November saw 103 cyber security incidents and more than 580 million leaked records.
That’s less than the monthly average, but we are still on pace to surpass 20 million breached records this year – a figure that seems almost unfathomable.
You can find the full list of breaches on our sister site, but in this blog, we look at the most notable incidents affecting European organisations.
French newspapers hit by cyber attacks
On 19 November, the Paris–Normandie newspaper confirmed that it had been hit by a cyber attack that disrupted its systems and its website.
As a result, it could only publish a single regional edition on Thursday rather than the normal three.
The newspaper declined to comment when asked whether the incident was the result of ransomware. However, two journalists from the paper confirmed that the attackers had demanded a ransom.
It’s unclear whether the Paris–Normandie intends to pay up, although cyber security experts advise against it. This is because it marks the organisation as a soft target for future attacks, and the funds could be used to launch other criminal operations.
A few days after the attack, another French newspaper, this time the Ouest-France Group, said that it had also suffered a cyber attack.
The Ouest-France Group explained that it would be publishing fewer editions of the newspaper to ensure that its beleaguered systems could cope, and François-Xavier Lefranc, the newspaper’s editor in chief, said that it would take some time to investigate and rectify the damage.
He added that it is isn’t the first time that the group had come under attack, but this one was particularly aggressive.
There is no evidence that this attack is related to the Paris–Normandie attack, but given the timing and the similar effect they’ve had, it wouldn’t be a surprise if a single criminal hacking group was responsible for both.
German housing company infected with ransomware
The Munich-based GWG Housing Company became the latest ransomware victim in November.
In a press release, the organisation said that much of the company’s IT systems and data was affected – including backup servers.
Over the course of this year, ransomware has risen to become arguably the biggest threats that organisations face. This is in part because criminals can purchase off-the-shelf malware relatively cheaply and use any number of techniques to infect organisations, including phishing scams.
But things have been particularly bad in 2020 as a result of COVID-19. Many organisations are relying on technological solutions, which makes them a more lucrative target for criminals and means victims are more likely to feel obliged to meet their demands.
Ukrainian army leaks soldiers’ data
The Ukrainian Ombudsperson’s Office confirmed last month that law enforcement officers have begun criminal proceedings after more than 500 soldiers’ personal data was published online.
On 5 November, the Office wrote that the breach relates to the dates of birth, address, tax info, passport details and telephone numbers of some soldiers who took part in the Joint Forces Operation in Donbas.
The information was processed as part of a list of applications for land plots in the town of Dubno.
The Dubno Police Department has opened a criminal investigation to verify the legality of the storage, use and dissemination of the information.
Stay up to date with cyber security news
Are you looking for regular updates on the latest cyber attacks and data breaches?
Subscribe to our Weekly Round-up to learn what’s happening in the cyber security industry and receive tips on the steps you should take to protect your organisation.