A phishing scheme run by organised crime groups cost the UK government £47 million, according to officials from His Majesty’s Revenue and Customs.
Criminals posed as taxpayers to claim payments using fake or hijacked credentials. Rather than a cyberattack, the operation relied on impersonation and did not involve the theft of taxpayer data.
Angela MacDonald, HMRC’s deputy chief executive, confirmed to Parliament’s Treasury Committee that the fraud took place in 2024. The stolen funds were taken through three separate payments, though HMRC managed to block an additional £1.9 million attempt.
Officials began a cross-border criminal investigation soon after discovering the scam, which has led to arrests.
Around 100,000 PAYE accounts — typically used by employers for employee tax and national insurance payments — were either created fraudulently or accessed illegally.
Banks were also targeted through the use of HMRC-linked identity information. Customers first flagged the issue when they noticed unusual activity.
HMRC has shut down the fake accounts and removed false data as part of its response. John-Paul Marks, HMRC’s chief executive, assured the committee that the incident is now under control and contained. ‘That is a lot of money and unacceptable,’ MacDonald told MPs.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Coinbase is under scrutiny after revealing a data breach tied to its contractor TaskUs. The incident reportedly involved insider misconduct at a support centre in India.
Though the breach was disclosed in May, insiders say Coinbase had knowledge of the issue as early as January.
The incident was traced to a TaskUs agent who allegedly photographed customer data and sold it to hackers. TaskUs fired two staff, saying the breach seemed part of a broader campaign targeting several Coinbase service providers.
Operations in Indore were suspended, impacting 226 staff, most of whom received severance.
Hackers accessed names, addresses, masked banking data, and ID documents, but no funds or passwords were compromised. On 11 May, Coinbase received a $20 million ransom demand.
CEO Brian Armstrong rejected the threat and instead offered a $20 million reward for information leading to the attackers’ arrest.
The breach, which affected under 1% of users, has triggered a shareholder lawsuit accusing Coinbase of failing to disclose the incident promptly.
Although its stock dipped 7% after the news, it has since recovered, supported by the company’s recent inclusion in the S&P 500 index.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Thousands of current and former employees at Lee Enterprises have had their data exposed following a cyberattack earlier this year.
Hackers accessed to the company’s systems in early February, compromising sensitive information such as names and Social Security numbers before the breach was contained the same day.
Although the media firm, which operates over 70 newspapers across 26 US states, swiftly secured its networks, a three-month investigation involving external cybersecurity experts revealed that attackers accessed databases containing employee details.
The breach potentially affects around 40,000 individuals — far more than the company’s 4,500 current staff — indicating that past employees were also impacted.
The stolen data could be used for identity theft, fraud or phishing attempts. Criminals may even impersonate affected employees to infiltrate deeper into company systems and extract more valuable information.
Lee Enterprises has notified those impacted and filed relevant disclosures with authorities, including the Maine Attorney General’s Office.
Headquartered in Iowa, Lee Enterprises draws over 200 million monthly online page views and generated over $611 million in revenue in 2024. The incident underscores the ongoing vulnerability of media organisations to cyber threats, especially when personal employee data is involved.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Cyber attacks have surged by 47% globally in the first quarter of 2025, with organisations facing an average of 1,925 attacks each week.
Check Point Software, a cybersecurity firm, warns that attackers are growing more sophisticated and persistent, targeting critical sectors like healthcare, finance, and technology with increasing intensity.
Ransomware activity alone has soared by 126% compared to last year. Attackers are no longer just encrypting files but now also threaten to leak sensitive data unless paid — a tactic known as dual extortion.
Instead of operating as large, centralised gangs, modern ransomware groups are smaller and more agile, often coordinating through dark web forums, making them harder to trace.
The report also notes that cybercriminals are using AI to automate phishing attacks and scan systems for vulnerabilities, allowing them to strike with greater accuracy. Emerging markets remain particularly vulnerable, as they often lack advanced cybersecurity infrastructure.
Check Point urges companies to act decisively by adopting proactive security measures, investing in threat detection and employee training, and implementing real-time monitoring. Waiting for an attack instead of preparing in advance could leave organisations dangerously exposed.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Fashion brand The North Face and luxury jeweller Cartier have confirmed recent cyber attacks that exposed customer data, including names and email addresses.
Neither company reported breaches of financial or password information.
North Face identified the attack as a credential stuffing attempt, where previously stolen passwords are used to break into other accounts.
Affected customers are being advised to change their login details, while the company’s owner, VF Corporation, continues recovering from an earlier incident.
