Royal Mail slumps to loss of more than 1bn after year of strikes
Royal Mail has blamed strike action for helping send it slumping to a full-year loss of more than 1 billion.The group's owner, International Distributions Services (IDS), revealed Royal Mail swung to an operating loss of 1.04 billion for the year to March 26, against earnings of 250 million the previous year.
WH Smith hit by cyber attack as hackers access company data
High street retailer WH Smith said it has been the target of a cyber attack that has seen hackers access company data.The retailer said current and former employee information was accessed by hackers.The books and stationery chain confirmed the hack has seen a possible breach of staff payroll data such as names, addresses, dates of birth and national insurance numbers, though it does not believe banking details have been accessed.
The papers look at the Tory party, the cost-of-living crisis and industrial disputes.The Daily Mirror and The Independent report on new allegations regarding partygate, including that former PM Boris Johnson joked that the Conservatives were the most unsocially distanced party.The Daily Express reports the cost-of-living crisis will ruin retirement plans for millions of Brits, while The Daily Telegraph says 750,000 home owners could default on mortgages.
Cyber-attack closes hospital emergency rooms in three US states
A cyber-attack has shut down emergency rooms in at least three states, leading to patient diversion and rescheduling of procedures.
The hospital operator, Ardent Health, reported being targeted by a ransomware attack that affected computer programs tracking patients' healthcare records.
Ransomware attacks on healthcare providers are increasingly common, with at least 35 reported in the US this year. [ more ]
A shadowy hacker group brought the British Library to its knees. Is there any way to stop them? | Lamorna Ash
The cyber-attack on the British Library was likely carried out by the Russian hacker gang Rhysida, who had been infiltrating the library's systems for months before the attack.
The hackers demanded a ransom of 20 bitcoins (about 600,000) for privileged access to stolen personal information, but when the library refused to pay, the hackers published close to 500,000 files of stolen data. [ more ]
A cyber "incident" stopped The Philadelphia Inquirer's presses over the weekend, halting the Sunday edition's print edition and shutting down the newspaper's offices to staff until at least Tuesday.The Inquirer reported the disruption on its website, and quoted publisher Lisa Hughes, who promised to keep staff and readers informed about the situation.
Succession Wealth, a UK-based wealth management and financial planning specialist that was acquired by insurance and pensions giant Aviva in 2022, has moved to reassure customers after revealing it is conducting an investigation into a cyber security incident of an as-yet undisclosed nature.Details of the incident are thin on the ground, but it is known that the firm was first alerted to a potential attack on its IT systems on 8 February.
Royal Mail stands firm as LockBit leaks data and renews ransom demand | Computer Weekly
The LockBit ransomware gang has leaked a tranche of data exfiltrated from Royal Mail's IT systems during its January 2022 cyber attack, and set a fresh ransom demand of £33m as it renews its efforts to force the postal service to cough up.The prolific Russian-speaking ransomware operation had previously set a £66m ransom demand - which Royal Mail rejected as an "absurd" amount of money - before dropping it to approximately £47m.
WH Smith staff data accessed in cyber attack | Computer Weekly
High street retailer WH Smith has been the victim of a cyber attack in which the perpetrators accessed sensitive company data, including personal information of former and current employees.The company confirmed that the attackers have been unable to access any customer data from either its website or backend databases, as that information is held on separate systems "unaffected by this incident".
Pennsylvania Court website down in DDoS cyber attack
The Pennsylvania Courts online system has been hit by a DDoS cyber attack, affecting integral court systems such as PACFile, online docket sheets, PAePay, and the Guardianship Tracking System.
Law enforcement agencies, including CISA, the U.S. Department of Homeland Security, and the FBI, are involved in investigating the extent of the attack. [ more ]
Hackers obtain confidential information on Romanian officials after cyber attack at Parliament
Hackers breached the database of the Romanian Chamber of Deputies and obtained confidential information, including the prime minister's identity documents and medical analyses.
The hackers demanded a ransom of 0.8 bitcoins (EUR 30,000) and threatened to release the personal data if their demands were not met. [ more ]
Australia sanctions a hacker who released health insurer client data
A Russian national has been sanctioned by the Australian government for his role in a cyber attack that compromised the personal information of more than 10 million Australians.
