Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label cyber attack. Show all posts
tata company
cyber attack Cyber Attacks Data Theft M&S tata company

TCS Investigates Possible Link to M&S Cyberattack

 

Tata Consultancy Services (TCS), a leading Indian IT services firm under the Tata Group umbrella, is reportedly investigating whether its systems played any role in the recent ransomware attack that disrupted operations at British retail giant Marks & Spencer (M&S). 

The cyberattack, which occurred in late April 2025, was initially described by M&S as a “cyber incident.” However, subsequent reports confirmed it to be a ransomware assault that severely affected both in-store and online operations. Key services such as contactless payments and Click and Collect were disabled, while online orders came to a standstill. 

Several internal systems were reportedly taken offline as a containment measure. The prolonged disruption, lasting several weeks, had a significant impact on M&S’s business. The company’s market capitalization is estimated to have dropped by £1 billion, and there are allegations that customer data may have been compromised in the breach. 

As M&S continues recovery efforts, TCS is conducting a thorough internal investigation to determine whether any part of its infrastructure might have been involved in the incident. TCS has long been a key technology partner for M&S, which adds urgency to the ongoing review. The attack has once again brought cybersecurity solutions into focus. 

Platforms like Keeper Security, known for their zero-knowledge encryption-based password managers and digital vaults, are gaining traction. Keeper offers features such as two-factor authentication, secure file storage, dark web monitoring, and real-time breach alerts—tools that are increasingly vital in defending against sophisticated cyber threats like ransomware. 
Read more »
Sensitive data
Co-op Customer Data Customer Data Exposed cyber attack Data Breach Data Leak data security IT Infrastructure Sensitive data

Co-op Cyberattack Exposes Member Data in Major Security Breach

 

Millions of Co-op members are being urged to remain vigilant following a significant cyberattack that led to a temporary shutdown of the retailer’s IT infrastructure. The company confirmed that the breach resulted in unauthorized access to sensitive customer data, although it emphasized that no financial or account login information was compromised. 

Shirine Khoury-Haq, Chief Executive Officer of Co-op, addressed members directly, expressing regret and concern over the breach. She assured customers that the company’s core operations were largely unaffected by the attack and that members could continue to use their accounts and services as normal. However, she acknowledged the seriousness of the data exposure, which has affected both current and past members of the Co-op Group. 

“We deeply regret that personal member information was accessed during this incident. While we’ve been able to prevent disruption to our services, we understand how unsettling this news can be,” Khoury-Haq stated. “I encourage all members to take standard security precautions, including updating their passwords and ensuring they are not reused across platforms.” 

According to an official statement from Co-op, the malicious activity targeted one of their internal systems and successfully extracted customer data such as names, contact information, and dates of birth. Importantly, the company clarified that no passwords, payment details, or transactional records were included in the breach. They also emphasized that their teams are actively investigating the incident in coordination with the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA). 

The company said that it has implemented enhanced security measures to prevent further unauthorized access, while minimizing disruption to business operations and customer services. Forensic specialists are currently assessing the full scope of the breach, and affected individuals may be contacted as more information becomes available. In response to the incident, Stephen Bonner, Deputy Commissioner of the UK Information Commissioner’s Office (ICO), offered guidance to concerned members. “Cyberattacks like this can be very unsettling for the public. 

If you’re concerned about your data, we recommend using strong, unique passwords for each of your online accounts and enabling two-factor authentication wherever possible,” he advised. “Customers should also stay alert to updates from Co-op and follow any specific instructions they provide.” The Co-op has apologized to its customers and pledged to continue prioritizing data protection as it works to resolve the issue. While the investigation continues, members are encouraged to remain cautious and take proactive steps to safeguard their personal information online.
Read more »
United Kingdom
cyber attack Cyber Attacks cybersecurity news NCSC United Kingdom

UK Retail Sector Hit by String of Cyberattacks, NCSC Warns of Wake-Up Call

 

The United Kingdom’s National Cyber Security Centre (NCSC) has issued a stark warning following a wave of cyberattacks targeting some of the country’s most prominent retail chains. Calling the incidents a “wake-up call,” the agency urged organisations to strengthen their cybersecurity posture amid growing threats. 

