By Ashwani Mishra, Editor-Technology, 63SATS
The Maharashtra government has launched India’s first state-level Cyber Command Center, while 10 million conversations were exposed in a breach at an AI-powered call center platform in the Middle East. Additionally, 32 million Trackman user records were left unsecured, putting golfers at risk of cyber attacks.
Stay tuned for more global cybersecurity updates.
Maharashtra Government Launches First State-Level Cyber Command Center in India
The Maharashtra government has launched India’s first integrated state-level Cyber Command and Control Center, designed with world-class technology and expertise. The facility, located in Mahape, Navi Mumbai, was inaugurated by Deputy Chief Minister Devendra Fadnavis, who emphasized that Maharashtra has set a new standard in the fight against cybercrime by offering a world-class platform equipped with global technologies and highly skilled cyber experts. Fadnavis noted that this new initiative ensures the timely resolution of cybercrimes and provides digital safety for citizens, enterprises, and critical infrastructure.
The command and control center will serve as a central hub for addressing grievances through various channels, such as a helpline, web portal, and mobile app. It will support the Nodal Cyber Police Station and 50 district cyber police stations in investigating complaints from citizens and enterprises.
The center boasts a platform that integrates over 50 global forensic technologies, 17 threat intelligence tools, and 13 cybersecurity tools powered by AI and blockchain. More than 150 experts in cybercrime forensics, investigation, and technology will work at the center, which will provide crucial support to 50 district cyber police stations across the state.
10 Million Conversations Exposed in Breach at AI-Powered Call Center Platform in the Middle East
A major data breach has compromised over 10 million conversations from an AI-powered call center platform in the Middle East, according to cybersecurity firm Resecurity. The breach was caused by unauthorized access to the platform’s management dashboard, allowing attackers to harvest over 10.2 million interactions involving consumers, operators, and AI agents.
Resecurity cautioned that the stolen data could be exploited for advanced fraud, phishing attacks, and other malicious activities driven by AI technology. The platform, reportedly used extensively in industries like fintech and e-commerce, handles large volumes of customer interactions, with many organizations relying on it to enhance efficiency and automate responses.
The breach has exposed significant risks, particularly the leakage of personally identifiable information (PII), such as national ID documents. Resecurity’s investigation indicated that attackers could use this information to launch fraudulent activities by mimicking legitimate customer service conversations.
Key risks associated with the breach include data exfiltration, with attackers potentially mining PII for phishing and social engineering schemes.
32 Million Trackman User Records Left Unsecured, Exposing Golfers to Potential Cyber Attacks
Nearly 32 million records of users of Trackman, a technology company specializing in analyzing golf swings using Doppler radar, were left exposed online in a non-password-protected database, according to researcher Jeremiah Fowler.
Trackman’s technology is widely used by the PGA Tour, professional golfers, and amateurs alike. The company claims that 90 of the world’s top 100 players use its technology, including well-known manufacturers like Bridgestone and Callaway, along with major broadcasters like Golf Channel, ESPN, and BBC.
While Trackman excels at tracking golf balls at major tournaments and the Olympics, it appears to have faltered in securing users’ data. The exposure leaves users vulnerable to device hacking, social engineering, phishing attacks, and other digital crimes.
Iran’s CyberAv3ngers Use AI to Enhance Cyber Warfare Against Industrial Control Systems
Iran’s state-affiliated hacking group, CyberAv3ngers, has emerged as tech-savvy prompt engineers, leveraging AI models like ChatGPT to advance their cyber warfare techniques. Originally starting with reconnaissance efforts, the Iranian Islamic Revolutionary Guard Corps (IRGC)-linked group quickly escalated their activities, utilizing AI tools to refine and enhance their tools and techniques. According to OpenAI, CyberAv3ngers accessed AI models for assistance with coding, vulnerability research, and debugging scripts, targeting industrial control systems (ICS) and programmable logic controllers (PLCs).
These AI-powered models were not merely a passive resource; CyberAv3ngers actively sought guidance for their sophisticated operations, demonstrating how nation-state hackers are increasingly merging artificial intelligence with cyber warfare tactics.
Fidelity Investments Notifies 77,099 Customers of Data Breach in August Asset manager assures no Fidelity accounts were accessed during the breach
Fidelity Investments has informed 77,099 individuals that their personal data was stolen during a cyberattack in August. While the company has not revealed specific details about the stolen data, it has assured customers that the breach did not involve unauthorized access to any Fidelity accounts.
In a letter to those affected, Fidelity disclosed that the breach occurred between August 17 and August 19, during which a third party accessed and obtained information via two customer accounts that had been recently established without authorization.
Iran Hit by Massive Cyberattacks Amid Middle East Escalations
Iran experienced significant cyberattacks on Saturday, disrupting government branches and targeting nuclear facilities amid rising tensions in the Middle East. The attacks followed Israel’s promise to retaliate after Iran’s missile barrage on October 1, as conflicts intensify in Gaza and Lebanon.
Abolhassan Firouzabadi, former secretary of Iran’s Supreme Council for Cyberspace, confirmed to local media that the country was hit by a cyberattack, with threat actors reportedly stealing sensitive information from targeted infrastructure. These attacks come as regional tensions continue to escalate, placing critical infrastructures at heightened risk.
