By Ashwani Mishra, Editor-Technology, 63SATS
Recent cyber incidents include a China-linked hack of U.S. telecoms intercepting sensitive surveillance data and a breach at a French hospital exposing 750,000 patient records, highlighting growing cybersecurity vulnerabilities globally.
Stay tuned for more such global updates.
Worst Telecom Hack in U.S. History: China-Linked Hackers Intercept Sensitive Data
Mark Warner, chairman of the Senate Intelligence Committee, has described a recent breach of U.S. telecom companies as the “worst telecom hack in our nation’s history – by far.”
The attack, allegedly orchestrated by Chinese-linked hackers, allowed access to sensitive surveillance data intended for American law enforcement. Confirmed in a joint statement by the FBI and CISA on November 13, the breach underscores the growing risks of cyber espionage. Warner emphasized that this incident is part of China’s ongoing global efforts to infiltrate telecom systems and exfiltrate vast amounts of sensitive information.
Massive Data Breach at French Hospital Exposes 750,000 Patients’ Records
In France, a major hospital has suffered a data breach, exposing the medical records of 750,000 patients. A threat actor using the pseudonym “nears” claimed responsibility for the attack, boasting access to patient data from over 1.5 million individuals across multiple healthcare facilities.
The breach reportedly targeted MediBoard, a software solution by Softway Medical Group, using stolen credentials rather than exploiting any software vulnerabilities. Softway confirmed the compromise of a MediBoard account and denied any flaws in their systems, attributing the breach to improper credential security practices at the hospital.
Cyberattack Disrupts Operations of U.S. Gambling Giant
International Game Technology (IGT), one of the largest gambling and lottery providers in the U.S., is reeling from a cyberattack that disrupted its IT systems. The company announced the breach to the U.S. Securities and Exchange Commission, revealing that it had proactively taken some systems offline to protect them.
While the investigation continues, IGT has implemented operational workarounds to maintain services. The financial implications remain unclear, and no hacking group has claimed responsibility. This incident comes amid a surge of ransomware attacks targeting the gambling and lottery sectors in recent years.
Thousands of Palo Alto Networks Devices Compromised in Active Exploitation Campaign
A recently discovered vulnerability in Palo Alto Networks’ next-generation firewall (NGFW) systems has resulted in the compromise of approximately 2,000 devices worldwide.
Statistics from the Shadowserver Foundation indicate the majority of infections occurred in the U.S. (554) and India (461), with additional cases reported in countries like Thailand, Mexico, and Turkey. According to Censys, over 13,000 publicly exposed NGFW management interfaces have been identified, though not all are confirmed vulnerable. The widespread exploitation highlights the importance of immediate patching and the ongoing risks of unprotected configurations.
Russia-Linked Espionage Campaign Targets Central Asian Institutions
TAG-110, a Russian-linked cyber-espionage group, has been implicated in a targeted campaign affecting human rights organizations, private security firms, and government institutions across Central Asia.
The Insikt Group from Recorded Future identified over 60 victims in countries such as Tajikistan, Kyrgyzstan, Turkmenistan, and Kazakhstan. The campaign, active since July, utilized custom malware like the Hatvibe loader and Cherryspy backdoor, delivered via malicious Microsoft Word attachments and exploited web-facing services. Analysts believe the group aims to gather intelligence to support Russia’s military efforts in Ukraine and monitor geopolitical dynamics in the region.
