Cyber Newsround 2019

Cyber Newsround will no doubt be as busy as it was last year with the cyber threat landscape ever evolving and presenting new and daunting challenges to individuals and businesses.


21st June

The parent company of Eurofins Scientific Services  have reported that they were subject to a ransomware attack at the beginning of this month which has now been advised to the ICO.

The organization is the UK largest private forensic entity carrying out DNA testing , firearms testing and computer forensics. The police have as a result of this cyber-attack suspended work with Eurofins. 

It is not clear yet the extent of the attack but a full scale investigation is currently underway. many of their IT systems were impacted not only in the UK but around the world.

20th June

The Riviera Beach Council in Florida  have been hit by a ransomware attack as a result of a phishing attack when a member of the police force  clicked on an e-mail link which distributed malware encrypting nearly every city computer network.This included the 911 emergency system, e-mail on-line payments and payroll.

The council decided to to pay the 65 bitcoin ransom equivalent to $600,000. It has been revealed that the attack took place at the end of May and since then the council have paid $914,ooo for new computers affected by the cyberattack.

This follows another recent ransom ware attack on a US city council where Baltimore was subject to a similar incident however the ransom was not paid on this occasion. 

12th June 

One of the largest suppliers of airplane parts, ASCO has been subject to a ransomware attack that has ceased production in a number of countries.

This was first discovered in its Zavantem plant in Belgium where the IT systems were crippled. This resulted in 1000 of its 1400 employees being sent home across four countries, initially this was planned for a few days but is now going to be for a full week. 

ASCO provide parts for Airbus,Boeing,Bombardier and Lockhead Martin across airline and transportation sectors.

Information concerning the ransomware attack has been limited, as to whether the ransom has been paid and how the incident has been managed within the business.  

12th June 

The Spanish football league La Liga has been fined approximately £222,000 under the GDPR by the Spanish regulatory body AEPD.

The Spanish league’s official Andriod and iOS mobile app which once downloaded would once given permission to access the microphone to check to see the location of the user such as in a bar or pub. If it appeared that the user was in such a venue the software would check to see if the appropriate subscription of that venue was in place and had a commercial subscription in place.

AEPD stated that La Liga did not inform users about this monitoring practice and should have sought permission and that they were collecting the personal data of users. Whilst the app did have in place a process where permission was required to access the microphone users were unaware of what data may have subsequently been utilized. This is insufficient and in contravention of GDPR, it is understood that La Liga will appeal this decision.

11th June

A MiniDisc archive owned by the frontman Thom Yorke of Radiohead has been hacked whereby a $150,000 ransom demand was made for the recordings to be returned.

The band have subsequently made the recordings available with the proceeds to go to climate activists Extinction Rebellion. Fans were offered these files as a number of tracks were of historical interest and would have been a welcomed addition to many Radiohead fans record collection.  

11th June 

It has been revealed that photos of travelers and licence plates images have been compromised as a result of one of the sub-contractors’ of the US Customs Border Protection being subject to a cyber – attack.

The incident has affected about 100,000 individuals with information obtained when photographs were taken of travelers whilst entering and exiting the US at a border point over a period of one and half months..

The matter was discovered when the sub-contractor transferred photographs of licence plates and travelers images to its own network without the agency’s prior knowledge.

This highlights the important of there being robust cyber security in place for an organizations supply chain.


31st May

Leicester City Football Club’s website has been compromised which has resulted in customers having their financial details  stolen.

Hackers have apparently taken details that include credit card numbers and CVV’s. It is suspected that  Magento malware was utilised in the attack and that this originated from a third party website used by the football club.

It has not been disclosed how many customers were affected by this attack, a number of incidents have been reported where fraudulent transactions have subsequently been made.

22nd May

BBC Watchdog has discovered that the personal information of many TalkTalk customers that were subject to the 2015 cyberattack are available online via a simple internet search.

The data that is available online includes email addresses, dates of birth and mobile phone numbers. It was also ascertained by the ICO that many of these customers had not been notified that their details had been stolen in the original data breach.

20th May

Suspected hackers believed to be responsible for the GozNym malware attacks on a number of US and Canadian banks have been charged by US prosecutors.

It is understood that they tried to steal $100M in April 2016 where infected electronic invoices were distributed to customers around the world.

15th May

Many Russian government officials have had their passport data posted on-line. It has been revealed that up to eight government websites have been compromised where data has been exposed.

A number of officials are understood to be high profile individuals with a total of approximately 300,000 leaked entries being at risk.

14th May

It has been announced that a zero-day vulnerability has been located on WhatsApp which has permitted hackers to listen into users groups.

Spyware was installed which allowed users chats to be exposed when microphone and cameras were accessed.