The Australian government imposed its cyber sanction powers for the first time against Aleksandr Ermakov after linking him to the cyber attack. [ more ]
Australia sanctions hacker in Medibank data breach case DW 01/23/2024
Authorities in Australia have identified a Russian hacker responsible for the country's largest data breach at insurer Medibank.
The hacker stole sensitive medical records belonging to around 10 million people, including the Prime Minister, and released some of the most harmful information. [ more ]
Learn the basics of cybersecurity with this $60 web-based training package
The Premium Ethical Hacking Certification Bundle features eight courses that introduce students to the fundamentals and prepare them to earn important credentials from CompTIA.The threat of a cyber attack is always looming, so experts advise companies to bolster their IT security budgets on the regular.
The challenges of attracting cybersecurity talent and how to address them
The cybersecurity industry is at an interesting inflection point.We are now approaching three years of remote and hybrid work, and individuals and organizations alike have had to adjust and improve their security infrastructures.And this push for more security will only amplify in 2023 in new and unique ways.
Get a lifetime privacy upgrade with KeepSolid Private Browser for $29
Protect your iOS or Android mobile device with military-grade encryption every time you go online.From your accounting software to your team chat, running a business today involves connecting to a variety of online apps.Unfortunately, this leaves you vulnerable to attacks - unless you're using something like the KeepSolid Private Browser.
Ukraine updates: Zelenskyy to attend WEF in Davos in person DW 01/09/2024
Ukrainian President Volodymyr Zelenskyy will be attending the World Economic Forum in Davos in person this year and is expected to make a special address.
A Russian cyber attack targeting Ukrainian state payment has been successfully repelled. [ more ]
Microsoft warning after DDoS attack disrupts Russian bank
Microsoft has warned Europe to be on alert for cyber attacks from Russia this winter, just as a series of attacks hit Russian organizations - including the country's second-largest bank.The government-controlled St Petersburg-based VTB finaincial institution announced on Tuesday it was facing an "unprecedented cyber attack from abroad," and added that the DDoS flood was the largest in the bank's history.
Richard Osman among authors missing royalties amid ongoing cyber-attack on British Library
Richard Osman's 'The Thursday Murder Club' and Matt Haig's 'The Midnight Library' were the most borrowed library books in the UK last year.
PLR payments, which authors receive each time their book is borrowed from a library, will not be paid this year due to a cyber-attack on the British Library. [ more ]
Russia's Sandworm blamed for Kyivstar telecom cyberattack
Russia's Sandworm crew was responsible for a cyber attack on Kyivstar, causing disruptions to mobile and internet services for 24 million users in Ukraine.
The attack began before December 12 and wiped thousands of virtual servers and PCs, impacting air raid alert systems and banking services. [ more ]
Indian organisations at very high risk of cyber attacks, says survey
As artificial intelligence and technological advancements continue to take over the world, a recent survey has revealed that cyber attacks and threats are currently the biggest risks faced by Indian organisations.
Indian organisations at very high risk of cyber attacks, says survey
As artificial intelligence and technological advancements continue to take over the world, a recent survey has revealed that cyber attacks and threats are currently the biggest risks faced by Indian organisations.
'Gay furry hackers' break into Idaho National Laboratory nuclear lab
A hacktivist group known as Siegedsec broke into the Idaho National Laboratory (INL) and leaked the names of researchers online.
The leaked data included personal information such as full names, dates of birth, email addresses, and physical addresses.
The group has previously targeted organizations like NATO and Atlassian, and their motive appears to be causing disruption rather than financial gain. [ more ]
'Gay furry hackers' break into Idaho National Laboratory nuclear lab
A hacktivist group known as Siegedsec broke into the Idaho National Laboratory (INL) and leaked the names of researchers online.
The leaked data included personal information such as full names, dates of birth, email addresses, and physical addresses.
The group has previously targeted organizations like NATO and Atlassian, and their motive appears to be causing disruption rather than financial gain. [ more ]
British Library confirms ransomware cyber attack has crippled services
The UK's national library, the British Library, is currently experiencing a major technology outage as a result of a ransomware attack.
The attack has affected the library's website, online systems, and services, as well as some onsite services including the Reading Rooms and public WiFi.
