Click any tag below to further narrow down your results
Links
Poland faced a significant cyberattack where hackers accessed sensitive personal information from a loan platform, including national ID numbers and bank account details. Authorities are investigating the breach, urging affected users to change passwords and secure their data through a new government website.
Romania's oil pipeline operator Conpet confirmed a cyberattack that disrupted its technology infrastructure and took its website offline, but oil transport operations remained unaffected. The Qilin ransomware group claimed responsibility, alleging they stole nearly one terabyte of data, including sensitive internal documents. Conpet is investigating the incident and has filed a criminal complaint.
AZ Monica hospital in Belgium suffered a ransomware attack, leading to the cancellation of surgeries and the transfer of seven critical care patients to other facilities. The hospital shut down its IT systems to protect patient data, causing significant disruption to its services. Emergency care is operating at reduced capacity, and patients are advised to seek alternative medical options.
Sedgwick has confirmed a ransomware attack that compromised a file transfer system at its subsidiary, Sedgwick Government Solutions, which serves various U.S. government agencies. The company stated that the attack was contained and did not affect its broader network or data.
Eurofiber confirmed a cyberattack on its French unit that resulted in data theft from its ticket management platform. Although the company reported it was extorted, it hasn't disclosed whether it paid a ransom. The attack primarily affected B2B operations, with customer-facing services remaining operational.
The French Soccer Federation suffered a cyberattack that compromised member data, including names and contact information. The breach was traced to a compromised account, which has since been disabled and secured. The federation has filed a complaint regarding the incident.
SoundCloud confirmed a cyberattack that compromised data from 20% of its users, including email addresses and public profile information. The company quickly contained the breach and is enhancing its security measures to prevent future incidents. Misconfigurations caused temporary issues for some users on VPNs, but SoundCloud is working to resolve them.
Spain's Ministry of Science has partially shut down its IT systems following a cyberattack claim by a hacker group. The breach reportedly involved sensitive data, and the ministry is currently assessing the situation while suspending administrative procedures.
The UK Foreign Office has confirmed a cyberattack, first reported in October, but details remain unclear. Officials state that while there is speculation about Chinese involvement and potential data theft, they assert that no individuals are at risk from the breach.
Russia-linked APT28 is actively exploiting a newly disclosed Microsoft Office zero-day vulnerability, targeting Ukrainian government agencies and organizations in the EU. The bug allows attackers to deploy malware through weaponized documents, establishing a persistent foothold on affected systems. Despite Microsoft releasing patches, experts warn that cyberattacks using this vulnerability will likely increase.
Higham Lane School in Nuneaton will reopen on January 19 after a cyberattack forced it to close for nearly two weeks. Although students will return to classrooms, staff have limited access to IT systems, impacting lesson delivery and communication. The school has not disclosed details about the stolen data or the perpetrators of the attack.
A security audit of ClawHub found 341 malicious skills, primarily linked to a single campaign called ClawHavoc. These skills disguise themselves as legitimate tools but deliver trojans capable of stealing sensitive information from users. The attack leverages common installation practices to bypass security measures.
Nearly 30 organizations, including major companies like Logitech and The Washington Post, have been named as victims of a recent Oracle E-Business Suite hack linked to the Cl0p ransomware group. The attackers have leaked data from 18 of these victims, with indications that vulnerabilities exploited may have been known prior to the attack.
Ukrainian Defense Forces were attacked by a charity-themed malware campaign delivering backdoor malware called PluggyApe, likely linked to the Russian threat groups Void Blizzard and Laundry Bear. The campaign used deceptive messages to lure victims into downloading malicious files disguised as documents. CERT-UA warns that mobile devices are increasingly targeted due to their weaker security.
Marks & Spencer reported that its April cyberattack will cost approximately £136 million, impacting profits which fell by over 55%. Despite a 22.1% rise in revenues, online and in-store sales suffered due to disruptions caused by the attack and subsequent manual operations. The retailer expects to recover some costs through a £100 million cyber insurance claim.
A former IT contractor, Maxwell Schultz, hacked into Waste Management's network after being fired, resetting about 2,500 passwords and disrupting operations. The attack caused over $862,000 in damages, and Schultz now faces federal charges.
