South African Airways hit by cyber attack
South African Airways (SAA) has become the latest organisation to fall victim to a cyber attack.
In a statement released today, the flagship carrier of South Africa says it has been impacted by a significant cyber incident that began on Saturday, 3 May.
According to SAA, the breach temporarily disrupted access to the airline’s website, mobile application and several internal operational systems, prompting swift response measures to mitigate its effects.
On Saturday, the airline took to social media to say: “SAA regrets to inform customers that we are experiencing an intermittent technical system outage affecting the SAA website and mobile app. Our teams are working on resolving the issue as soon as possible. We apologise for any inconvenience this may cause and will provide updates accordingly.”
IT Guy Let Girlfriend Enter into Highly Restricted Server Rooms
A major security breach at Deutsche Bank’s New York datacenter has come to light through a lawsuit filed by a former Computacenter manager who claims he was wrongfully terminated after reporting unauthorized access incidents.
James Papa, previously a service delivery manager at Computacenter, alleges he was fired in July 2023 after raising alarming security concerns about one of his subordinates who repeatedly allowed his Chinese girlfriend into highly secure server rooms.
The lawsuit, filed this Monday in New York, details how a Computacenter employee granted his girlfriend “Jenny” unauthorized access to Deutsche Bank’s server rooms housing the institution’s “big iron” – industry terminology for high-performance mainframe computers processing millions of sensitive financial transactions.
Coinbase Hacked – Massive Data Breach Costs Them $400 Million
Coinbase Global, Inc., one of the world’s largest crypto exchanges, disclosed a major cybersecurity incident in a Form 8-K filing with the U.S. Securities and Exchange Commission (SEC) on May 14, 2025.
The breach, orchestrated by an unknown threat actor, involved the unauthorized access of sensitive customer information and internal company documentation.
With estimated remediation costs ranging from $180 million to $400 million, the incident underscores the growing risks of cyber threats in the crypto ecosystem.
The Breach: How It Happened
The incident came to light on May 11, 2025, when Coinbase, Inc., a subsidiary of Coinbase Global, received an email from a threat actor claiming to have obtained sensitive data.
The perpetrator allegedly acquired the information by paying multiple contractors or employees in support roles outside the United States. These individuals, who had access to internal Coinbase systems for their job functions, collected customer account details and internal documentation, including materials related to customer-service and account-management systems.
Coinbase’s security monitoring systems had independently detected instances of unauthorized data access by these personnel in the months leading up to the email.
Upon discovery, the company swiftly terminated the involved parties, implemented enhanced fraud-monitoring protections, and warned affected customers to prevent misuse of their data. However, the May 11 email revealed that these prior incidents were part of a coordinated campaign, which Coinbase now refers to as the “Incident.”
The threat actor demanded a ransom to refrain from publicly disclosing the stolen data. Coinbase has refused to pay and is cooperating with law enforcement to investigate the breach.
What Was Compromised?
While the breach did not involve the compromise of customer passwords, private keys, or access to funds, the scope of the stolen data is concerning. According to Coinbase, the exposed information includes:
- Customer Data: Names, addresses, phone numbers, email addresses, masked Social Security numbers (last four digits only), masked bank account numbers, some bank account identifiers, government-issued ID images (e.g., driver’s licenses, passports), account balance snapshots, and transaction histories.
- Corporate Data: Limited internal documents, training materials, and communications available to support agents.
Customer Data Compromised in Dior Cyber Attack
Luxury fashion house Dior experienced a significant security incident when unauthorized external actors breached their customer database.
According to the official notification, Dior immediately implemented containment protocols and engaged cybersecurity experts to investigate the intrusion.
The breach exposed various categories of personal information, though Dior maintains that financial details remained secure despite the breach.
This incident highlights the ongoing vulnerability of high-profile brands to sophisticated cyber attacks targeting customer information repositories.
The security incident, detected on May 7, 2025, involved unauthorized access to Dior’s customer relationship management (CRM) system by what the company described as “an unauthorized external party.”
Steel giant Nucor Corporation facing disruptions after cyberattack
A cybersecurity incident on Nucor Corporation’s systems, the largest steel producer in the U.S., forced the company to take offline parts of its networks and implement containment measures.
The incident caused the company to temporarily suspend production at multiple locations, although the full impact on Nucor’s business remains unclear.
Nucor is a major steel producer in the U.S. and scrap recycler in the North America. It is a primary supplier of reinforcing bar that is used extensively in the country’s buildings, bridges, roads, and infrastructure.
The company employs more than 32,000 people across numerous mills across the U.S., Mexico, and Canada, and reported a $7.83 billion revenue in the first quarter of the year.
The cybersecurity incident was disclosed via an 8-K filing the firm submitted earlier today to the U.S. Securities and Exchange Commission (SEC).
Hitachi Vantara Confirms Ransomware Attack
Hitachi Vantara has confirmed experiencing a ransomware incident that disrupted some systems, with servers remaining offline and the support connect feature for partners made inaccessible for now.
The Santa Clara, Calif.-based hybrid cloud infrastructure and data protection products vendor will bring systems back online once its unnamed third-party subject matter experts remediate the incident, Hitachi Vantara said in a blog post that gave a partner support email address for solution providers to use while support connect is down.