Facebook who own WhatsApp have now patched the software and have asked all users to update the app.

8th May

The city of Baltimore in the US has been hit by a ransomware attack that has resulted in a shut down of many of its computers servers which has been implemented to safeguard further damage.

The ransomware virus has yet been unidentified which has attacked critical public systems that includes the fire department and emergency medical services paralysing the city.

This is not the first time that the city has been hit where a similar ransomware attack was carried out last March which restricted 911 calls.

2nd May

Austrian construction firm Porr have suffered a cyberattack on its communication infrastructure where its telephone lines and-mails were severely disrupted.

It is believed that this was caused by a virus and an investigation is underway in order to determine how this managed to get through the firewalls of the organisation. 

1st May 

It is understood that that the German based IT services provided CityComp has been subject to a cyber attack which appears to have compromised clients data. 

The attack was ransomware based demanding a ransom of $5,000 which threatened to release this data. The financial information of clients such as Ericsson, Toshiba and BT are believed to be at risk.

The hacker seems to have had access to CityComps systems for over a month before they were discovered.The hacker has since published the dat on the Dark Web which includes names and e-mail addresses, meeting notes with clients and details of confidential projects.


20th April

It is understood that a number of employee accounts of Wipro have been hacked as a result of a phishing attack. Despite this the Company Secretary has reassured investors that no critical business operations have been impacted.

Wipro are an IT services provider appear to to have been subject to a systematic cyber attack over a period of months which was a zero day attack. The intrusion was discovered when a forensic investigation was undertaken on their computer network.

3rd April

A recent test of the cyber defence capabilities of U.K. universities has revealed that hackers are able to gain access to their computers within two hours which would put confidential data at risk.

The tests were able to access personal data finance systems and research networks. Penetration tests were carried out on over 50 universities. The attacks were carried out by ethical hackers working for Jisc (formerly the Joint Information Systems Committee) and the Higher Education Policy Institute which demonstrated 100% success in breaching the cyber defences that were in place.

Universities have been targeted in recent years with over 1000 attacks taking place in last year alone.

3rd April

It is believed that Iran have been responsible for cyber attacks undertaken against the Post Office and a number of local government networks.

The attacks occurred just before Christmas with in excess of 10,000 records being taken which included e-mail addresses, postal addresses and phone numbers.Other entities were affected varying from private businesses to banks . It is possible that the Revolutionary Guard group of Iran were behind these attacks.

1st April

Toyota have suffered a data breach where hackers gained access to their IT systems and sales information of over 3 million customers.

it is understood that Toyota have undergone an audit of their systems in order that they can analyse where improvements can be made to help avoid a reoccurrence of a further data breach.


28th March

ASUS, one of the world’s laregest computer makers has unbeknownly installed a malicious backdoor on many of its customers computers. 

This occurred last year when hackers compromised a server being used for their live software update tool. It is understood that the malicious file did have a legitimate certificate which made it appear to be an authentic software update.

It is believed that half a million users of Windows re dived the malicious code through the ASUS update server.

This is a good example of a supply chain cyber attack which is a growing concern to businesses.

21st March

The Police Federation of England and Wales (PFEW) the trade union for police workers has been subject to a ransomware attack. It is believed that the attack was not aimed specifically at the organisation but more of an opportunist attack.

The HQ in Surrey where the attack was discovered believe that no data has been compromised. The PFEW are however notifying the 120,000 individuals. The ICO have also been informed of this incident.

19th March

Norse Hydro who are one the biggest aluminium producers in the world have been hit by a ransomware attack that began in the US. It is understood that as a result of this attack a number metal extrusion and rolled plants were shut down.

The virus that caused this is known as LockerGoga which is new strain of ransom ware that encrypts the files of computers subsequently locking them and making s demand for a monetary ransom.

The company intends to restore the systems from their backup and it would that the ransom would not need to be paid. 

The cyber attack has impacted on the share price of the company which initially fell when this was revealed.

13th March

Kathmandu, the outdoor clothing retailer has been subject to a breach of its on-line shopping portal where customers personal data may have been compromised.

it is not known how the cyber attack occurred but an investigation is underway in order to ascertain how this took place.

6th March

Iran have been behind a series of cyber attacks over the past couple of years which have centred around the Middle East and the US affecting in excess of 200 companies.

Microsoft announced this news earlier this week with hackers stealing corporate information and wiping data from computers. No particular sector was targeted with a wide spectrum of businesses being impacted.The group behind these is thought to be Holmium which are an established hackering group.

6th March

It has been revealed that hackers from China have been targeting universities in the US in order to steal military information. Universities known to have been targeted have been Massachusetts and Washington.

