tools in tracking criminal and national security activities. Read the full story.

Personal Information Compromised in Universal Music Data Breach 

Universal Music Group is informing hundreds of individuals about a recent data breach impacting their personal information. According to information shared by the media giant with the Maine Attorney General’s Office, unauthorized activity was discovered in an internal application in early July. 

An investigation showed that an unauthorized third party acquired “data that potentially contained personal information”, including names and Social Security numbers. Read the full story.

Understanding the EigenLayer Hack: A Deep Dive into the $5.7M Theft

The Ethereum restaking protocol EigenLayer recently faced a security breach, leading to the theft of approximately $5.7 million in tokens. On October 4, EigenLayer’s team revealed that they were investigating suspicious selling activities linked to a specific wallet address ending in “f10D.” This wallet was found to have sold around 1.6 million EIGEN tokens, raising alarms within the crypto community.  

Following their initial investigation, EigenLayer reported on October 5 that the unauthorized selling was indeed the result of a cyberattack. The attackers had compromised an email thread related to an investor’s token transfer, allowing them to divert the tokens to their wallet. Read the full story.

Crypto Hacker Pleads Guilty for Stealing Over $37 Million in Cryptocurrency

Evan Frederick Light, a 21-year-old from Lebanon, Indiana, has pleaded guilty to conspiracy charges to Commit Wire Fraud and to Launder Monetary Instruments. The announcement was made by United States Attorney Alison J. Ramsdell following Light’s appearance before U.S. Magistrate Judge Veronica Duffy on September 30, 2024.

The intricate scheme unfolded in February 2022 when Light targeted an investment holdings company based in Sioux Falls, South Dakota. By exploiting vulnerabilities in the company’s computer servers, Light accessed the personally identifiable information (PII) of nearly 600 clients. Read the full story.

IBM: Data breach cost in ASEAN hits new high

The average cost of a data breach in ASEAN reached an all-time high of S$4.34m (US$3.33m) in 2024, representing a 7% increase from last year, a new study has found. The region’s financial services industry experienced the costliest breaches at S$7.48m, followed by the industrial sector at S$5.62m and the technology sector at S$5.5m, according to IBM’s 2024 Cost of a data breach report. Read the full story.

LEGO Website Hacked to Promote a Crypto Scam

Cryptocurrency scammers temporarily compromised the LEGO website to deceive fans into buying a fake “LEGO Coin” cryptocurrency. The breach occurred on October 4, 2024, when an unauthorized banner appeared on the LEGO.com homepage, claiming to offer “secret rewards” to those who purchased the bogus coin.

The malicious banner, which featured golden coins adorned with the LEGO logo, redirected users to an external website selling “LEGO Tokens” using Ethereum, a popular digital currency. Read the full story.

E.U. Court Limits Meta’s Use of Personal Facebook Data for Targeted Ads

Europe’s top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven companies operating in the region.

“An online social network such as Facebook cannot use all of the personal data obtained for the purposes of targeted advertising, without restriction as to time and without distinction as to type of data,” the Court of Justice of the European Union (CJEU) said in a ruling on Friday. Read the full story.

Chinese Threat Group Hacked Major US Telecom Companies Network

According to U.S. officials, a Chinese hacker group known as “Salt Typhoon” has infiltrated the networks of at least three major U.S. telecommunications providers in a significant cybersecurity breach. This audacious espionage operation is believed to be aimed at uncovering the Chinese targets of American surveillance.

The Federal Bureau of Investigation (FBI), U.S. intelligence agencies, and the Department of Homeland Security are currently investigating the breach, which remains in its early stages. Read the full story.

‘Devastating:’ Stolen Columbus data leaked by ransomware group after auction gets no bids

Over three terabytes of stolen data, including Columbus employees’ personal files, were dumped on the dark web Thursday morning, after two auctions by the hackers that attacked the city failed to attract bids.

The Rhysida ransomware group began leaking the data after an extended auction ended at 5:35 a.m., according to Ohio State assistant professor Carter Yagemann, CMIT Solutions’ Daniel Maldet and other cybersecurity experts who have watched the group’s onion site on the dark web. Read the full story.