Poland's electric grid was targeted by wiper malware, likely from Russian state hackers, in late December. The attack aimed to disrupt communication between renewable energy sources and power operators but ultimately failed. Security firm ESET linked the malware to the Russian hacking group Sandworm, known for previous attacks on critical infrastructure.
A cyberattack on financial tech firm SitusAMC exposed customer data from several major U.S. banks, including JPMorgan Chase and Citigroup. The breach, identified on November 12, involved the theft of corporate data and legal agreements, but the full extent of the impact remains unclear. The FBI is investigating the incident, which left no operational disruption to banking services.
The OnSolve CodeRED emergency alert system experienced a ransomware attack by the Inc Ransom group, leading to significant disruptions and a data breach. Affected cities and law enforcement agencies reported an inability to send emergency notifications, prompting a swift response from OnSolve to transition customers to a new platform.
The U.S. Congressional Budget Office confirmed a cyberattack by a suspected foreign hacker, potentially exposing sensitive data. The agency has taken steps to contain the breach and is investigating while continuing to operate despite some congressional offices halting communications.
Jaguar Land Rover confirmed that a cyberattack in August not only halted production but also resulted in the theft of sensitive payroll data for thousands of employees. The breach is one of the most expensive in UK history, with losses affecting both the company and the broader economy.
Three London councils, including Kensington and Chelsea, are dealing with a cyberattack that forced them to shut down networks and activate emergency plans. The investigation is ongoing, and while the councils haven't detailed the attack's nature or confirmed data theft, they are focused on protecting systems and maintaining essential services.
Episource has reported a data breach affecting over 5 million patients in the U.S., following a cyberattack that occurred between January 27 and February 6, 2025. The breach exposed various sensitive health information, including names, addresses, and medical records, although no banking or payment card data was compromised. Affected individuals are being notified and advised to monitor for suspicious activity.
Jaguar Land Rover's recent cyberattack is projected to have cost the UK £1.9 billion, marking it as potentially the most economically damaging cyber event in the country's history. The attack led to a month-long shutdown of production and internal systems, affecting over 5,000 organizations, while the government provided a £1.5 billion loan guarantee to support the carmaker's recovery. Analysts attribute the financial impact to lost sales, production delays, and wider supply chain disruptions.
WestJet is investigating a cyberattack that disrupted access to its internal systems and app, affecting user logins. The airline has activated specialized teams in collaboration with law enforcement to address the breach while ensuring safety and protecting sensitive data. Although some services have been restored, it remains unclear whether the incident was a ransomware attack or a precautionary shutdown of systems.
Nucor Corporation has reported a cyberattack that has disrupted its production operations. The company detected unauthorized access to its IT systems, prompting it to take systems offline and alert law enforcement while working with cybersecurity experts to investigate the incident.
The Everest ransomware group has taken responsibility for a significant cyberattack on Collins Aerospace, affecting its MUSE check-in software and causing significant disruptions at major European airports. The attackers exfiltrated a large database and set an eight-day ransom deadline, highlighting the growing threat to aviation infrastructure.
The International Criminal Court (ICC) has reported a sophisticated cyberattack targeting its systems, detected and contained shortly after the intrusion occurred. This incident follows a previous attack by an espionage group two years prior, highlighting ongoing cybersecurity threats faced by the ICC.
A new wiper malware, dubbed "PathWiper," has been used in a destructive cyberattack against critical infrastructure in Ukraine. Conducted through a legitimate endpoint administration framework, the attack showcases a sophisticated understanding of the victim's environment by the attackers, likely associated with Russian nation-state actors.
Asahi Group Holdings has suspended operations in Japan due to a cyberattack that affected its ordering, shipping, and customer service activities. The company is currently investigating the incident, which has not yet confirmed any exposure of personal data, and is working to restore normal operations.
The UK government has stepped in to support Jaguar Land Rover with a £1.5 billion loan following a significant cyberattack that disrupted vehicle production for several weeks. This financial aid is aimed at stabilizing the company during a challenging period marked by production delays and operational challenges.