The library is working to restore services, but some disruption may persist for longer, and they are investigating the attack with the support of cybersecurity specialists. [ more ]
Australian port operator hit by cyber-attack says cargo may be stranded for days'
Australia's biggest ports operator, DP World Australia, was targeted in a cyber-attack, resulting in the closure of port operations in Sydney, Melbourne, Brisbane, and Fremantle.
The company disconnected its internet to stop ongoing unauthorized access to its network, but key systems linked to port operations were affected.
The Australian government is coordinating the response, and the priority is to get containers moving again. [ more ]
JD Sports details cyber security revamp following January attack
JD Sports has confirmed it will be refreshing its cyber security stack following the serious cyber attack it sustained at the start of the year.In a regulatory filing published on Wednesday, the retail group said it has appointed a third-party consultancy that will work to create a "better-integrated cyber vendor ecosystem" for the company.
Innovation is harder than it looks - we should go easy on tech firms
Technology was starting to look easy.Too easy.Then Elon Musk bought Twitter.And Bing and Google flung out their spins on generative AI.And ransomware took down Royal Mail, a software fault grounded BA flights and the same happened across domestic US flights.In the era before Musk bought Twitter, I was bewildered that a site with active users in the hundreds of millions - rather than the billions of rivals such as Facebook or TikTok - had 7,500 staff and still managed to be so terrible at battling , fascism and spam.
Black Basta ransomware attack to cost Capita over 15m | Computer Weekly
UK outsourcer and public sector specialist Capita expects to incur "exceptional costs" in the region of £15m to £20m as a result of the March 2023 Black Basta ransomware attack on its systems, which saw clients left unable to provide vital public services for days, and has resulted in a major breach of customer data, including information held by pensions providers.
Social media platform Reddit breached in phishing attack | Computer Weekly
Social media platform Reddit has moved to reassure its users that their data is secure, after a cyber attack on its systems that saw an unspecified threat actor gain unauthorised access to a limited number of internal documents, code and some internal business systems.The data breach first came to light on Sunday 5 February, when Reddit's security team became aware of the "sophisticated" and targeted phishing attack, where Reddit employees were targeted with seemingly plausible email prompts that directed them to a cloned version of its intranet gateway.
UK and US sanction seven Russian cyber criminals over ransomware actions
Seven Russian nationals have been sanctioned by the UK and US over their links to the development and deployment of ransomware, as part of a Government crackdown on cyber criminals.The Foreign, Commonwealth and Development Office (FCDO) said asset freezes and travel bans had been imposed on the seven individuals for their ties to strains of ransomware which had been used to attack UK infrastructure, and others internationally.
North Korean hackers targeted nearly 1,000 South Korean foreign policy experts | Engadget
BeeBright via Getty Images South Korean authorities believe North Korean hackers, working for the government, have targeted at least 892 foreign policy experts in the country.The efforts focused on members of think tanks and academics, dating back to April.The attacks began with spear phishing emails, often claiming to be from figures in South Koreas political system.
'Why wasn't there a back-up plan?': After One Brooklyn Health cyber attack, community leaders demand answers * Brooklyn Paper
Nearly a month after a cyber attack left the One Brooklyn Health system compromised, elected officials and medical professionals gathered outside of Brookdale Hospital Medical Center to call for additional resources - and to get the healthcare system's three hospitals back online."I am asking for resources and answers into this cyber attack that has crippled everything from patient health, health records to the day-to-day operations of Brookdale Hospital," said East New York advocate and former political candidate Chris Banks during a Dec. 15 press conference outside the Brownsville hospital.
NCSC issues revised security Board Toolkit for business leaders | Computer Weekly
The UK's National Cyber Security Centre (NCSC) has launched a fresh package of expert support aimed at CEOs and other senior business leaders, with the aim of encouraging them to take a more pivotal role in boosting their organisations' cyber resilience, make informed decisions, and adopt a systematic and practical approach to security issues.
The City of Oakland, California, on Friday announced that it was forced to take some systems offline after falling victim to a ransomware attack.The cyberattack, the city's administration says in an incident notification, started on Wednesday night and led to network outages as a result of systems being disconnected from the internet.
This Ajax dad is taking on Durham school board over 'weird' residency demand | CBC News
An Ajax father has filed a complaint with Ontario's privacy commissioner over what he calls a "weird" decision by the regional school board.At the beginning of the month, the Durham District School Board (DDSB) sent a letter to parents of all online students demanding they prove they live in Durham Region.