The NCSC, a division of GCHQ responsible for cybersecurity guidance across the UK’s public and private sectors, confirmed it is working closely with the impacted retailers to understand the scope and impact of the attacks. 

“The disruption caused by the recent incidents impacting the retail sector are naturally a cause for concern to those businesses affected, their customers and the public,” said NCSC CEO Dr Richard Horne. 

“These incidents should act as a wake-up call to all organisations. I urge leaders to follow the advice on the NCSC website to ensure they have appropriate measures in place to help prevent attacks and respond and recover effectively.” 

In the past two weeks, major British retailers Marks & Spencer, Co-op, and Harrods have all reported cybersecurity breaches. Harrods confirmed that threat actors attempted to infiltrate its systems on May 1st, prompting the luxury department store to restrict access to certain websites—a move that suggests defensive measures were enacted during an active threat. Around the same time, the Co-operative Group revealed it was also the target of a cyberattack. 

In an internal memo, Co-op’s Chief Digital and Information Officer Rob Elsey warned staff to exercise caution with email and Microsoft Teams usage, adding that VPN access had been shut down as part of containment efforts. Marks & Spencer, one of the UK’s most iconic retail brands, faced disruptions across its online ordering platform and in-store services such as contactless payments and Click & Collect. The incident has since been identified as a ransomware attack, with sources confirming the involvement of threat actors linked to the Scattered Spider group. 

The attackers reportedly used DragonForce ransomware—tactics that have also been deployed in previous high-profile breaches at companies like MGM Resorts, Coinbase, and Reddit. In light of these incidents, the UK Parliament’s Business and Trade Committee has sought clarification from the CEOs of Marks & Spencer and Co-op on the level of support received from government agencies such as the NCSC and the National Crime Agency.
Read more »
Sensitive Data Leak
cyber attack Cyber Warfare Cybersecurity Data Breach Data Theft Hacker attack Information Security Personal Data Breach Sensitive Data Leak

Jammu Municipal Corporation Targeted in Major Cyberattack, Sensitive Data Allegedly Stolen

 

In a significant breach of digital infrastructure, the Jammu Municipal Corporation (JMC) has fallen victim to a cyberattack believed to have resulted in the loss of vast amounts of sensitive data. According to high-level intelligence sources, the attackers managed to compromise the website, gaining access to critical records and databases that may include personally identifiable information such as Aadhaar numbers, property ownership documents, tax filings, infrastructure blueprints, and internal administrative communications.  

The breach, which occurred on Friday, has prompted an immediate investigation and system lockdown as cybersecurity teams race to contain the damage and begin recovery operations. Officials involved in the incident response have confirmed that website functionality has been suspended as data restoration processes are initiated. Top intelligence sources indicate that the attack bears hallmarks of Pakistan-sponsored cyber operations aimed at undermining India’s administrative framework. “These tactics are consistent with state-backed cyber warfare efforts targeting strategic and sensitive zones like Jammu and Kashmir,” said a senior intelligence official.

“The objective is often to destabilize public services and spread fear among the populace.” The JMC’s website is a key platform used to manage municipal services, property taxes, and local development projects. Its compromise has raised concerns about the broader implications for civic governance and the potential misuse of the stolen data.  

This latest breach follows a series of unsuccessful but alarming hacking attempts by groups linked to Pakistan. Just a day before the JMC attack, hacker collectives such as ‘Cyber Group HOAX1337’ and ‘National Cyber Crew’ reportedly targeted several Indian websites. Cybersecurity teams were able to detect and neutralize these threats before they could cause any major disruption. Among the recent targets were the websites of Army Public School Nagrota and Army Public School Sunjuwan. These were reportedly subjected to defacement attempts featuring inflammatory messages referencing the victims of the Pahalgam terror attack. 

