Top news stories this week
- Keir's mailstorm. UK PM forced to change email address following suspected Russia hack.
- Wrong delivery. GrubHub confirms data breach via third-party account.
- Five Eyes. Cyber agencies urge manufacturers to improve forensic visibility of network edge devices.
- Insider threat. Ransomware gang Sarcoma tempts employees with cash for corporate secrets.
- Ongoing impact. Community Health Centre reveals data breach as NHS Wirral continues to recover from 2024 attack.
- School prep. Singapore to undergo coordinated simulated cyber-attack.
1. Keir Starmer changed email account in 2022 after suspected Russia hack
British Prime Minister Keir Starmer scrapped his personal email account after it was accessed in 2022 by a Russian threat actor, according to a recently published book covering his time in opposition titled ‘Get In’. According to the book, the email address was “dangerously obvious” and lacked two-factor authentication.
So what?
Business and personal email accounts should be protected by multi-factor authentication to reduce the likelihood of unauthorized access.
[Researcher: Milda Petraityte]
2. GrubHub confirms data breach via third-party account
US food delivery company GrubHub has suffered a data breach that exposed customer names, email addresses, phone numbers, partial payment details, and potentially hashed passwords from legacy systems.
The breach was detected by GrubHub after it noticed unauthorized activity associated with a third-party vendor account.
So what?
Organizations must enforce strong security controls against third-party or guest accounts and implement the principle of least privilege, limiting access to only necessary resources.
[Researcher: Aditya Ganjam Mahesh]
3. Five Eyes cyber agencies issue joint guidelines to enhance protection for network edge devices
Cyber agencies from the UK, Australia, Canada, New Zealand, and the US – the Five Eyes – have urged providers of network edge devices, such as firewall, routers, or VPNs, to enhance forensic visibility on products to help defenders detect attacks and investigate breaches.
So what?
Comprehensive logging for edge devices significantly improves investigations and enables more effective responses to security incidents.
[Researcher: Lena Krummeich]
4. Ransomware groups offer employees money to leak corporate secrets
Ransomware groups, including Sarcoma, are offering financial incentives to disgruntled employees to leak private company information such as credentials for Remote Desktop Protocol and corporate emails, according to researchers.
SO WHAT?
Organizations can mitigate the risk of insider threats through stringent access controls and regular monitoring of network activity.
[Researcher: Waithera Junghae]
5. Community Health Centre suffers data breach; NHS Wirral continues recovery from 2024 ransomware attack
US health provider Community Health Centre (CHC) has disclosed a data breach affecting the personal data of over one million patients at the Middletown Community Health Center Inc.
Separately, a November 2024 cyber-attack is continuing to significantly impact cancer treatments for patients at Wirral University Teaching Hospitals NHS Trust, according to UK National Health Service executives.
So What?
Criminals continue to target critical infrastructure including healthcare services. Healthcare providers must prioritise cybersecurity to safeguard patient well-being and maintain trust in healthcare systems.
[Researcher: Blanche MacArthur]
6. Singapore to undergo coordinated simulated cyber-attack
Organizations, schools, and even individuals throughout Singapore will experience simulated power outages due to a “phishing attack” as part of a nationally coordinated exercise. This scenario, which entails a power outage brought about by ransomware, is part of Singapore’s Total Defence exercise.
SO WHAT?
Organizations should consider this a timely reminder to review and, if necessary, update their continuity and resilience plans.
[Researcher: Lester Lim]
-1-1.jpeg?width=121&height=121&name=MicrosoftTeams-image%20(11)-1-1.jpeg)
