Cybersecurity

Customer data stolen in cyber attacks on Cartier and North Face

Fashion brand The North Face and luxury jeweller Cartier have confirmed recent cyber attacks that exposed customer data, including names and email addresses.

Neither company reported breaches of financial or password information.

North Face identified the attack as a credential stuffing attempt, where previously stolen passwords are used to break into other accounts.

Affected customers are being advised to change their login details, while the company’s owner, VF Corporation, continues recovering from an earlier incident.

Cartier said the breach allowed brief access to limited client data but insisted that it quickly secured its systems.

Retailers such as Adidas, Victoria’s Secret, Harrods, and M&S have all been hit in recent months, prompting warnings that the industry remains an attractive target for cyber criminals.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft and CrowdStrike align naming of threat actors

Microsoft and CrowdStrike have announced a joint initiative to align their threat actor taxonomies, aiming to improve clarity and coordination in the fight against cyberattacks.

While the two cybersecurity giants are not creating a unified naming standard, they are publishing a cross-referenced mapping that shows how threat actors tracked by both companies correspond under their respective naming systems.

The inconsistency in threat actor names across the cybersecurity industry has long created confusion, often slowing response times and complicating collaboration between teams.

A single actor might be known as Midnight Blizzard by Microsoft, Cozy Bear by another firm, and APT29 or UNC2452 by others — all referring to the same group. This fragmentation of identifiers has made tracking and defending against threats more difficult.

To address this, Microsoft and CrowdStrike have released a reference document that maps common threat actors across both organisations’ taxonomies and includes aliases from other vendors.

The goal is to provide security teams with a clearer understanding of which groups are being discussed, regardless of the terminology used.

Although the mapping effort currently involves only Microsoft and CrowdStrike, other major players in the cybersecurity industry — including Google’s Mandiant and Palo Alto Networks’ Unit 42 — are expected to contribute to the initiative in the future.

‘Security is a shared responsibility, requiring community-wide efforts to improve defensive measures,’ said Vasu Jakkal, Corporate Vice President of Microsoft Security. ‘We are excited to be teaming up with CrowdStrike and look forward to others joining us on this journey.’

As more companies adopt this collaborative approach, experts believe it will enhance collective defence by making threat intelligence easier to interpret and act upon across the security ecosystem.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

France cracks down on organised kidnapping ring targeting crypto leaders

Twenty-five people, including six minors, have been charged in Paris for kidnappings and attempted abductions of France’s crypto leaders. Eighteen are in pre-trial detention, others await court or are under supervision. Ages range from 16 to 23.

The investigation began with a 13 May daylight kidnapping attempt in eastern Paris, aimed at the daughter and grandson of Paymium’s CEO, Pierre Noizat. Prior failed attempts and a separate foiled abduction near Nantes earlier in the week are also linked to the case.

Video footage showed masked attackers assaulting Noizat’s family, who were hospitalised with minor injuries. Noizat praised those who defended his family during the attack.

Most suspects are French-born, with some from Senegal, Angola, and Russia. Authorities say the accused include both those who carried out the abductions and those responsible for logistics.

Defence lawyers highlighted the youth of some defendants and their vulnerability to criminal influence. The wave of kidnappings has raised national security concerns, prompting government efforts to protect wealthy crypto entrepreneurs.

Last January, Ledger co-founder David Balland was kidnapped, tortured, and ransomed before being freed.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Australia tightens rules for crypto ATMs

Australia has imposed stricter rules on crypto ATM operators to curb scams and ensure compliance with anti-money laundering laws. A $5,000 AUD limit now applies to cash deposits and withdrawals, with scam warnings required on all machines.

Operators must also step up customer verification and improve transaction monitoring. These measures follow an AUSTRAC-led investigation that revealed older Australians, particularly those aged 60 to 70, account for a large share of crypto ATM activity.

Authorities noted that some victims were tricked into handing over life savings via these machines.

AUSTRAC has already denied registration renewal to one provider, Harro’s Empires, due to ongoing misuse risks.

The agency warned that other non-compliant operators could face similar penalties. It also urged broader adoption of cash limits across exchanges to reduce financial crime exposure.

To strengthen awareness, AUSTRAC and the federal police have released educational materials to be displayed near ATMs. The move comes amid rising scam reports, with 150 confirmed cases and over $3.1 million AUD in losses reported within a year.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Singapore orders crypto firms to stop overseas activity by June

Singapore’s central bank, the Monetary Authority of Singapore (MAS), has mandated all local crypto service providers to halt digital token operations targeting overseas markets by 30 June 2025. Firms failing to comply risk fines of up to S$250,000 (£145,000) and imprisonment for up to three years.

The directive applies to any Singapore-based company, individual, or partnership offering digital token services abroad, regardless of their main business. MAS confirmed no transitional arrangements will be made.

Only firms licensed under current financial laws may continue without breaching the rules.