In another incident, a portal catering to the healthcare needs of retired armed forces personnel was compromised and vandalized. Cybersecurity experts warn that such attacks often aim to disrupt not only public trust but also national morale. The recurring pattern of targeting vulnerable groups—such as schoolchildren and elderly veterans—further emphasizes the psychological warfare tactics employed by these groups. 

As recovery efforts continue, the Indian government is likely to review its cybersecurity protocols across public sector systems, especially in high-risk regions. Enhanced defense measures and greater inter-agency coordination are expected to follow. The investigation remains ongoing, and further updates are expected in the coming days.
Read more »
News
Bitdefender cyber attack cyberattacks trending news News

Bitdefender Warns of Surge in Subscription Scams Disguised as Online Stores and Mystery Boxes

 

Cybersecurity researchers at Bitdefender have uncovered a sharp increase in deceptive online subscription scams, with fraudsters disguising themselves as legitimate e-commerce platforms and mystery box vendors. These sophisticated schemes are luring unsuspecting users into handing over sensitive credit card details under the guise of low-cost purchases. 

Unlike older, more obvious fraud attempts, this new wave of scams involves meticulously crafted fake websites that mimic real online shops. Bitdefender’s investigation revealed over 200 fraudulent sites offering goods such as footwear, apparel, and electronic gadgets. 

The catch? Victims unknowingly agree to recurring subscription charges cleverly hidden in the fine print. One tactic gaining traction is the so-called “mystery box” scam. These scams entice consumers with a small upfront fee in exchange for a surprise package, often marketed as unclaimed luggage or packages left behind at airports or post offices. 
However, the real goal is to harvest personal and payment information, often enrolling victims in recurring payment plans before the transaction is even finalized. The scams are widely advertised on social media platforms, including Facebook, through sponsored posts. 

In many cases, scammers pose as content creators or use fake influencer pages to build trust. Bitdefender researchers found more than 140 websites pushing these scams, with many traced back to a recurring address in Limassol, Cyprus—an address also linked to entities named in the Paradise Papers by the ICIJ Offshore Leaks Database. 

Some websites go further, advertising discounted “member prices” that require account top-ups, like a charge of €44 every two weeks, often concealed in promotional offers. These scams frequently promote multiple membership levels, using store credits and promises of steep discounts to mask overpriced or outdated products. 

Bitdefender warns that the evolving nature of these scams—complete with high-quality websites, paid advertising, and fake brand endorsements—makes them harder to detect. With the profitability of subscription fraud rising, scammers are scaling their operations, expanding beyond mystery boxes into bogus product sales and investment offers. 

Researchers caution users to stay vigilant while shopping online, especially when prompted to enter payment information for deals that seem too good to be true. As these tactics grow more elaborate, consumers are urged to read the fine print and verify the authenticity of online shops before completing any transactions.
Read more »
News
Anti-DDoS Measures cyber attack DDOS Attack News

Massive 1Tbps DDoS Attack Cripples Online Betting Site, Exposes Industry’s Ongoing Cybersecurity Failures

 

An online betting company has been knocked offline by a colossal 1-terabit-per-second Distributed Denial of Service (DDoS) attack, exposing glaring weaknesses in the digital defences of the gambling industry. Reported by TechRadar, the attack unleashed a massive flood of junk traffic that overwhelmed the site’s infrastructure, rendering its services inaccessible for hours. 

What makes the incident more concerning is the lack of sophistication behind it—this wasn’t a complex, stealthy operation but rather a brute-force flood that succeeded purely through scale. Despite the growing prevalence of such attacks in recent years, many companies in high-risk sectors like online gambling continue to treat cybersecurity as an afterthought. 

With their operations heavily reliant on constant uptime and revenue tied to every second online, gambling platforms remain prime targets for attackers, yet many fail to invest in fundamental protections like cloud-based DDoS mitigation, real-time monitoring, and incident response planning. 