“While we will try to provide as much information as we can, please know that our investigation is in its early stages and remains ongoing at this time,” the vendor said in the post. “We will continue to provide updates as we make progress.”
UK government confirms massive data breach following hack of Legal Aid Agency
Britain’s Ministry of Justice (MoJ) confirmed on Monday that hackers had “accessed a large amount of information” from people who had applied for legal aid, potentially including their criminal histories.
According to the MoJ statement, everyone in England and Wales who applied for legal aid using the Legal Aid Agency’s online platform since 2010 may be affected.
Legal aid applicants “will include some of the most vulnerable people in our society,” said Gareth Mott, a research fellow at the Royal United Services Institute think tank and former lecturer in security and intelligence at the University of Kent.
The perpetrators of the data extortion incident claim to have data on more than 2 million people. The hackers have threatened to publish this data online in what would amount to one of the most significant data breaches to ever impact the British criminal justice system.
Volkswagen Car Hacked – Owner’s Personal Data & Service Details Exposed
Significant vulnerabilities uncovered in Volkswagen’s connected car app that exposed sensitive personal information and complete service histories of vehicles worldwide.
The flaws disclosed allowed unauthorized access to user data through simple exploits requiring only a vehicle’s VIN number, which is visible through most car windshields.
This breach marks the second major cybersecurity incident for Volkswagen in six months, following a December 2024 cloud storage leak that compromised data from 800,000 electric vehicles.
Cellcom Confirms Cybersecurity Breach After Network Failure
Cellcom/Nsight has officially confirmed a cyberattack as the cause of a five-day service disruption affecting customers across its network.
In an official statement released today, company leadership acknowledged the incident while assuring customers that sensitive personal information appears to remain secure.
According to company officials, the cyberattack targeted a segment of Cellcom’s network infrastructure that was isolated from customer data repositories.
“The incident was concentrated on an area of our network separate from where we store sensitive information,” the company stated, emphasizing that there is currently “no evidence that personal information related to customers, including names, addresses, and financial information, has been compromised.”
Upon detecting the breach, Cellcom implemented pre-established cybersecurity protocols, which included engaging external cybersecurity specialists, notifying the Federal Bureau of Investigation and Wisconsin state officials, and initiating a comprehensive recovery strategy.
The company maintains that despite the service interruption, their security preparation allowed them to respond according to established contingency plans designed specifically for cyber incidents.
Adidas Warns Customers of Data Breach After Third-Party Security Incident
Adidas, the renowned German sportswear manufacturer, has issued a warning regarding a recent consumer data breach. On May 23, 2025, the company revealed that an unauthorized external party accessed specific consumer information via a third-party customer service provider. According to official statements, the compromised data primarily consists of contact details belonging to individuals who had previously reached out to Adidas’s customer service help desk.
Adidas stressed that neither payment card numbers nor passwords were compromised. “We immediately took steps to address the incident and started a comprehensive investigation, working alongside top information security specialists,” the company said. This guarantee was created to ease concerns among its global customer base regarding financial fraud or direct account compromise.
LexisNexis Risk Solutions Data Breach Exposes 364,000 individuals personal Data
LexisNexis Risk Solutions has disclosed a significant data breach affecting approximately 364,000 individuals after discovering that an unauthorized third party gained access to sensitive personal information through a compromised third-party software development platform.
The cybersecurity incident, which LexisNexis learned about on April 1, 2025, actually occurred on December 25, 2024, when attackers successfully acquired data from an external platform used for software development purposes.
The breach notification reveals that the incident did not directly compromise LexisNexis’s own internal networks or systems, but rather affected data stored on a third-party platform utilized for development activities.
The company, which provides risk management services to business customers, immediately launched a comprehensive investigation with assistance from leading external cybersecurity experts upon discovering the unauthorized access.
Deloitte Data Breach: Alleged Leak of Source Code & GitHub Credentials
A threat actor using the alias “303” allegedly claimed to have breached the company’s systems and leaked sensitive internal data on a dark web forum.
The alleged breach reportedly involves GitHub credentials and source code from internal project repositories belonging to Deloitte’s U.S. consulting division.
According to reports emerging from cybersecurity monitoring services, the threat actor posted details of the alleged compromise on a well-known dark web forum, claiming to have accessed and exfiltrated critical development resources.
The leaked data allegedly includes GitHub credentials that could potentially grant unauthorized access to Deloitte’s internal development infrastructure, as well as source code from proprietary projects.
Victoria’s Secret website down as company investigates security incident
Women’s fashion brand Victoria’s Secret said it is working to restore operations after experiencing a security incident.
The company did not respond to requests for comment but the victoriassecret.com domain now features a brief message to customers explaining that it has “identified and are taking steps to address a security incident.”
“We immediately enacted our response protocols, third-party experts are engaged, and we took down our website and some in store services as a precaution,” the company said.
“We are working to quickly and securely restore operations. We continue to serve customers in our Victoria’s Secret and PINK stores.”
Discover more from Information Security Blogs
Subscribe to get the latest posts sent to your email.
