The Week in Cyber Security and Data Privacy in Europe: 22 – 28 January 2024

Welcome to this week’s round-up of the biggest and most interesting news stories in Europe.

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks.

___

Publicly disclosed data breaches and cyber attacks: in the spotlight

The ‘mother of all breaches’: more than 26 billion records exposed

The security researcher Bob Diachenko and investigators from Cybernews have discovered an open instance with 26 billion data records, mostly compiled from previous breaches – although it likely also includes new data.

The data is more than mere credentials, too – according to Cybernews, most of the exposed data is sensitive. Given the extraordinary scale of the data breach, it’s been dubbed the ‘MOAB’ (mother of all breaches). In total, 3,876 domain names were included in the exposed data set.

Data breached: more than 26 billion records.

Ukrainian cyber attack allegedly wipes 2 PB of data belonging to Russian research centre

The Main Directorate of Intelligence of the Ministry of Defense of Ukraine claims to have destroyed a 2-PB (petabyte) database belonging to Russia’s Far Eastern Research Center for Space Hydrometeorology, or Planeta.

With the caveat that news of state-sponsored attacks against combatants during wartime must be treated with a certain degree of caution, it appears that the cyber attack on Planeta – which receives and processes satellite data on behalf of more than 50 Russian state entities, including the Ministry of War – destroyed 280 servers at a cost of “at least $10 million”.

Data breached: 2 PB.


Publicly disclosed data breaches and cyber attacks in Europe: full list

This week, excluding the MOAB, we’ve found 2,095,836,761 records known to be in Europe, and 35 European organisations suffering a newly disclosed incident. 28 of them are known to have had data exfiltrated, exposed or otherwise breached. None definitely haven’t had data breached.

Organisation(s)SectorLocationData breached?Known records breached
3,876 domain names (the ‘mother of all breaches’ or ‘MOAB’)
Source
(New)
MultipleMultipleYesMore than 26,000,000,000
Far-Eastern Center of State Research Center for Space Hydrometeorology (Planeta)
Source 1; source 2
(New)
PublicRussiaYes2 PB
IPL Consulting
Source 1; source 2
(New)
IT servicesRussiaYesMore than 60 TB
Moscow International Higher Business School
Source
(New)
EducationRussiaYes27,915,905
JD Sports Fashion
Source
(New)
RetailUKYes1,493,344
Microbe&Lab
Source
(New)
HealthcareNetherlandsYes1,285,279
Stemcor Global Holdings Limited
Source
(New)
RetailUKYes1.2 TB
UK forex customers
Source
(New)
FinanceUKYes1,001,214
A.N.S. Computer SPRL
Source
(New)
IT servicesBelgiumYes1,000,000
AerCap
Source
(New)
TransportIrelandYes1 TB
Southern Water
Source 1; source 2; source 3
(New)
UtilitiesUKYes750 GB
A24Group Medical Staffing
Source
(New)
HealthcareUKYes10 GB
Danto.de
Source
(New)
RetailGermanyYes30,000
Vans NL
Source
(New)
RetailNetherlandsYes17,761
Avon
Source
(New)
ManufacturingUKYes12,861
VistaPrint
Source
(New)
RetailNetherlandsYes11,968
ColliShop
Source
(New)
RetailBelgiumYes10,291
Samsonite
Source
(New)
ManufacturingBelgiumYes5,108
Connect Distribution
Source
(New)
RetailUKYes2,615
Student.com
Source
(New)
Real estateUKYes414
Deknudt Frames
Source
(New)
ManufacturingBelgiumYesUnknown
GAMEE
Source
(New)
BlockchainCzech RepublicYesUnknown
CARRI Systems
Source
(New)
Professional servicesFranceYesUnknown
Mercedes-Benz AG
Source
(New)
ManufacturingGermanyYesUnknown
Neafidi Società Cooperativa di garanzia collettiva fidi
Source
(New)
FinanceItalyYesUnknown
CloudFire
Source
(New)
IT servicesItalyYesUnknown
DENHAM the Jeanmaker
Source
(New)
RetailNetherlandsYesUnknown
The Gainsborough Bath Spa
Source
(New)
HospitalityUKYesUnknown
Caravan and Motorhome Club
Source 1; source 2
(New)
LeisureUKYesUnknown
BUKA Magazin
Source
(New)
MediaBosnia and HerzegovinaUnknownUnknown
Sveriges Riksbank
Source
(New)
FinanceSwedenUnknownUnknown
The Misbourne
Source 1; source 2; source 3
(New)
EducationUKUnknownUnknown
Naftogaz of Ukraine
Source
(New)
EnergyUkraineUnknownUnknown
Monobank
Source
(New)
FinanceUkraineUnknownUnknown
Ukrtransbezpeka
Source
(New)
PublicUkraineUnknownUnknown
Ukrposhta
Source
(New)
TransportUkraineUnknownUnknown