French retailer Auchan has been targeted by a significant cyberattack, resulting in compromised customer data and operational disruptions. The incident highlights the increasing vulnerability of retail businesses to cyber threats, prompting a call for enhanced security measures and response strategies in the industry.
Major international airports in Europe, including Heathrow and Brussels, are experiencing flight cancellations and delays due to a cyberattack on a check-in and boarding systems provider. While some disruptions have eased, residual delays are expected to continue as airports work on recovery efforts.
An Oregon agency has announced that hackers successfully stole sensitive data during a recent cyberattack. The breach has raised concerns about the security of personal information and the measures being taken to protect it moving forward.
Sotheby's reported a data breach that occurred on July 24, affecting the financial account information and Social Security numbers of two Maine residents. The auction house has implemented safeguards to protect data but is now offering affected individuals 12 months of credit monitoring services following the incident. This breach follows a similar attack on Christie's in 2024, highlighting ongoing vulnerabilities in the auction industry.
Ingram Micro is experiencing significant outages due to a ransomware attack attributed to the SafePay group, which has compromised internal systems and led to the shutdown of their online services. The attack is believed to have been initiated through compromised credentials used to access the company's GlobalProtect VPN, though Ingram Micro has not publicly confirmed the full extent of the attack. As of now, the company is working to restore affected systems and has begun processing certain orders again.
Japanese retailer Muji has halted online orders due to a ransomware attack that crippled its logistics partner, Askul. The attack has disrupted various services, leaving customers facing error messages and causing cancellations of pending orders. Both companies are investigating the incident but have not disclosed details about the ransomware group involved or any potential data breaches.
Dutch intelligence agencies reported that a hacker group known as Laundry Bear, suspected to be supported by the Russian state, stole sensitive data from the Dutch police. The group is also targeting EU and NATO countries to gather information regarding military support for Ukraine.
Marks & Spencer anticipates a £300 million hit to its operating profits for the 2025/26 financial year due to an ongoing cyberattack, which has caused significant disruption to its operations and online sales. Despite the challenges, CEO Stuart Machin emphasized the company's commitment to recovery and long-term growth, viewing the incident as an opportunity for transformation. Customer data was compromised in the attack, attributed to the ransomware group Scattered Spider, although sensitive payment information was not affected.
The article discusses a cyberattack that impacted the city of Abilene, Texas, leading to offline systems and disrupted services. The incident highlights the vulnerabilities of municipal infrastructures to cyber threats and the importance of cybersecurity measures.
McLaren Health Care has reported a significant data breach affecting the personal information of approximately 743,000 individuals. The breach occurred between July and August 2024, following a previous ransomware attack in 2023 that compromised the data of over 2 million people. The exposed information includes names and Social Security numbers among other sensitive details.
DragonForce ransomware group has claimed responsibility for a cyberattack on Belk, resulting in the theft of over 150 gigabytes of data. The attack, which occurred in May, led to significant disruptions in both online and physical operations for the department store chain. Belk has since taken measures to secure its systems, including disconnecting affected networks and rebuilding compromised systems.
Marks and Spencer has restored its Click & Collect service after a cyberattack disrupted multiple services for over three months. While many core offerings are back online, some limitations remain, and the company faces significant financial losses due to the attack. Four suspects have been arrested in connection with the incident.
Conduent, a major American business services and government contractor, confirmed that client data was stolen during a cyberattack in January 2025. The breach involved personal information of individuals associated with the company's clients, though there are currently no indications that the data has been made public. Conduent is assessing the impact of the breach and informing clients as necessary.
A teenager has surrendered to authorities in connection with a cyberattack that targeted the Las Vegas Strip in 2023. The incident raised concerns about cybersecurity and the potential impact on the city's tourism and entertainment sectors. Law enforcement is continuing to investigate the situation to determine the full extent of the breach.
Bridgestone's North American plants faced significant disruptions due to a cyberattack that affected their operations. The attack led to temporary shutdowns and raised concerns about the vulnerability of manufacturing facilities to cyber threats. The company is currently investigating the incident and working to restore normal operations.
