Stay in the Know

Latest Cyberattacks

Cybersecurity threats are growing each year, with criminals adopting increasingly sophisticated techniques to exploit businesses like yours. Keep up to date with the latest data breaches and attacks.

Vet Chain CVS Group Hit by Cyberattack, UK Operations Disrupted

CVS Group plc swiftly detected the cyber incident, promptly taking down its IT systems to prevent further unauthorized access. CVS Group, one of the UK’s major veterinary groups, has reported a cyberattack that poses potential risks to personal information. The company, which operates over 500 locations globally, primarily in Britain, disclosed that unauthorized external access was gained by hackers into some of its IT systems.

Southern Water customers affected by cyber attack

Southern Water has warned that data belonging to 5-10% of its customers has been stolen in a cyber attack. In an email to customers on Tuesday, the firm said personal details and financial information may have been stolen for sale on the dark web.

Health insurance data breach affects nearly half of France’s population, privacy regulator warns

Data on more than 33 million people in France, approximately half the population, was compromised in a cyberattack at the end of January, according to the country’s privacy watchdog.

Cyberattack targeting UK councils causes online disruption

Three councils in the United Kingdom have taken some of their public-facing systems offline due to an ongoing cybersecurity issue.

McDonald’s Data Breach 2024, a Continuation of Cybersecurity Dilemmas

This 2024 McDonald's data breach reportedly involves not just employee and customer names and emails, but also internal tools and bank logs too.

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns

The Russia-based actor is targeting organisations and individuals in the UK and other geographical areas of interest. The Russia-based actor Star Blizzard (formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie) continues to successfully use spear-phishing attacks against targeted organisations and individuals in the UK, and other geographical areas of interest, for information-gathering activity.

General Electric Data Breach: Hacker Claims Sale of Leaked GE Information

IntelBroker reposted the advertisement in the forum's "Leaked" section, yielding notably improved results, possibly due to a lack of initial interest.

British Library says ransomware hackers stole data from HR files

The British Library — one of the largest libraries in the world and the national library of the United Kingdom — said the ransomware gang behind a recent attack on its systems appeared to leak data stolen from its human resources files.

Boeing Cyberattack Unfolds: LockBit Releases Initial 4GB of Stolen Data, Threatens Further Leaks

LockBit's ultimatum related to Boeing data breach follows a two-step process, beginning with the release of approximately 4 gigabytes of sample data, predominantly comprised of the most recent information.

UK logistics firm blames ransomware attack for insolvency, 730 redundancies

KNP Logistics, described by its administrators as one of the United Kingdom’s largest privately owned logistics groups, declared itself insolvent on Monday, blaming a ransomware attack back in June.

Greater Manchester Police officers' details hacked in cyber attack

Police officers' personal details have been hacked after a company was targeted in a cyber attack. The firm in Stockport, which makes ID cards, holds information on various UK organisations including some of the staff employed by Greater Manchester Police (GMP).

MGM Resorts Cybersecurity Breach: Was a 10-Minute Chat All It Took?

What's astounding about the MGM Resorts cyber attack is the simplicity of the hackers' entry. In a brief conversation, they managed to breach a company valued at $33.9 billion.

Record number of cyberattacks targeting critical IT infrastructure reported to UK gov’t this year

Within just the first six months of 2023, organizations operating critical IT infrastructure services in the United Kingdom reported more incidents to government authorities in which cyberattacks had significantly disrupted their operations than in any year previously, according to data obtained under the Freedom of Information Act.

IBM notifies J&J unit Janssen CarePath's customers of unauthorized data access

IBM (IBM.N) said on Wednesday it is notifying customers of Janssen CarePath, a Johnson & Johnson (JNJ.N) unit, of a "data incident" involving unauthorized access of personal information.

Cyber-attack on UK's electoral registers revealed

The UK's elections watchdog has revealed it has been the victim of a "complex cyber-attack" potentially affecting millions of voters. The Electoral Commission said unspecified "hostile actors" had managed to gain access to copies of the electoral registers, from August 2021.

Scottish university UWS targeted by cyber attackers

Data belonging to the University of the West of Scotland (UWS) has been put up for auction by an extortion cybergang. The university first said it was facing a "cyber incident" earlier this month and police have been investigating.

MOVEit hack: BBC, BA and Boots among cyber attack victims

The BBC, British Airways, Boots and Aer Lingus are among a growing number of organisations affected by a mass hack. Staff have been warned personal data including national insurance numbers and in some cases bank details may have been stolen. The cyber criminals broke into a prominent piece of software to gain access to multiple companies in one go.

Spotted: Suspected Russian malware designed to disrupt Euro, Asia energy grids

Malware designed to disrupt electric power grids was likely developed by a Russian contractor, according to Mandiant's threat intel team that discovered the malicious software and dubbed it CosmicEnergy. Mandiant spotted the industrial-equipment malware after it was uploaded to VirusTotal, which is a little unusual — albeit a better way to discover a new software nasty compared to, say, waiting for a massive cyberattack that shuts down critical infrastructure.

NCSC joins partners to issue warning about China state-sponsored cyber activity targeting CNI networks

The UK and agencies in the US, Australia, Canada and New Zealand have issued new advice today (Wednesday) to help organisations detect China state-sponsored activity being carried out against critical national infrastructure networks.

The threat from commercial cyber proliferation

The UK’s National Cyber Strategy commits us to being a “leading responsible and democratic cyber power, able to protect and promote our interests in and through cyberspace in support of national goals”. As such, tackling commercial cyber proliferation and ensuring all cyber capabilities are developed, sold and used in a way that is legal, responsible and proportionate is a policy priority for the UK.

ACD - The Sixth Year

The aim of Active Cyber Defence (ACD) is to “Protect the majority of people in the UK from the majority of the harm caused by the majority of the cyber attacks the majority of the time.” It was launched in 2017 and continues to protect the UK, in a relatively automated way, from a significant proportion of commodity cyber attacks.

Threat Report 24th March 2023

Mandiant report that UNC3886 actor is targeting firewalls, IOT devices and VPNs The cyber security company Mandiant has published a blog detailing ongoing campaigns by a Chinese espionage threat actor it calls UNC3886. The actor takes advantage of technologies that don’t support endpoint detection response, such as firewalls, IoT devices, hypervisors and VPN technologies. The actor has exploited zero-day vulnerabilities and then deployed custom malware as an attack vector before traversing the target environment and gaining persistence. The report that concludes that communication and collaboration across organisations is essential for both vendors and investigators to help mitigate the activity.