Cartier said the breach allowed brief access to limited client data but insisted that it quickly secured its systems.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Twenty-five people, including six minors, have been charged in Paris for kidnappings and attempted abductions of France’s crypto leaders. Eighteen are in pre-trial detention, others await court or are under supervision. Ages range from 16 to 23.
The investigation began with a 13 May daylight kidnapping attempt in eastern Paris, aimed at the daughter and grandson of Paymium’s CEO, Pierre Noizat. Prior failed attempts and a separate foiled abduction near Nantes earlier in the week are also linked to the case.
Most suspects are French-born, with some from Senegal, Angola, and Russia. Authorities say the accused include both those who carried out the abductions and those responsible for logistics.
Defence lawyers highlighted the youth of some defendants and their vulnerability to criminal influence. The wave of kidnappings has raised national security concerns, prompting government efforts to protect wealthy crypto entrepreneurs.
Last January, Ledger co-founder David Balland was kidnapped, tortured, and ransomed before being freed.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Australia has imposed stricter rules on crypto ATM operators to curb scams and ensure compliance with anti-money laundering laws. A $5,000 AUD limit now applies to cash deposits and withdrawals, with scam warnings required on all machines.
Operators must also step up customer verification and improve transaction monitoring. These measures follow an AUSTRAC-led investigation that revealed older Australians, particularly those aged 60 to 70, account for a large share of crypto ATM activity.
Authorities noted that some victims were tricked into handing over life savings via these machines.
AUSTRAC has already denied registration renewal to one provider, Harro’s Empires, due to ongoing misuse risks.
The agency warned that other non-compliant operators could face similar penalties. It also urged broader adoption of cash limits across exchanges to reduce financial crime exposure.
To strengthen awareness, AUSTRAC and the federal police have released educational materials to be displayed near ATMs. The move comes amid rising scam reports, with 150 confirmed cases and over $3.1 million AUD in losses reported within a year.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A major data breach has exposed over 184 million user credentials, including emails, passwords, and account details for platforms such as Google, Microsoft and government portals. It is still unclear whether this was due to negligence or deliberate criminal activity.
The unencrypted, unprotected database was discovered online by cybersecurity researcher Jeremiah Fowler, who confirmed many of the credentials were current and accurate. The breach highlights ongoing failures by data handlers to apply even the most basic security measures.
Fowler believes the data was gathered using infostealer malware, which silently extracts login information from compromised devices and sells it on the dark web. After the database was reported, the hosting provider took it offline, but the source remains unknown.
Security experts urge users to update passwords across all platforms, enable two-factor authentication, and use password managers and data removal services. In today’s hyper-connected world, the exposure of such critical information without encryption is seen as both avoidable and unacceptable.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Microsoft has dismantled a major cybercrime operation centred around the Lumma Stealer malware, which had infected over 394,000 Windows devices globally.
In partnership with global law enforcement and industry partners, Microsoft seized more than 1,300 domains linked to the malware.
The malware was known for stealing sensitive data such as login credentials, bank details and cryptocurrency information, making it a go-to tool for cybercriminals since 2022.
The takedown followed a court order from a US federal court and included help from the US Department of Justice, Europol, and Japan’s cybercrime unit.
Microsoft’s Digital Crimes Unit also received assistance from firms like Cloudflare and Bitsight to disrupt the infrastructure that supported Lumma’s Malware-as-a-Service network.
The operation is being hailed as a significant win against a sophisticated threat that had evolved to target Windows and Mac users. Security experts urge users to adopt strong cyber hygiene, including antivirus software, two-factor authentication, and password managers.
Microsoft’s action is part of a broader effort to tackle infostealers, which have fuelled a surge in data breaches and identity theft worldwide.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Colt Technology Services, Honeywell, and Nokia have joined forces to trial quantum key distribution (QKD) via satellites to develop quantum-safe networks. The trial builds on a previous Colt pilot focused on terrestrial quantum-secure networks.
The collaboration aims to tackle the looming cybersecurity risks of quantum computing, which threatens to break current encryption methods. The project seeks to deliver secure global communication beyond the current 100km terrestrial limit by trialling space-based and subsea QKD.
Low-Earth orbit satellites will explore QKD over ultra-long distances, including transatlantic spans. The initiative is designed to support sectors that handle sensitive data, such as finance, healthcare, and government, by offering encryption solutions resistant to quantum threats.
Leaders from all three companies emphasised the urgency of developing safeguards to protect against future threats. A joint white paper, The Journey to Quantum-Safe Networking, has been released to outline the risks and technical roadmap for this new frontier in secure communications.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
