Jaguar Land Rover has extended a production shutdown into next week as it continues to grapple with the fallout from a cyberattack https://t.co/vVZ3MmgeJr ...

Cybersecurity Threat - Vietnam's National Credit Information Center experienced a cyberattack, potentially leading to a significant personal data breach [1] - The government has issued a public warning to be vigilant [1]

Core Viewpoint - Marks & Spencer's chief digital and technology officer, Rachel Higham, is stepping down following a significant cyberattack that impacted the company's online operations [1][2] Group 1: Leadership Changes - Rachel Higham, who joined Marks & Spencer in June, is taking a career break, prompting a reshuffle in the leadership team [1][2] - Sacha Berendji, a veteran at M&S, will assume responsibility for the digital and technology function alongside his current role in property and store development [2][3] - Thinus Keeve, the new retail director, will now report directly to Chief Executive Stuart Machin instead of Berendji [2][3] Group 2: Financial Impact - The cyberattack is expected to cost Marks & Spencer approximately £300 million ($405 million) in lost operating profit for the 2025/26 financial year, with hopes to mitigate this through insurance and cost controls [2] - M&S shares have declined by 8.5% year-to-date [3]

Group 1 - The chief digital and technology officer of Marks & Spencer is resigning from her position [1] - This resignation comes a few months after a cyberattack significantly disrupted the company's online operations [1]

Cybersecurity Threat - Telecom giant Orange warns of disruption amid ongoing cyberattack [1] Industry Impact - The cyberattack may cause service disruptions for Orange's customers [1]

Core Viewpoint - Orange, a major telecommunications provider, reported a cyberattack on its information systems, leading to service disruptions and an ongoing investigation into the incident [1][2]. Group 1: Cyberattack Details - The cyberattack was detected on July 25, prompting the company to isolate affected services to minimize impact [1]. - Disruptions were noted in some platforms, affecting business customers and public sector services primarily in France [1]. - The company stated that there is no evidence of internal or customer data being exfiltrated [1]. Group 2: Customer and Regulatory Response - Orange is actively engaging and informing affected customers about the situation [2]. - A complaint has been filed with relevant authorities, adhering to GDPR requirements for notifying local data protection authorities within three days of a suspected data breach [2]. - The company serves 291 million customers across 26 countries and employs 127,000 staff [2].

Cybersecurity Threats - Major cyberattacks have recently targeted M&S and Microsoft [1] - Geopolitical tensions and AI advancements are expected to increase the frequency of cyberattacks [1]

Core Insights - Microsoft has identified three China-based hacking groups responsible for an ongoing cyberattack on its SharePoint file-sharing system [1][2][3] Group 1: Attack Overview - The Microsoft Security Response Center first reported the attack on July 19, highlighting vulnerabilities related to spoofing and remote code execution [2] - SharePoint is designed for secure information sharing and collaboration within organizations [2] Group 2: Identified Hacking Groups - Two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, have been observed exploiting vulnerabilities targeting internet-facing SharePoint servers [3] - Linen Typhoon has been active since 2012, focusing on intellectual property theft, particularly from organizations linked to government and defense [5] - Violet Typhoon, active since 2015, has concentrated on espionage, targeting former government and military personnel, NGOs, think tanks, and various sectors in the U.S., Europe, and East Asia [6] Group 3: Attack Methods and Objectives - Linen Typhoon is known for "drive-by compromises" and relies on existing exploits to breach organizations [5] - Violet Typhoon seeks vulnerabilities in exposed web infrastructure to exploit weaknesses and install web shells [9] - Storm-2603 is another China-based threat actor involved in the breach, but its links to other known Chinese hacking groups remain unconfirmed [9] Group 4: Response and Mitigation - Microsoft has released security updates to protect customers using all versions of SharePoint and urges immediate application of these updates [12]

Core Viewpoint - Clorox has filed a lawsuit against Cognizant, alleging negligence in handling a cyberattack that resulted in significant financial damages due to a breach by the hacking group Scattered Spider in August 2023 [1][2][4]. Group 1: Cyberattack Details - The cyberattack was executed by Scattered Spider, which is known for tricking IT help desks into providing access credentials [1][6]. - Clorox claims that the hacker gained access by simply requesting passwords from Cognizant's support staff without any sophisticated techniques [2][3]. - The lawsuit includes transcripts of conversations where Cognizant staff reset passwords without verifying the hacker's identity [4]. Group 2: Financial Impact - The total damages from the cyberattack are estimated at $380 million, with approximately $50 million attributed to remedial costs and the remainder due to Clorox's inability to ship products to retailers [4]. - Clorox's operational recovery was further complicated by Cognizant's failures, such as not deactivating certain accounts and improperly restoring data [5].

Cybersecurity Incident - Six financial institutions in Brazil experienced a cyberattack, resulting in loss of access to central bank reserve accounts [1] - Authorities are calling it Brazil's biggest cyberattack in history [1] Cryptocurrency Involvement - Hackers allegedly laundered the stolen money using Bitcoin, Ethereum, and Tether [1]