By Ashwani Mishra, Editor-Technology, 63SATS Cybertech
India’s tough new CCTV regulations sparked tensions with global manufacturers, while The North Face and LexisNexis reported major data breaches impacting hundreds of thousands. Authorities dismantled international malware-testing sites and cyberattacks disrupted hospital services across the U.S. Australia rolled out strict ransomware payment reporting laws, ConnectWise confirmed a state-sponsored breach, and Coinbase faced fallout from a massive insider-linked data theft in India.
Together, these incidents highlight the escalating global cyber threat landscape — from regulatory battles to sophisticated attacks and the urgent need for robust digital resilience.
CCTV Makers Clash with India Over Strict Security Rules
Global surveillance equipment makers are pushing back against India’s new rules requiring CCTV manufacturers to submit hardware, software, and even source code for government lab testing. Industry players warn the policy could disrupt supply chains and increase tensions between Prime Minister Modi’s administration and foreign firms, adding to concerns about regulatory overreach and protectionism.
Major brands worry the mandate could set a precedent affecting operations and compliance strategies in India’s expanding tech and surveillance market.
The North Face Confirms Customer Data Theft in Credential Attack
Outdoor brand The North Face has alerted customers that their personal data was stolen in an April credential-stuffing attack on its website. Owned by VF Corporation, which also oversees Vans and Timberland, The North Face processes nearly 42% of its $3 billion annual revenue through e-commerce.
Hackers used previously compromised login credentials to access accounts, exposing sensitive customer details. The company is urging users to reset passwords and adopt stronger security practices immediately.
LexisNexis Breach Exposes Sensitive Data of Over 364,000 People
LexisNexis Risk Solutions has disclosed a breach exposing names, Social Security numbers, contact details, and driver’s license numbers of more than 364,000 individuals. The breach, discovered in April 2025 but dating back to December 2024, occurred via unauthorized access through a third-party software development platform.
LexisNexis has launched an investigation, notified law enforcement, and begun alerting affected individuals. The company emphasized that the type of compromised information varies per person, adding urgency to its response.
Global Operation Shuts Down Malware Testing Platforms
In a major international crackdown, U.S. and Dutch authorities dismantled four malware-testing websites — AVCheck.net, Crypt.guru, Cryptor.live, and Cryptor.biz — as part of Operation Endgame. These platforms, seized in late May, had operated for over a decade, allowing cybercriminals to test malware against real antivirus defenses.
Coordinated with Finnish and Dutch police, this takedown marks another milestone in global efforts to disrupt cybercrime infrastructure, seize criminal assets, and arrest key players in malware development.
Cyberattack Forces Hospital Service Shutdowns Across Northeast US
A cyberattack on Catholic healthcare network Covenant Health has forced three hospitals in Maine and New Hampshire to shut down access to their data systems, limiting services. Covenant Health operates a wide network across six U.S. states, employing nearly 6,000 people.
The organization is working to restore systems, safeguard patient data, and resume normal operations. This incident highlights growing cyber risks facing healthcare providers, where service disruption directly threatens patient care and safety.
Australia Enforces Mandatory Ransomware Payment Reporting
Starting May 30, Australia’s Cyber Security Act 2024 mandates that all companies with over AUS $3 million in turnover — especially those managing critical infrastructure — report ransomware payments to the Australian Signals Directorate within 72 hours. Reports must include payment amounts, delivery methods, and details of attacker communications.
Public sector bodies are exempt. This regulatory push aims to increase national ransomware tracking, disrupt criminal profits, and strengthen Australia’s collective cyber resilience.
ConnectWise Confirms State-Sponsored Breach Targeting ScreenConnect Users
IT software firm ConnectWise has reported a suspected state-backed cyberattack affecting a small number of ScreenConnect customers. ConnectWise discovered the intrusion, believed to be linked to a nation-state actor, and immediately launched an investigation with top forensic experts at Mandiant.
The company has directly notified affected customers and is actively working with law enforcement to contain the threat, assess damage, and strengthen its overall security posture against future advanced attacks.
Coinbase Faces Massive Breach After Customer Support Bribery Scandal
Cryptocurrency giant Coinbase has reported a breach impacting over 69,000 customers, marking its largest-ever security failure. Hackers reportedly bribed customer service agents at Indian outsourcing firm TaskUs to leak sensitive client data. The breach, disclosed in May, could cost Coinbase up to $400 million.
Notably, just weeks after the breach was discovered, TaskUs laid off more than 200 Indian staff working on Coinbase’s account. This incident exposes deep vulnerabilities in outsourced support ecosystems.