The focus of the hackers was believed to be maritime technology being used for the military. Access was obtained by phishing attacks where the networks were compromised.

The hacking group behind these attacks are thought to be Mudcarp Leviathan APT40 or Temp Periscope.

5th March

North Korean hackers are believed to be targeting critical infrastructure in the US. McAfee have released a report recently which states that almost 80 US business have been targeted relating to telecoms energy and defence.

Interestingly this appears to have occurred during President Trumps summit with Kim Jong Un.The US have apparently been aware of this activity.

Banks have also been targeting which is believed to be to acquire funds due the sanctions currently imposed on the country.


13th February

The Bank of Valetta in Malta has been hit by a major cyber attack which resulted in the bank being shutdown. It is understood that cash machines, mobile banking and e-mail services were impacted by the attack.

Hackers tried to steal 13 million euros from the bank via transfers to other banks around the world. Despite this no customers have had their bank accounts compromised.

A number of local businesses were affected by the cyber attack who relied on the processing of bank card payments.

The bank is working to get their systems back up and running as soon as possible.

9th February

Hackers have gained access to the Australian Parliament’s computer network however it does not appear that data has been stolen.

All users have been asked to changed their passwords and an investigation is underway.

It is believe.d that a state actor may be behind the attack with China one of the potential countries as they have been attempting to influence Australian politics for sometime. With elections due to take place shortly Russia could also be considered as the country behind the attack in view of the rumours that circulated during the last American presidential elections.

1st February

Metro Bank has fallen victim to a cyber attack that we have not readily seen before.

It is understood that hackers tracked mobile phones remotely and intercepted SMS text messages used as 2- Factor Authentification in real time. They were then used to log into the users bank accounts and insert new sessions thus being able to steal data and track the indivuals movements.

The flaw was exploited in SS7 which is a protocol used by telecoms in order to coordinate how they route calls ans SMS messages.

Metro Bank have stayed that only a small number of customers have been affected by this new form of cyber attack.


30th January

Airbus have disclosed that they suffered a security breach which resulted in unauthorised access to data.

As a result of this personal data was accessed being mostly professional contact and IT identification details of their employees.

An investigation is underway so that the cause of the breach can be determined.

Airbus announced that there was no impact to its commercial operations. The ICO have been notified inacoordance with the GDPR regulations.

21st January

France’s data protection regulator the CNIL has fined Google E50million for non-compliance of GDPR regulations and is by far the largest fine issued under these new regulations.

The company did not provide enough information to its users about its data consent policies and did not give sufficient control about how the information was utilised.

It is understood that Google will make an appeal against this fine.

17th January

A fake BBC News webpage has been set up by hackers aimed to convince users to part with money.

The page shows a bitcoin themed documentary previously broadcast by Panarama last year inc,using links on the page directing visitors to site promising to make them millionaires. It is understood that the fake page is spread via e-mails sent from hacked accounts.

The City of London Police’s cybercrime team has warned consumers to be aware of such scams.

16th January

An Israeli network researcher Noam Rotem has revealed that travelers around the world were found to be susceptible to a security vulnerability on an on-line flight ticket booking system.This system allows hackers to access and amend their flight details and to access their frequent flyer miles.

The on-line booking system is Amadeus which is utilised by 141 airlines around the world today including a number of major airlines it is however understood that Amadeus has now fixed the issue with additional security measures being implemented.

8th January

Customer credit card and personal data has been stolen from individuals who bought Lenovo laptops or Motorola mobile phones as hackers published details on-line.

This is as a result of the company being hacked on New Years’ Eve, the attack was claimed by the New World Hackers. The reason behind the attack was to test the organisations cyber resilience.

The ICO are monitoring the situation and it data breach has taken place formal notification will need to be made.

7th January 2019

Personal data from hundreds of German politicians and public figures have been accessed and released on-line.

The information disclosed included private e-mails, telephone numbers, holiday photos of MP’s which and celebrities which found their way onto Twitter.

The data has been released over regular intervals since December but this was however only discovered recently.

It is not known who carried out the attack but Russia is suspected to be the source.

4th January 2019

It has been revealed that the website for Dublin’s tram system has been subject to a ransomware attack where hackers demanded one bitcoin ransom.

The Luas website was taken down by the IT company who services it so that they could try and resolve the cyber attack.

2nd January

Hackers have threatened to release data relating to the 9/11 attack on the World Trade Centre. These are confidential litigation documents concerning a number of high profile insurers.

The hacking group know as the Dark Overlord have documents which they have intimated that they will release on the “KickAss” dark web if their ransom demands are not met.

It is understood that 18,000 documents were stolen from a firm of US lawyers involving the insurer Hiscox. Hiscox have informed the policyholders of the incident.

Image : Shutterstock