Toronto hospital network says it expects its digital systems will be fully restored today | CBC News
A major Toronto hospital network says it expects its digital systems to be restored by the end of the day after a full outage forced it to declare a "code grey" and delayed patient care.The University Health Network (UHN) said it is confident the outage was not caused by a cyber attack."There was no breach of patient data as the problems with the systems were entirely internal," it said.
South Pacific vacations may be wrecked by ransomware
New Zealand's Privacy Commission has signalled it may open an investigation into local managed services provider Mercury IT, which serves many government agencies and businesses and has been hit by ransomware.Mercury's website is, at the time of writing, a single page that states "Mercury IT provides a wide range of IT services to customers throughout New Zealand."
LastPass probes new cyber incident related to August attack
Credential management specialist LastPass has disclosed a new cyber security incident - its second in four months - that seems to have its roots in the first.The company launched an investigation, notified law enforcement and brought on board expertise from Mandiant, after it spotted unusual activity in an undisclosed third-party cloud storage service, which it shares with its affiliate GoTo, a unified communications company.
NCSC warns over AI language models but rejects cyber alarmism | Computer Weekly
The UK's National Cyber Security Centre (NCSC) has issued advice and guidance for users of AI tools such as ChatGPT that rely on large language model (LLM) algorithms, saying that while they present some data privacy risks, they are not necessarily that useful currently when it comes to deploying them in the service of cyber criminal activity.
What charities should know about ransomware and reputational threats | Computer Weekly
Sikov - stock.adobe.comLast March, the email and phone systems at the Scottish Association for Mental Health suddenly stopped working.A possible sign of a cyber attack, confirmed when the cyber criminal gang RansomEXX uploaded sensitive data belonging to donors and volunteers to the dark web including: names, home addresses, emails, and passport scans.
NCSC warning over cyber risk to charity sector | Computer Weekly
Under-resourced charities running services and fundraising activities online are increasingly seen as a soft touch by cyber criminals looking to make a quick buck, and are at risk of malicious actors taking advantage of public generosity during challenging times.In a newly issued report, the UK's National Cyber Security Centre (NCSC) highlighted how besides launching cyber attacks against charities, cyber criminals are also "inserting" themselves into the third sector, masquerading as legitimate charities to siphon off bona fide donations from the public, as has been observed in numerous incidences relating to charity drives for Ukraine.
A damaged file may have caused the outage in an FAA system, leading to travel chaos
Travelers wait in the terminal as an Alaska Airlines plane sits at a gate at Los Angeles International Airport early Wednesday.Stefani Reynolds/AFP via Getty Images After thousands of flights were delayed or canceled on Wednesday, the Federal Aviation Administration's preliminary investigation points to a "damaged database file" in a key system.
Security Think Tank: 2022 changed how we thought about resilience | TechTarget
Maksim Kabakou - Fotolia
2022 saw the cyber security landscape continue to evolve and become ever more challenging for businesses and governments.A post-Covid new normal has been in full force this year, with companies embracing hybrid and remote work arrangements, while sustaining (or bracing for) large-scale data breaches and destructive ransomware attacks.
Amnesty International Canada claims it was hacked by Beijing
The Canadian branch of Amnesty International said it was the target of a cyber attack sponsored by China. he human rights organisation said it first detected the breach on October 5 and hired forensic investigators and cyber security experts to investigate.Ketty Nivyabandi, secretary general of Amnesty International Canada, said the searches in their systems were specifically and solely related to China and Hong Kong, as well as a few prominent Chinese activists.
Ransomware Gang Steals Employee and Customer Data From LJ Hooker
A ransomware gang claims to have stolen 375 gigabytes worth of employee and customer data from the Australian real estate giant, LJ Hooker, including passport scans, credit card details, and loans data.On November 30, LJ Hooker was added to the victim list of Russia-linked ransomware gang, ALPHV, also known as BlackCat, in a blog post on the dark web previewing some of the data stolen in the breach.
Cohesity doubles down on cyber-defence failings via backup | TechTarget
Most organisations fail miserably at defending themselves from cyber attack and ransomware intrusion.That's the view of James Blake, EMEA CSO at Cohesity, who spoke to Computer Weekly about key features in the backup company's recently launched Datahawk service and its Data Security Alliance initiative.