Cybersecurity experts are baffled by this ongoing negligence, especially when previous headline-grabbing attacks—such as the 1.3Tbps assault on GitHub in 2018 or AWS’s 2.3Tbps encounter in 2020—should have prompted serious change. 
Compounding the issue is the role of Internet Service Providers (ISPs), who continue to shy away from proactive upstream filtering, allowing these massive data floods to reach their targets unchecked. The financial impact of such downtime is severe, with potential losses not only in revenue but also in user trust, legal exposure, and long-term brand damage. 

Security professionals stress that effective DDoS defence requires more than just faith in hosting providers; it demands deliberate investment in scalable protection tools like AWS Shield, Cloudflare, or Akamai, along with robust infrastructure redundancy and tested incident response strategies. 

In 2025, DDoS attacks are no longer anomalies—they’re a constant threat woven into the fabric of the internet. Ignoring them is not cost-saving; it’s gambling with disaster.
Read more »
Smishing attack
cyber attack Data Theft News Smishing attack

Smishing Surge Expected in 2025 Driven by Sophisticated Phishing-as-a-Service Platform

Security researchers are sounding the alarm on a looming global wave of smishing attacks, warning that a powerful phishing-as-a-service (PhaaS) platform named Lucid—run by Chinese-speaking threat actors—is enabling cybercriminals to scale operations across 88 countries. 

According to threat intelligence firm Catalyst, Lucid has evolved from local-level operations into a globally disruptive tool, with a sharp increase in activity anticipated by early 2025. The platform allows attackers to send malicious links via Apple iMessage and Android’s Rich Communication Services, bypassing traditional telecom network filters. It also features a credit card validator, helping criminals confirm stolen financial information in real time. 

Lucid’s architecture offers an automated, subscription-based model that supports customizable phishing campaigns, leveraging anti-detection strategies like IP blocking, user-agent filtering, and time-limited URLs to avoid scrutiny. Threat actors using Lucid are increasingly impersonating trusted entities—such as government agencies, postal services, and toll collection services—to deceive victims and steal sensitive data. 

The U.S. has been hit particularly hard, with smishing scams prompting alerts from the FBI, FTC, state governments, and attorneys general. What sets Lucid apart is its efficiency and scale: researchers say it can send over 100,000 phishing messages per day. Its structure includes roles ranging from administrators to guest users, with weekly licensing options and automatic suspensions for non-renewal. 

These campaigns are notably effective, with a reported success rate of 5%. By operating over the internet and using device fingerprinting and geo-targeted phishing pages, Lucid boosts its reach while staying under the radar. 

It sources phone numbers through data breaches, OSINT, and darknet markets, making it one of the most sophisticated PhaaS platforms today—alongside others like Darcula and Lighthouse. As cybercriminals continue to embrace this plug-and-play model, experts fear smishing will become an even more pervasive threat in the months ahead.
Read more »
Data Theft
cyber attack Cyber Attacks data stone Data Theft

Check Point Downplays Hacker’s Claims Amid Alleged Data Breach

 

A hacker using the alias “CoreInjection” has claimed responsibility for stealing what they describe as a “highly sensitive” dataset from cybersecurity firm Check Point. 
According to several media reports, the alleged stolen data includes user login credentials, employee contracts, and internal network blueprints. Despite these claims, Check Point has downplayed the incident, describing it as an outdated and isolated event involving a single account with restricted access. 

The company emphasized that no customer systems, production environments, or core security infrastructure were affected. In an official statement, Check Point clarified that the incident had occurred months ago and was addressed at the time. 

The firm criticized the hacker’s claims as misleading, suggesting they are reusing old data to create a false narrative. Cybersecurity expert Alon Gal, CTO of Hudson Rock, expressed concerns over the situation, noting that there is a strong possibility the breach involved access to a privileged administrator account—though he acknowledged that the event has yet to be fully confirmed. 

This isn’t the first time Check Point has faced such scrutiny. In 2024, its VPN software was targeted by attackers attempting to exploit it to breach corporate networks. However, those efforts were largely unsuccessful, and the company quickly issued a straightforward fix. 

While Check Point continues to reassure stakeholders that no major security risk was posed, the incident highlights the persistent threats facing even the most established cybersecurity firms.
Read more »
Subscribe to: Posts (Atom)