#cyberattack

#cyberattack

A few days later, the attack on LA Metro was claimed by Ababil of Minab, which purports to be a pro-Iran hacktivist group. The threat actor allegedly wiped hundreds of terabytes of data and exfiltrated more than 1TB worth of files. The hackers published screenshots and videos to demonstrate that they had access to LA Metro's internal systems, including a core virtualization management platform, a Microsoft IIS web server instance hosting internal and public-facing assets, and even an operational technology (OT) system used to monitor trains.

Canvas parent company Instructure said that as of Friday morning, the platform was back online. Instructure said it temporarily took Canvas offline on Thursday after identifying unauthorized activity in its network. The threat actor was the same one responsible for a data breach that Instructure disclosed a week ago. Data accessed included user names, email addresses, student ID numbers, and messages exchanged on the platform. The company said it has no indication that passwords, dates of birth, government identifiers, or financial information were involved.

Sweden's minister for civil defense, Carl-Oskar Bohlin, stated that the cyberattack targeted a heating plant in western Sweden but ultimately failed. He did not provide further details.

The Co-op revealed that it swung to an underlying pre-tax loss of £126 million in its latest financial year, compared with a £45 million profit the previous year.

Intoxalock spokesperson Rachael Larson confirmed that the company had been hit by a cyberattack, stating that they took steps to temporarily pause some of their systems as a precautionary measure.

When a company the size of Stryker experiences a global outage tied to a cyber incident, the immediate concern is not just whether data was taken but whether critical systems can still operate safely. The reported disruption at Stryker highlights how cyber operations tied to geopolitical tensions can quickly spill into the private sector, especially when the victim organization sits in a critical industry like healthcare.

UnitedHealth Group ( ) reported fourth-quarter and full-year 2025 earnings this morning that fell slightly short of analyst estimates, while offering guidance for the coming year that indicated a roughly 2% decline year-over-year due to its right-sizing efforts payment increase for Medicare Advantage plans in 2027 that was far below what was anticipated. The market's response was immediate, sending UnitedHealth's stock tumbling as much as 15% in premarket trading this morning.

Germany's Dresden State Art Collections (Staatliche Kunstsammlungen Dresden, or SKD) experienced a cyberattack on Jan. 21, according to a statement from The Saxon State Minister for Culture and Tourism. SKD is among the oldest museum networks in Europe and contains 15 museums. "Large parts" of the organization's digital infrastructure were impacted, as per the ministry's statement. However, its security system was not affected and remains fully functional, including physical and technical security.

"Hammersmith & Fulham Council says payments are now being processed as usual, two months after a cyberattack that affected multiple boroughs in the UK's capital city."

AZ Monica, which operates hospitals in Antwerp and Deurne, confirmed the issues on Tuesday. It said seven patients receiving critical care had to be transferred to different nearby hospitals with help from the Red Cross so they could continue receiving the necessary treatement. All other patients continue to be treated at the affected sites. Its emergency department was operating at reduced capacity as of Tuesday, the day of the organization's last official update. According to De Tijd, 70 surgeries were cancelled on the day.

Poland's power system faced its largest cyberattack in years in the last week of December that also followed a different pattern, the country's energy minister said on Tuesday.

Small samples of the data hacked by the criminals shows it is likely to contain sensitive personal information, and residents should be wary of anyone claiming to be a council worker that asks for details. The council shares some of its affected services with Westminster City Council and Hammersmith and Fulham Council which were also impacted. All three are working with the National Cyber Security Centre to track the data.

La Poste and La Banque Postale were once again difficult to access on New Year's Day due to a cyberattack. The disruption comes just days after a similar attack disrupted parcel tracking during the Christmas period. The website laposte.fr and all information systems of the French postal company were hit by a cyberattack on Thursday morning, according to radio station RFI. The website and app of La Banque Postale, the postal company's banking division, were also largely inaccessible.