The Week in Cyber Security and Data Privacy in Europe: 18 – 24 March 2024

2,134,132 known records breached in 30 newly disclosed incidents

Welcome to this week’s round-up of the biggest and most interesting news stories in Europe.

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks.

Publicly disclosed data breaches and cyber attacks: in the spotlight

International Luxury Group allegedly hit by BlackBasta ransomware

The BlackBasta ransomware group has reportedly attacked Switzerland’s International Luxury Group, exfiltrating 1 TB of data, including user data, accounting records, company information, personal information and designs. The International Luxury Group is one of the world’s leading fashion and lifestyle accessories companies.

Data breached: 1 TB.

Cactus ransomware group adds Grupa Topex to list of victims

The Cactus ransomware group claims to have stolen 638 GB of data from Grupa Topex, a Polish power tool supplier. The data allegedly includes database exports, personal data, corporate data and financial documents.

Data breached: 638 GB.

Publicly disclosed data breaches and cyber attacks in Europe: full list

This week, we found 2,134,132 records known to be compromised in Europe, and 30 European organisations suffering a newly disclosed incident. 18 of them are known to have had data exfiltrated, exposed or otherwise breached. 5 definitely haven’t had data breached.

Organisation(s)SectorLocationData breached?Known data breached
International Luxury Group
RetailSwitzerlandYes1 TB
Grupa Topex
ManufacturingPolandYes638 GB
Sting AD
Hallesche Kraftverkehrs-& Speditions-GmbH
ECB (England & Wales Cricket Board)
PublicSpainYes30 GB
Spa Gran Prix
SCHOKINAG-Schokolade-Industrie GmbH
The London Clinic
Source 1; source 2
Ultra Electronics Group
70 organisations, including 48 government organisations*
Public and unknown23 countries, including UK and HungaryYesUnknown
IT servicesRussiaUnknownUnknown
Pension Fund of Ukraine
KIM (Kaluska informatsiyna merezha LLC)
Source 1; source 2
Source 1; source 2
Giorgia Meloni’s Instagram account
Source 1; source 2
Source 1; source 2
Rt Hon. Grant Shapps MP’s RAF Dassault Falcon 900 jet

Note 1: The asterisked incident also affects organisations outside Europe. We’ve accounted for this in our summary above the table via a proportionate calculation.

Note 2: For incidents where we only know the file size of the data breached, we use the formula 1 MB = 1 record. Given that we can’t know the exact numbers, as it depends on the types of records included (e.g. pictures and medical histories are considerably larger files than just names and addresses), we err on the side of caution by using this formula. We believe that this underestimates the records breached in most cases, but it is more accurate than not providing a number at all.


Google VLOGGER generates video from photos, raising security concerns

Google researchers have unveiled VLOGGER, an AI model that can generate photorealistic videos of people from photographs and audio samples. However, security professionals have expressed concern about the technology’s potential misuse to create deepfakes that could be used for social engineering attacks.

Microsoft research finds 87% of UK organisations vulnerable to cyber attacks in the age of AI

A new report by Microsoft, in collaboration with Dr Chris Brauer of Goldsmiths, University of London, classed 87% of UK organisations as vulnerable to cyber attacks. Mission Critical: Unlocking the UK AI Opportunity Through Cybersecurity states that the UK must cement its position as a “cybersecurity superpower” in order to realise its ambition of becoming a global “AI superpower”.


Nemesis Market darknet marketplace shut down

The Office of the Public Prosecutor General in Frankfurt am Main – Central Office for Combating Cybercrime – and the German Federal Criminal Police Office have seized the server infrastructure of the darknet marketplace Nemesis Market, along with €94,000 in cryptocurrency.

Three arrested in connection with France Travail hack

Three individuals, aged between 21 and 23, were arrested on 17 March, suspected of playing a key role in the recent attack on France Travail and Cap Emploi.

Other news

European Commission recommends actions to combat counterfeiting

The European commission has adopted a recommendation to combat counterfeiting and enhance the enforcement of IPR (intellectual property rights). Tools proposed by the Commission include a new IP scan enforcement voucher, a Cybertheft Prevention Toolkit and a checklist on using AI without compromising their assets.

UK accuses China of two malicious cyber campaigns

The UK deputy prime minister, Oliver Dowden, has officially blamed the 2021–22 attacks on the UK’s Electoral Commission and parliamentarians on “China state-affiliated actors”.

ICO publishes new fining guidance

The UK’s data protection authority, the ICO (Information Commissioner’s Office), has published new data protection fining guidance, setting out how it calculates fines.

NCSC issues guidance on migrating SCADA solutions to the Cloud

The UK’s NCSC (National Cyber Security Centre) has published new guidance on Cloud-hosted SCADA (supervisory control and data acquisition) systems. The guidance identifies three critical areas to assess before deciding on a SCADA Cloud migration: understanding your business drivers and Cloud opportunities; organisational readiness; and technology and Cloud solutions suitability.

CISA® qualification chosen by NCSC as part of GovAssure

ISACA’s® CISA (Certified Information Security Auditor) qualification has been chosen by the NCSC as an industry-leading standard and qualifying criterion for companies licensed to conduct assurance reviews of government organisations, as part of its new cyber assurance regime for government systems, GovAssure.

New guidance and recently published reports

Key dates

31 March 2024 – PCI DSS v4.0 transitioning deadline 

Version 3.2.1 of the PCI DSS (Payment Card Industry Data Security Standard) is being retired on 31 March, to be replaced by version 4.0 of the Standard. There are more than 50 new requirements in PCI DSS v4.0. You can find out more about them on the PCI Security Standards Council’s website.

30 April 2024 – ISO/IEC 27001:2013 certification unavailable

Certification bodies must stop offering (re)certification to ISO 27001:2013 by 30 April. The new iteration of the Standard, ISO 27001:2022, isn’t significantly different from ISO 27001:2013, but there are some notable changes. Learn more about complying with ISO 27001:2022.

That’s it for this week’s round-up. We hope you found it useful.

We’ll be back next week with the biggest and most interesting news stories, all rounded up in one place. Until then, have a good Easter.

In the meantime, if you missed it, check out last week’s round-up. Alternatively, you can view our full archive.

Security Spotlight

To get news of the latest data breaches and cyber attacks straight to your inbox, subscribe to our weekly newsletter: the Security Spotlight.

Every Tuesday, you’ll get a short email with:

  • Industry news, including this weekly round-up;
  • Our latest research and statistics;
  • Interviews with our experts, sharing their insights and expertise;
  • Free useful resources; and
  • Upcoming webinars.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.