M&S struggles to get on top of ‘cyber incident’ 

The “cyber incident” which saw Marks & Spencer unable to accept contactless payments or handle click and collect orders at the beginning of the week is ongoing, the company has confirmed. 

Source: https://www.irishtimes.com/business/2025/04/24/ms-says-contactless-payments-still-down-after-cyber-attack/
 

FBI Releases Annual Internet Crime Report 

The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) has released its latest annual report. The 2024 Internet Crime Report combines information from 859,532 complaints of suspected internet crime and details reported losses exceeding $16 billion—a 33% increase in losses from 2023. 

Source: https://www.fbi.gov/news/press-releases/fbi-releases-annual-internet-crime-report
 

Yale New Haven Health data breach affects 5.5 million patients 

Yale New Haven Health (YNHHS) is warning that threat actors stole the personal data of 5.5 million patients in a cyberattack earlier this month. 

Source: https://www.bleepingcomputer.com/news/security/yale-new-haven-health-data-breach-affects-55-million-patients/
 

Blue Shield of California leaked health data of 4.7 million members to Google 

Blue Shield of California disclosed it suffered a data breach after exposing protected health information of 4.7 million members to Google’s analytics and advertisement platforms. 

Source: https://www.bleepingcomputer.com/news/security/blue-shield-of-california-leaked-health-data-of-47-million-members-to-google/
 

Frederick Health data breach impacts nearly 1 million patients 

A ransomware attack in January at Frederick Health Medical Group, a major healthcare provider in Maryland, has led to a data breach affecting nearly one million patients. 

Source: https://www.bleepingcomputer.com/news/security/frederick-health-data-breach-impacts-nearly-1-million-patients/
 

Lazarus hackers breach six companies in watering hole attacks 

In a recent espionage campaign, the infamous North Korean threat group Lazarus targeted multiple organizations in the software, IT, finance, and telecommunications sectors in South Korea. 

Source: https://www.bleepingcomputer.com/news/security/lazarus-hackers-breach-six-companies-in-watering-hole-attacks/
  

North Korean Operatives Use Deepfakes in IT Job Interviews 

North Korean IT workers are using deepfake technology to create synthetic identities for online job interviews aimed at securing remote work. This identity manipulation is part of ongoing state-sponsored employment scams aimed at infiltrating US and other organizations globally for malicious intent. 

Source: https://www.darkreading.com/remote-workforce/north-korean-operatives-deepfakes-it-job-interviews
 

‘Industrial-Scale’ Asian Scam Centers Expand Globally 

Asian crime syndicates are running cyber scam centers at a hyperscale, earning tens of billions of dollars and expanding into new markets westward. 

Source: https://www.darkreading.com/threat-intelligence/industrial-scale-asian-scam-centers
 

Texas Municipality City of Abilene Goes Offline in Wake of Cyberattack 

The city of Abilene, Texas, shut down its IT systems after a cyberattack caused server issues. 

Source: https://www.darkreading.com/vulnerabilities-threats/city-abilene-offline-after-cyberattack
 

Apple Zero-Days Under ‘Sophisticated Attack,’ but Details Lacking 

Two Apple zero-day vulnerabilities were exploited in “extremely sophisticated attacks,” according to the technology giant, but it has provided little detail on the threats. 

Source: https://www.darkreading.com/vulnerabilities-threats/apple-zero-days-sophisticated-attacks  
 

  

Smarttech247