By Ashwani Mishra, Editor-Technology, 63SATS
From HDFC Life’s data breach to Starbucks’ ransomware attack, escalating cyber incidents highlight growing risks to businesses and customer security globally. As state-sponsored espionage, cryptocurrency theft, and corporate vulnerabilities surge, enterprises and governments must strengthen their defenses.
HDFC Life Probes Potential Data Breach, Initiates Security Measures
HDFC Life Insurance has launched a detailed investigation into a potential data breach, as disclosed in an exchange filing. The company stated that it received communication from an unknown source who shared customer data fields with malicious intent.
In its BSE filing, HDFC Life wrote, “We value the data privacy of our customers and, as an immediate measure, have initiated an information security assessment and data log analysis to identify the root cause.”
Starbucks Grapples with Ransomware Fallout, Assures Employee Payments
Starbucks has confirmed that a ransomware attack on a third-party software provider disrupted employee scheduling and payroll processes.
A spokesperson clarified that while the outage has affected backend operations for time tracking, it has not impacted customer service. The company is taking measures to ensure employees are paid accurately and on time, with minimal disruption.
Hackers Claim Breach of Mossad’s Network, Threaten to Expose Spies
A hacker group named Handala, citing the death of Hamas leader Yahya Sinwar as motivation, claims to have breached Mossad’s network and obtained sensitive documents naming Israeli spies.
The group alleges they accessed the network of Silicom, an Israeli company they link to Mossad’s Unit 8200, and have stolen 40 terabytes of data. They threatened to leak the information, including emails and financial documents, while publishing videos of what they claim are Unit 8200’s management panels. These claims remain unverified.
North Korean Hackers Steal $10M in Cryptocurrency via Social Engineering
The North Korean-linked hacking group Sapphire Sleet has stolen over $10 million in cryptocurrency through LinkedIn-based social engineering campaigns, according to Microsoft.
The group impersonated recruiters and job seekers to lure victims and used fake skills assessment portals to carry out their attacks. Sapphire Sleet, active since 2020, aligns with known threat actors APT38 and BlueNoroff.
Geico, Travelers Fined $11M for 2020 Data Breach Exposing Driver Info
New York regulators have fined Geico and Travelers over $11 million for a 2020 data breach that exposed driver’s license numbers of 120,000 New Yorkers. Hackers exploited the auto insurers’ pre-fill feature to steal sensitive information, later used in fraudulent unemployment claims.
The breach, discovered months after it began, highlighted gaps in the companies’ cybersecurity measures, prompting penalties for poor data security.
China’s Salt Typhoon Targets Southeast Asian Telecoms with New Malware
The Chinese state-sponsored hacking group Salt Typhoon has launched attacks on Southeast Asian telecom firms, deploying a new backdoor malware called GhostSpider, according to Trend Micro.
While previously linked to espionage campaigns targeting U.S. telecoms, researchers suggest different actors within the group focus on distinct regions. The attacks highlight the group’s structured operations and sophisticated tactics.
South Asian Hackers Target Pakistani Entities with Upgraded Spyware
The cyberespionage group Mysterious Elephant has launched a new campaign against Pakistani entities using an improved Asyncshell payload, researchers from Knownsec report.
The hackers leveraged phishing emails with encrypted zip files to evade antivirus detection, delivering a malicious payload. The group’s techniques align with other South Asian threat actors like SideWinder and Bitter.