Note 1: ‘New’/‘Update’ in the first column refers to whether this breach was first publicly disclosed this week, or whether a significant update was released this week. The updated data point is italicised in the table.

Note 2: For incidents where we only know the file size of the data breached, we use the formula 1 MB = 1 record. Given that we can’t know the exact numbers, as it depends on the types of records included (e.g. pictures and medical histories are considerably larger files than just names and addresses), we err on the side of caution by using this formula. We believe that this underestimates the records breached in most cases, but it is more accurate than not providing a number at all.


AI

Final draft of EU Artificial Intelligence Act leaked

Luca Bertuzzi, the technology editor of Euractiv, has shared the final draft of the EU’s AI Act, “ahead of a discussion within the Telecom Working Party, a technical body of the EU Council, on Wednesday and formal adoption at the ambassador level (i.e. COREPER) on 2 February”.

European Commission launches AI innovation package to support startups and SMEs

Following the political agreement on the AI Act, the European Commission has launched a package of measures to help European startups and small to medium-sized organisations develop AI that “respects EU values and rules”.

UK NCSC warns of rise in AI-enabled ransomware

The UK’s NCSC has warned that AI, which is already being used to facilitate cyber crime, “will almost certainly increase the volume and impact of cyber attacks – including ransomware – in the near term”. Its report concludes that AI lowers the barrier of entry to would-be attackers, enabling the relatively unskilled to carry out more effective campaigns.


Enforcement

CNIL fines Amazon France Logistique €32 million for GDPR breach

France’s supervisory authority, the CNIL, has fined Amazon France Logistique, the division that manages the Amazon group’s French warehouses, €32 million for monitoring employee behaviour in breach of the EU GDPR.

UK, US and Australia sanction “Russia-based cyber hacker”

The UK, US and Australia have sanctioned the Russian national Aleksandr Ermakov, following his identification as a key actor in the cyber attack on Australia Medibank in 2022. The attack saw 9.7 million customers’ personal data leaked on the dark web.


Other news

Three new cyber security reports published

The Securonix 2024 Insider Threat Report looks at internal security risks, while the Malware Trends Overview Report: 2023 from Any Run examines the most prevalent malware types of 2023 and Coveware examines the latest ransomware trends.

noyb survey: 74.4% of experts say data protection authorities would find “relevant violations” at most companies

To mark this year’s Data Protection Day, the privacy rights campaign group noyb surveyed more than 1,000 data protection professionals in the EU. According to the resulting report, GDPR: a culture of non-compliance?, 35.8% of respondents agree that “the ‘deterring effect’ of the GDPR has been lost over the last five years”, 70.9% “think that we need more clear decisions by [data protection authorities] and courts to improve compliance” and 74.4% “assume relevant violations at an average company”.


Key date

19 March 2024 – UK government calls for views on Cyber Governance Code of Practice

The UK government is calling for views on its draft Cyber Governance Code of Practice, which aims to help organisations manage cyber risks. Responses must be submitted by 11:59 pm on Tuesday, 19 March 2024.


That’s it for this week’s round-up. We hope you found it useful.

We’ll be back next week with the biggest and most interesting news stories, all rounded up in one place.

In the meantime, if you missed it, check out last week’s round-up. Alternatively, you can view our full archive.


Security Spotlight

To get news of the latest data breaches and cyber attacks straight to your inbox, subscribe to our weekly newsletter: the Security Spotlight.

Every Tuesday, you’ll get a short email with:

  • Industry news, including this weekly round-up;
  • Our latest research and statistics;
  • Interviews with our experts, sharing their insights and expertise;
  • Free useful resources; and
  • Upcoming webinars.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.