Licences for overseas digital token services will be rare due to strict AML and CFT concerns. Industry experts advise companies to restructure operations quickly to remove Singapore connections and reduce compliance risks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

TikTok bans ‘SkinnyTok’ hashtag worldwide

TikTok has globally banned the hashtag ‘SkinnyTok’ after pressure from the French government, which accused the platform of promoting harmful eating habits among young users. The decision comes as part of the platform’s broader effort to improve user safety, particularly around content linked to unhealthy weight loss practices.

The move was hailed as a win by France’s Digital Minister, Clara Chappaz, who led the charge and called it a ‘first collective victory.’ She, along with other top French digital and data protection officials, travelled to Dublin to engage directly with TikTok’s Trust and Safety team. Notably, no representatives from the European Commission were present during these discussions, raising questions about the EU’s role and influence in enforcing digital regulations.

While the European Commission had already opened a broader investigation into TikTok over child protection issues in early 2024 under the Digital Services Act (DSA), it has yet to comment on the SkinnyTok case specifically. Despite this, the Commission says it is still coordinating with French authorities on matters related to DSA enforcement.

The episode has spotlighted national governments’ power in pushing for online safety reforms and the uncertain role of the EU institutions in urgent digital policy actions.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

NSO asks court to overturn WhatsApp verdict

Israeli spyware company NSO Group has requested a new trial after a US jury ordered it to pay $168 million in damages to WhatsApp.

The company, which has faced mounting legal and financial troubles, filed a motion in a California federal court last week seeking to reduce the verdict or secure a retrial.

The May verdict awarded WhatsApp $444,719 in compensatory damages and $167.25 million in punitive damages. Jurors found that NSO exploited vulnerabilities in the encrypted platform and sold the exploit to clients who allegedly used it to target journalists, activists and political rivals.

WhatsApp, owned by Meta, filed the lawsuit in 2019.

NSO claims the punitive award is unconstitutional, arguing it is over 376 times greater than the compensatory damages and far exceeds the US Supreme Court’s general guidance of a 4:1 ratio.

The firm also said it cannot afford the penalty, citing losses of $9 million in 2023 and $12 million in 2024. Its CEO testified that the company is ‘struggling to keep our heads above water’.

WhatsApp, responding to TechCrunch in a statement, said NSO was once again trying to evade accountability. The company vowed to continue its legal campaign, including efforts to secure a permanent injunction that would prevent NSO from ever targeting WhatsApp or its users again.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

184 million passwords exposed in massive data breach

A major data breach has exposed over 184 million user credentials, including emails, passwords, and account details for platforms such as Google, Microsoft and government portals. It is still unclear whether this was due to negligence or deliberate criminal activity.

The unencrypted, unprotected database was discovered online by cybersecurity researcher Jeremiah Fowler, who confirmed many of the credentials were current and accurate. The breach highlights ongoing failures by data handlers to apply even the most basic security measures.

Fowler believes the data was gathered using infostealer malware, which silently extracts login information from compromised devices and sells it on the dark web. After the database was reported, the hosting provider took it offline, but the source remains unknown.

Security experts urge users to update passwords across all platforms, enable two-factor authentication, and use password managers and data removal services. In today’s hyper-connected world, the exposure of such critical information without encryption is seen as both avoidable and unacceptable.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft takes down massive Lumma malware network

Microsoft has dismantled a major cybercrime operation centred around the Lumma Stealer malware, which had infected over 394,000 Windows devices globally.

In partnership with global law enforcement and industry partners, Microsoft seized more than 1,300 domains linked to the malware.

The malware was known for stealing sensitive data such as login credentials, bank details and cryptocurrency information, making it a go-to tool for cybercriminals since 2022.

The takedown followed a court order from a US federal court and included help from the US Department of Justice, Europol, and Japan’s cybercrime unit.

Microsoft’s Digital Crimes Unit also received assistance from firms like Cloudflare and Bitsight to disrupt the infrastructure that supported Lumma’s Malware-as-a-Service network.

The operation is being hailed as a significant win against a sophisticated threat that had evolved to target Windows and Mac users. Security experts urge users to adopt strong cyber hygiene, including antivirus software, two-factor authentication, and password managers.

Microsoft’s action is part of a broader effort to tackle infostealers, which have fuelled a surge in data breaches and identity theft worldwide.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Colt, Honeywell and Nokia to trial quantum cryptography in space

Colt Technology Services, Honeywell, and Nokia have joined forces to trial quantum key distribution (QKD) via satellites to develop quantum-safe networks. The trial builds on a previous Colt pilot focused on terrestrial quantum-secure networks.

The collaboration aims to tackle the looming cybersecurity risks of quantum computing, which threatens to break current encryption methods. The project seeks to deliver secure global communication beyond the current 100km terrestrial limit by trialling space-based and subsea QKD.

Low-Earth orbit satellites will explore QKD over ultra-long distances, including transatlantic spans. The initiative is designed to support sectors that handle sensitive data, such as finance, healthcare, and government, by offering encryption solutions resistant to quantum threats.

Leaders from all three companies emphasised the urgency of developing safeguards to protect against future threats. A joint white paper, The Journey to Quantum-Safe Networking, has been released to outline the risks and technical roadmap for this new frontier in secure communications.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.