Marks & Spencer is experiencing significant disruptions due to a ransomware attack linked to the threat group known as Scattered Spider. The cyberattack, which began with the theft of sensitive data, has impacted the company's payment systems and operations, leading to the involvement of cybersecurity firms for response and investigation. Scattered Spider, recognized for sophisticated social engineering tactics, has escalated its activities and recently targeted multiple organizations.
Education giant Pearson was hit by a cyberattack that allowed threat actors to steal customer and corporate data, primarily consisting of "legacy data." The breach was facilitated by an exposed GitLab Personal Access Token, which gave attackers access to internal systems and cloud services, resulting in significant data theft affecting millions of individuals. Pearson has confirmed the incident and is enhancing their security measures but has not disclosed details about the ransom or the extent of customer impact.
Aflac has recently faced a significant cyberattack that compromised sensitive data of its customers and employees. The company is working closely with cybersecurity experts to assess the extent of the breach and implement measures to protect against future incidents. Aflac has also notified affected individuals and is providing support as investigations continue.
Capita has been fined £14 million by the UK's Information Commissioner's Office following a severe cyberattack in 2023 that exposed personal data of 6.6 million individuals. The ICO criticized Capita for its sluggish response to the attack, which lasted 58 hours before containment measures were enacted, highlighting significant security failures within the organization.
SK Telecom has reported a significant cyberattack that has compromised customer USIM data, potentially allowing attackers to carry out further malicious activities. The incident raises concerns about the security measures in place for protecting sensitive personal information in the telecommunications sector.
Cellcom has confirmed that a week-long service disruption affecting voice and text services in Wisconsin and Upper Michigan was caused by a cyberattack. The company is working with cybersecurity experts to investigate the incident, and while some services are being restored, there is no evidence that customer data was compromised.
A significant cyberattack has targeted a major grocery chain, disrupting operations and raising concerns about the security of the company's systems. The incident highlights the growing threat of ransomware and the vulnerabilities within the retail sector. Investigations are ongoing to assess the full impact and prevent future attacks.
Medusa ransomware has claimed responsibility for a breach involving NASCAR, highlighting the ongoing threat of cyberattacks on high-profile organizations. The attack is part of a broader trend of increasing ransomware incidents targeting various sectors, raising concerns about data security and operational disruptions.
Jaguar Land Rover (JLR) has shut down part of its systems following a cyber incident that disrupted retail and production activities. While no customer data appears to have been compromised, the company is working to restore its global applications in a controlled manner. Experts suggest that the attack's identification may have come late, indicating potential ongoing access by the perpetrators.
United Natural Foods, a major supplier of organic products to retailers like Whole Foods and Walmart, experienced a cyberattack on June 5, leading to significant disruptions in its operations and customer order fulfillment. The company activated its incident response plan and is collaborating with cybersecurity professionals and law enforcement to address the situation, which may have implications for food supply and pricing.
Asahi Brewery is grappling with the aftermath of a ransomware attack that may have compromised personal data, following an initial assurance that customer and employee information was secure. The attack, attributed to the Qilin ransomware group, has severely disrupted operations, delaying shipments and financial reporting, as the company investigates the extent of the data breach. Recovery efforts are ongoing, but a timeline for full restoration remains uncertain.
A significant cyberattack on a cooperative has resulted in empty store shelves, theft of sensitive data, and an estimated loss of $275 million in revenue. The incident highlights the growing threats to supply chain security and the impact of cybercrime on retail operations.
Nearly 250,000 individuals were impacted by a data breach at Medical Associates of Brevard, a healthcare organization in Florida. The BianLian ransomware group claimed responsibility for the attack, which involved the theft of personal and protected health information. The breach was discovered in January 2025, and the organization has since notified authorities and affected individuals.
China has claimed to possess "irrefutable evidence" linking the US to a cyberattack on its National Time Service Center, alleging that the NSA exploited vulnerabilities and used stolen credentials to access sensitive information since 2022. The accusations come amidst rising tensions between the two nations, with both sides trading allegations of cyber intrusions.
Minnesota Governor Tim Walz has activated the National Guard to assist Saint Paul following a significant cyberattack that disrupted city services and online payments. Emergency services remain operational, but the attack has overwhelmed local response capabilities, prompting collaboration with state and federal partners to restore functionality.
