By 63SATS Cybertech News Desk
This week saw a global surge in cyber threats, spanning luxury retail, aviation, healthcare, and infrastructure. Dior and Marks & Spencer faced data breaches, while Andy Frain and Ascension suffered ransomware fallout. Taiwan’s drone supply chain was targeted by Chinese hackers, and India repelled over 1.5 million cyberattacks post-Pahalgam.
Meanwhile, Poland shut a Russian consulate over sabotage links, and Meta’s EU AI ambitions hit a privacy wall in Germany. As ransomware spikes in Australia and Iowa, U.S. agencies warn of OT system attacks. Generative AI is set to fuel a $23.9B cybersecurity boom, reflecting the urgency for digital resilience worldwide.
Dior Confirms Data Breach in China
Luxury brand Dior confirmed a data breach affecting its Chinese customers, exposing personal information like names, contact details, and purchase history. Financial data was not compromised. The incident, discovered on May 7, was communicated internally to affected users. Authorities are investigating. The breach underscores increasing cybersecurity risks for global retail brands operating in China.
Chinese Hackers Target Taiwan’s Drone Supply Chain
Cybersecurity firm Trend Micro has linked a Chinese-speaking group, Earth Ammit, to targeted cyberattacks on supply chains in Taiwan and South Korea. Between 2023 and 2024, sectors like defense, satellites, and software were infiltrated. The hackers aimed to breach trusted providers to access sensitive systems, posing serious risks to Asia-Pacific’s military and industrial infrastructure.
Marks & Spencer Confirms Customer Data Theft
Marks & Spencer disclosed that customer data was stolen during an April ransomware attack. CEO Stuart Machin said no payment or password data was exposed, but personal details such as names, birthdates, and addresses were compromised. The breach hasn’t led to public leaks yet, but it highlights growing concerns over data security in retail.
Twilio Denies Breach Linked to Steam Data Leak
Twilio has denied being hacked after a threat actor offered 89 million Steam user records for sale, including leaked SMS codes. Hacker “Machine1337” released 3,000 sample messages containing Steam access codes. Twilio maintains there was no breach, but BleepingComputer’s analysis raises concerns about a potential third-party vulnerability affecting Steam’s two-factor authentication process.
Andy Frain Hit by Black Basta Ransomware Attack
U.S.-based security firm Andy Frain Services suffered a ransomware attack by Black Basta, compromising data of over 100,000 individuals. Hackers stole 750 GB of sensitive HR, legal, and accounting data. The company, which secures airports and stadiums, has not disclosed specifics but is offering free credit monitoring—highlighting how even physical security firms are vulnerable to digital threats.
Australia Logs Record Data Breaches in 2024
Australia reported 527 data breaches in late 2024—its highest since 2020—driven by ransomware and phishing attacks. The health, finance, and government sectors were most affected. Ransomware surged 24%, and phishing remained the top threat. The OAIC findings point to growing cyber risks and emphasize the urgent need for stronger digital resilience and enterprise-level security reforms.
CloudSEK: Most India Cyberattack Claims Are Hype
CloudSEK dismissed over 100 alleged cyberattacks on Indian institutions as mostly exaggerated or fake. Hacktivist groups like Nation Of Saviors claimed breaches of agencies including the Election Commission, but evidence showed minor defacements or recycled data. Experts say the campaign was more about digital propaganda than real damage, exploiting Indo-Pak tensions for visibility and psychological impact.
India Withstands 1.5 Million Cyberattacks Post-Pahalgam
Following the Pahalgam terror attack, Indian systems faced over 1.5 million cyberattacks from Pakistan-linked APT groups. Only 150 succeeded, per Maharashtra Cyber. Despite reduced military tensions, government and critical sectors remain top targets for cyber onslaughts from hostile regions. Officials say India’s robust defenses neutralized most threats, but persistent digital warfare underscores the need for constant vigilance.
Airline Confirms Hack Linked to Deportation Flights
Global Crossing Airlines confirmed a cyberattack on May 5, impacting systems tied to ICE deportation flights. A hacker reportedly shared sensitive data with journalists. While the airline hired cybersecurity experts and law enforcement is investigating, it hasn’t disclosed details of the breach. The incident raises concerns about the digital security of sensitive U.S. immigration logistics.
Germany Blocks Meta’s AI Data Use Plan
Germany’s data watchdog has ordered Meta to stop using Facebook, Instagram, and WhatsApp data for AI training in the EU, citing privacy violations. Meta claims the initiative enhances AI’s cultural understanding. However, the move underscores mounting European resistance to big tech exploiting personal data for AI development, placing Meta’s broader EU AI ambitions under scrutiny.
Generative AI to Drive Cybersecurity Boom to $23.9B
Generative AI is transforming cybersecurity, with the market set to jump from $2.45 billion in 2024 to $23.92 billion by 2034, says ResearchAndMarkets. AI-driven tools are enhancing threat detection, analysis, and response. With a 25% CAGR forecast, both advanced and emerging economies are rapidly integrating AI into security operations amid rising cyber threats.
Poland Shuts Russian Consulate Over Sabotage Ties
Poland is closing a Russian consulate following revelations that Russian intelligence ordered an arson attack on a Warsaw mall. Prime Minister Donald Tusk confirmed arrests and ongoing investigations. The retaliatory move marks a rise in tensions as European nations crack down on covert Russian sabotage operations and bolster security against foreign interference.
India Alerts Banks on Cyber Risks Amid Tensions
As border tensions with Pakistan rise, Finance Minister Nirmala Sitharaman urged banks to strengthen cybersecurity and ensure operational continuity. She met with RBI, NPCI, and CERT-In, emphasizing digital safeguards for UPI and internet banking. Frequent audits and enhanced vigilance were mandated, especially in sensitive regions, to defend against potential cyberattacks amid geopolitical strain.
Ransomware Hits Iowa County, Disrupts Services
Iowa County suffered a ransomware attack, disrupting public services and computer networks. Detected on April 28, with outages by April 30, the breach prompted an external cybersecurity investigation. Recovery is underway, but officials warned of delays in services and data access. No timeline for full restoration was given, as systems remain under assessment.
Ascension Data Breach Exposes 430,000+ Patients
Ascension, a major U.S. healthcare provider, revealed a December data breach affecting over 430,000 patients due to a former partner. Leaked data includes names, birth dates, Social Security numbers, and medical details. Notification letters sent in April raised alarms about potential identity theft and fraud. The breach adds to growing concerns over healthcare data security.
Google Settles Texas Privacy Lawsuit for $1.4B
Google agreed to a $1.375 billion settlement with Texas over allegations of unauthorized location tracking and biometric data use. The lawsuit claimed Google violated privacy by collecting user data without consent. This record-breaking fine, surpassing a 2022 multi-state $391 million deal, signals intensifying regulatory scrutiny of big tech’s data practices in the U.S.
Hackers Use Japanese Accounts for $2B in Illegal Trades
Japan’s FSA reported hackers used around 5,000 breached accounts for $2 billion in unauthorized trades in April. Nine firms were affected, pushing total illicit trades to over $3 billion in 2025. The surge exposes weaknesses in Japan’s trading infrastructure and has triggered urgent calls for regulatory reforms and stronger cybersecurity protocols.
OT Cyberattacks Prompt U.S. Infrastructure Alert
Federal agencies have issued a joint alert after a surge in cyberattacks on U.S. operational technology (OT) systems. Sectors like energy and transport are affected, with attackers exploiting internet-facing ICS setups. Though often unsophisticated, some attacks caused physical disruptions, highlighting urgent security gaps in America’s critical infrastructure and the need for immediate cybersecurity upgrades.
