Analyst Insight
This week in cyber, we have seen an increases in attack across a range of industries including cryptocurrency exchanges, retail and government. Breaches in critical sectors can have severe consequences. For example, the ongoing disruption to M&S’s online ordering system has already resulted in a significant financial impact, estimated at £300 million. Coinbase also suffered a data breach containing personal data of high-value customers with lots of assets. In the telecommunications sector, we see O2 disclosing a critical vulnerability within their VoLTE and WiFi calling technologies allowing attackers to trace a phone numbers location, this was patched this week. Significant efforts from global law enforcement led to the seizure of 2,300 domains linked to the popular information stealing malware LummaC2. Read more in Telesoft’s This Week in Cyber.
M&S Suffers £300M Profit Hit After Cyberattack
Online ordering is still unavailable to customers nearly a month after the M&S cyberattack. The disruption is said to continue until July. “It estimates that the cyber-attack will hit this year’s profits by around £300m – more than analysts had expected and the equivalent to a third of its profit – a sum that would only partly be covered by any insurance pay-out.” states the BBC. Police are currently investigating the Scattered Spider threat actor group with their links to the previous Co-op and Harrods cyberattacks.
United Kingdom Legal Aid Agency Suffers Data Breach
Last week, on Wednesday 23 April the United Kingdom’s Legal Aid Agency (LAA) became aware of a data breach on their online digital services, which are used by legal aid providers to log their work and receive payment from the Government. The breach compromised sensitive data, including personal, financial, and legal information of individuals who applied for legal aid since 2010, prompting an investigation with the National Cyber Security Centre and National Crime Agency. “On Friday 16 May we discovered the attack was more extensive than originally understood and that the group behind it had accessed a large amount of information relating to legal aid applicants.” stated the LAA. Legal aid services continue through contingency measures.
Recent Coinbase Breach Affects 69,461 Customers
This week, Coinbase notified the Office of Maine’s Attorney General of a data breach affecting “a small number of individuals, performing services for Coinbase at our overseas retail support locations, improperly accessed customer information.” Containing personally identifiable information such as government issued identification and account information, not including customer passwords, seed phrases or any other data that could be used to access funds. This data can be used for social engineering attacks.
Global Crackdown Disrupts Lumma Infostealer Malware Network
International law enforcement has disrupted the infrastructure behind the notorious LummaC2 information stealing malware operation. Authorities seized over 2,300 domains linked to the malware, which had been used to steal sensitive data from victims worldwide. “Malware like LummaC2 is deployed to steal sensitive information such as user login credentials from millions of victims in order to facilitate a host of crimes, including fraudulent bank transfers and cryptocurrency theft,” said Matthew R. Galeotti, head of the Justice Department’s Criminal Division.
The seizure was the result of coordinated efforts between cybersecurity firms and global agencies, marking a significant disruption to the malware’s distribution network. While the operation dealt a heavy blow to Lumma’s reach, experts warn that variants or rebrands may emerge.
O2 UK Patches Location Leak Vulnerability in Mobile Call Metadata
This week, O2 UK patched a critical flaw in their VoLTE and WiFi calling technologies that could have allowed third parties to track users’ locations through mobile call metadata. The issue, uncovered by security researchers, stemmed from a backend vulnerability that inadvertently exposed real-time location data tied to voice calls without users ever knowing. While no malicious use has been confirmed, the potential for abuse was significant. A simple call could have silently revealed where a user was, raising serious concerns about telecom data security. O2 responded promptly, deploying a fix and launching an internal review to reinforce its systems.
Go Back
Blog & News
