France hit by largest ever cyber security breach with 33 million people impacted
Last week France witnessed its largest ever data breach that affected 33 million individuals, nearly half its population.
The breach targeted two service providers for medical insurance companies, Viamedis and Almerys, exposing a vast amount of personal data to potential hacker exploitation. The event marked a significant moment, described by cyber security experts, as unprecedented in scale. Occurring within days of each other at the start of February, the cyberattacks have raised concerns over the security of the "tiers payant" payment system, which allows patients to receive medical services without upfront payment.
The French data protection authority, CNIL, issued warnings about increased phishing risks, urging the public to verify the authenticity of communications from official sources. Affected individuals are to be notified by their health insurance providers in accordance with GDPR regulations. Viamedis revealed that the breach was due to phishing attacks that compromised health professionals' logins. Almerys meanwhile reported an intrusion into a health professional portal without compromising its central system. Both entities have since filed legal complaints, initiating an investigation.
The leaked data encompasses sensitive personal information, including marital status, dates of birth, social security numbers, health insurer names, and coverage details, though it reassuringly excludes bank, medical, address, and contact information.
UN Probes North Korea's $3 Billion Cyber Heists Funding WMD Development Amid Sanctions Defiance
UN sanctions monitors announced that they are investigating 58 suspected cyber-attacks by North Korea that targeted cryptocurrency-related companies between 2017 and 2023 with the aim of amassing approximately $3 billion. A sum that is reportedly aiding the further development of North Korea's weapons of mass destruction (WMD) programs. These findings, part of an unpublished UN report obtained by Reuters, underscore North Korea's persistent defiance of Security Council sanctions. Despite previous denials from Pyongyang regarding its involvement in cyber-attacks, the report highlights the sophisticated nature of these operations, often linked to Pyongyang's primary foreign intelligence agency.
The activities include targeting defence companies and their supply chains, sharing infrastructure and tools among hackers, and engaging in illicit financial operations to bypass sanctions. These efforts contribute to North Korea's continued development and production of nuclear materials and ballistic missile launches, despite a halt of nuclear tests since 2017.
The report also notes North Korea's deepening military relations with Russia and attempts to circumvent sanctions through the export of conventional arms and munitions, as well as the employment of DPRK nationals overseas in violation of UN mandates.
Ransomware Attack Hits Over 100 Romanian Hospitals, Forcing Return to Pen and Paper
Romania's healthcare system was hit by a significant ransomware attack earlier this week with it impacting over a hundred facilities, including children's and emergency hospitals.
Attackers demanded 3.5 Bitcoin (over £130,000) to decrypt vital files. Fortunately, recent backups have minimized the damage.
The attack, targeted a key medical information system, overnight on Monday and is under investigation by Romania's National Cyber Security Directorate (DNSC) and IT specialists. While 25 hospitals were directly affected, starting with The Pitesti Paediatric Hospital, 79 additional facilities went offline as a precaution. The malware type has been identified as Backmydata ransomware, but the perpetrators remain unknown.
Despite the challenges, most hospitals are expected to recover quickly due to the existing data backups, though the incident has disrupted patient services and could potentially affect critical medical equipment.
Up to 10% of Southern Water Customer Data Compromised in Cyber Attack
Southern Water announced a cyber attack on Tuesday that compromised data for 5-10% of its customers, potentially affecting personal and financial details.
The utility, serving areas including Kent, Sussex, Hampshire, and the Isle of Wight, alerted customers and regulators and enlisted cyber security experts for assistance. The breach might involve names, birth dates, national insurance numbers, and bank details. The incident, revealed after Southern Water detected suspicious IT activity and a cybercrime website mention, is under forensic review. While services remain unaffected, the company is notifying impacted customers and employees, and monitoring the dark web for stolen data. The Information Commissioner's Office is investigating the breach, advising concerned individuals to contact them.
Hacktivist Group Targets Iranian Parliament Servers Ahead of Elections, Claims Major Cyberattack
The hacktivist group Uprising till Overthrow has claimed responsibility for a significant cyberattack on Iran's Khaneh Mellat News Agency, affecting 600 parliamentary servers including commission, main chamber, and banking systems.
Affiliated with the Albania-based opposition Mujahideen-e Khalq (MEK) organization the group's action targets the Iranian Parliament's media arm amidst concerns over the integrity of the March 1st parliamentary elections, following candidate disqualifications.
This attack is part of a broader pattern of cyber operations against the Iranian government and infrastructure by various groups, highlighting ongoing digital resistance efforts.