Russian ‘Evil Corp’ Group Hit With Sanctions After $100 Million in Ransomware Thefts

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), the UK’s Foreign, Commonwealth & Development Office (FCDO), and Australia’s Department of Foreign Affairs and Trade (DFAT) jointly imposed sanctions on key members of the group last week. Simultaneously, the U.S. Department of Justice unsealed an indictment charging an Evil Corp member with deploying BitPaymer ransomware against victims in the United States.

Evil Corp is known for developing and distributing the Dridex malware, which has infected computers worldwide and harvested login credentials, leading to over $100 million stolen from hundreds of banks and financial institutions across more than 40 countries. Read the full story.

Average UK citizen hit five times each by data breaches last year – 312 million breaches in 2023, up 53% on 2022

UK citizens were affected by five data breaches each on average last year*, says leading global specialty (re)insurance group Chaucer. Figures obtained by Chaucer show that the total number of individuals about whom information was breached in 2023 was 312 million, up 53% from 204 million in 2022. The increase in large scale data breaches is partly being driven by more and more data being concentrated in third party outsourcers. Read the full story.

Comcast and Truist Bank customers caught up in FBCS data breach

Comcast Cable Communications and Truist Bank have disclosed they were impacted by a data breach at FBCS, and are now informing their respective customers that their data has been compromised.

The case concerns a data breach at Financial Business and Consumer Solutions (FBCS), a debt collection agency in the U.S. that partners with various companies to collect unpaid debts on their behalf. Last April this year, FBCS informed of a data breach determined to have occurred between February 14 and February 26, 2024, when threat actors breached its network. Read the full story.

Disney faces class action lawsuit over employee data breach

Walt Disney Co. has been hit with a class action lawsuit accusing the Burbank-based entertainment giant of negligence, breach of implied contract and other misconduct in connection with a massive data breach that occurred earlier this year.

Plaintiff Scott Margel submitted the complaint on Thursday in Los Angeles County Superior Court against Disney and Disney California Adventure. The 32-page document also accuses the company of violating privacy laws by not doing enough to prevent or notify victims of the extent of the leak. Read the full story.

MoneyGram: No evidence ransomware is behind recent cyberattack

Payment platform MoneyGram says there is no evidence that ransomware is behind a recent cyberattack that led to a five-day outage in September. MoneyGram is an American payment and money transfer platform that allows people to send and receive money through an extensive network of 350,000 physical locations in 200 countries or via its mobile app and website.

MoneyGram confirmed they had suffered a cyberattack and took systems offline to contain the breach on September 20, three days after customers started reporting experiencing issues. MoneyGram confirmed that corporate systems were breached, but after investigating the attack with CrowdStrike, law enforcement, and other cybersecurity professionals said there was no evidence that ransomware was behind the attack. Read the full story.

Harvard Pilgrim Health Care Ransomware Attack Affected at Least 2,967,000 Individuals

Harvard Pilgrim Health Care has issued an updated notification to the Maine Attorney General about its April 2023 ransomware attack, increasing the total number of affected individuals by 106,601 to 2,967,396 individuals. In the notification, Harvard Pilgrim Health Care said the investigation into the data breach is still ongoing, so that may not be the final total.

Harvard Pilgrim Health Care said the investigation uncovered evidence that a significant amount of data was copied from its systems between March 28, 2023, and April 17, 2023, which included personal and protected health information. Read the full story.

Highline Public Schools confirms ransomware behind shutdown

On Thursday, K-12 school district Highline Public Schools confirmed that a ransomware attack forced it to shut down all schools in early September.

Highline Public Schools has over 2,000 staff members and offers programs ranging from early childhood education to college preparation. It serves over 17,500 students across 34 schools in the Burien, Des Moines, Normandy Park, SeaTac, and White Center communities in Washington State. After discovering evidence of unauthorized activity on its network following a September 7 security breach, the school district was forced to shut down all schools and cancel school activities. Read the full story.

India’s Indigo airlines confirms network issues

India’s domestic carrier Indigo Airlines is experiencing system wide network issues. The degraded system performance is leading to slow processing of customer requests and check in procedures. It is unclear if the slowdown is on account of Indigo’s internal system issues or if it has been a subject of any 3rd party cyber threat. The network issues have led to long queues at the airports and slower check-ins. Read the full story.