Harrods has confirmed an attempted cyberattack, making it the third major UK retailer to face similar incidents in recent weeks, following Co-op and M&S. The UK's National Cyber Security Centre is now assisting these retailers as experts warn of a coordinated cybercriminal campaign targeting the retail sector. While no ransomware has been officially confirmed, speculation surrounds the involvement of known cybercriminal groups.
SimonMed Imaging has notified over 1.27 million individuals about the compromise of their protected health information due to a cyberattack in January 2025. While the company confirmed data theft, there have been no reported cases of misuse, and affected individuals are being offered complimentary credit monitoring services.
A new spear-phishing campaign, dubbed "Venom Spider," is targeting hiring managers and recruiters by masquerading as job seekers. The attackers exploit the necessity for HR staff to open email attachments, delivering a backdoor malware known as "More_eggs" to compromise systems and gather sensitive information.
A 30-year-old man has been charged for a cyberattack on Rosneft's German subsidiary, which resulted in the theft and deletion of 20 terabytes of data, crippling operations and costing nearly €12 million. The attack, motivated by political ties to Russia, demonstrates the vulnerability of critical infrastructure in the energy sector, highlighting the need for enhanced cybersecurity measures.
Malaysia's Prime Minister announced that the country rejected a ransom demand following a cyberattack on the Kuala Lumpur International Airport. The attack, which disrupted airport operations, was effectively addressed without conceding to the demands of the hackers. Authorities are investigating the incident further to enhance cybersecurity measures.
Interlock ransomware has leaked sensitive data from a cyberattack on the city of St. Paul, exposing critical information and raising concerns about cybersecurity and data protection. The breach highlights the ongoing threats posed by ransomware attacks to municipal systems.
Qantas is facing extortion from cybercriminals following a data breach that potentially exposed the personal information of 6 million customers. The airline has reported the incident to the Australian Federal Police and is advising customers to be vigilant against potential scams and phishing attempts. The attack is linked to threat actors known as Scattered Spider, who have previously targeted various sectors, including aviation and retail.
A Windows vulnerability (CVE-2025-24054) rated as low exploitability by Microsoft was quickly weaponized by attackers within eight days, targeting government and enterprise entities in Poland and Romania. The flaw allows attackers to leak NTLM hashes through phishing tactics, enabling them to impersonate victims with minimal user interaction. Researchers emphasize the urgent need for organizations to apply patches promptly to mitigate risks associated with NTLM vulnerabilities.
Esse Health has notified over 263,000 patients that their personal and health information was compromised in a cyberattack that occurred on April 21, 2025. The breach resulted in the theft of sensitive data, although there was no evidence of stolen social security numbers, and the organization is offering free identity protection services to affected individuals. Restoration efforts suggest a ransomware attack, but no group has claimed responsibility for the incident.
Ascension has reported a significant data breach affecting the personal information of 437,329 patients due to a cyberattack. The exposed data includes sensitive details such as names, dates of birth, and medical information, prompting concerns about patient privacy and security. Authorities are investigating the incident while affected individuals are being notified.
A cyberattack on Oxford City Council compromised 21 years of personal data related to election workers, affecting current and former council officers. While the council has assured that there is no evidence of a mass data download or sharing with third parties, investigations are ongoing, and most services have resumed with some technical issues remaining. Experts highlight the increasing vulnerability of local authorities as they digitize services, making them attractive targets for cybercriminals.
Telecom giant Orange has issued a warning about potential disruptions due to an ongoing cyberattack that is impacting its operations. The company is actively working to mitigate the effects and ensure service continuity for its customers.
Marks & Spencer has resumed online orders 46 days after a cyberattack, initially offering select fashion ranges to customers in England, Scotland, and Wales. However, full service is not yet restored, with standard shipping delays and certain delivery options still unavailable. The company faces significant financial impacts from the attack, estimating a £300 million loss in operating profits for the next year.
Bouygues Telecom has suffered a significant cyberattack, compromising the personal data of approximately 6.4 million customers. The breach involved unauthorized access to sensitive information, prompting the company to notify affected individuals and take steps to secure their systems.