Cybersecurity

UBS employee data leaked after Chain IQ ransomware attack

UBS Group AG has confirmed a serious data breach affecting around 130,000 of its employees, following a cyberattack on its third-party supplier, Chain IQ Group AG.

The exposed information included employee names, emails, phone numbers, roles, office locations, and preferred languages. No client data has been impacted, according to UBS.

Chain IQ, a procurement services firm spun off from UBS in 2013, was reportedly targeted by the cybercrime group World Leaks, previously known as Hunters International.

Unlike traditional ransomware operators, World Leaks avoids encryption and instead steals data, threatening public release if ransoms are not paid.

While Chain IQ has acknowledged the breach, it has not disclosed the extent of the stolen data or named all affected clients. Notably, companies such as Swiss Life, AXA, FedEx, IBM, KPMG, Swisscom, and Pictet are among its clients—only Pictet has confirmed it was impacted.

Cybersecurity experts warn that the breach may have long-term implications for the Swiss banking sector. Leaked employee data could be exploited for impersonation, fraud, phishing scams, or even blackmail.

The increasing availability of generative AI may further amplify the risks through voice and video impersonation, potentially aiding in money laundering and social engineering attacks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ryuk ransomware hacker extradited to US after arrest in Ukraine

A key member of the infamous Ryuk ransomware gang has been extradited to the US after his arrest in Kyiv, Ukraine.

The 33-year-old man was detained in April 2025 at the request of the FBI and arrived in the US on 18 June to face multiple charges.

The suspect played a critical role within Ryuk by gaining initial access to corporate networks, which he then passed on to accomplices who stole data and launched ransomware attacks.

Ukrainian authorities identified him during a larger investigation into ransomware groups like LockerGoga, Dharma, Hive, and MegaCortex that targeted companies across Europe and North America.

According to Ukraine’s National Police, forensic analysis revealed the man’s responsibility for locating security flaws in enterprise networks.

Information gathered by the hacker allowed others in the gang to infiltrate systems, steal data, and deploy ransomware payloads that disrupted various industries, including healthcare, during the COVID pandemic.

Ryuk operated from 2018 until mid-2020 before rebranding as the notorious Conti gang, which later fractured into several smaller but still active groups. Researchers estimate that Ryuk alone collected over $150 million in ransom payments before shutting down.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI helps Google curb scams and deepfakes in India

Google has introduced its Safety Charter for India to combat rising online fraud, deepfakes and cybersecurity threats. The charter outlines a collaborative plan focused on user safety, responsible AI development and protection of digital infrastructure.

AI-powered measures have already helped Google detect 20 times more scam-related pages, block over 500 million scam messages monthly, and issue 2.5 billion suspicious link warnings. Its ‘Digikavach’ programme has reached over 177 million Indians with fraud prevention tools and awareness campaigns.

Google Pay alone averted financial fraud worth ₹13,000 crore in 2024, while Google Play Protect stopped nearly 6 crore high-risk app installations. These achievements reflect the company’s ‘AI-first, secure-by-design’ strategy for early threat detection and response.

The tech giant is also collaborating with IIT-Madras on post-quantum cryptography and privacy-first technologies. Through language models like Gemini and watermarking initiatives such as SynthID, Google aims to build trust and inclusion across India’s digital ecosystem.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

LACNIC launches regional internet skills program

LACNIC has launched the Research and Development (R&D) Ambassadors Program to improve internet infrastructure in Latin America and the Caribbean. That initiative is designed to identify and support emerging technical leaders who can help address persistent connectivity challenges in the region.

The program focuses on enhancing expertise in areas such as internet measurement, routing, and IPv6, to build stronger local digital ecosystems. The first cohort of ambassadors, presented during LACNIC 43, showcased projects demonstrating strong local involvement, such as the expansion of the RIPE Atlas measurement network in Chile and increased active probes in Bolivia.

The ambassadors actively engaged their communities to promote best practices and build technical skills, fostering collaboration and knowledge sharing at the local level. However, despite these promising initiatives, the program’s long-term effectiveness remains uncertain.

Challenges, such as limited resources and uneven technical expertise across countries, raise questions about whether these efforts can scale or lead to broader improvements in regional connectivity. Sustainability remains a key concern, especially in uneven infrastructure development areas.

Despite challenges, the program is key in promoting digital inclusion in Latin America and the Caribbean, where internet access remains limited. LACNIC’s efforts support global goals to close the digital divide by empowering local leaders and building capacity. Continued investment in infrastructure and skills is essential for lasting impact and regional digital growth.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Orange, AFD, and Proparco unite for inclusive and sustainable digital growth

Orange, AFD Group, and Proparco have signed a three-year agreement to accelerate digital inclusion and promote sustainable development across 20 countries, primarily in Africa and the Middle East. The partnership will focus on deploying high-speed digital infrastructure, including network backbones and submarine cables, to address connectivity gaps in underserved and rural regions.

That initiative responds to stark disparities in internet access, with only 37% of Sub-Saharan Africa connected compared to over 91% in Europe. Beyond infrastructure, the partnership focuses on improving access to essential digital services in key sectors such as agriculture, healthcare, and education, while also promoting financial and energy inclusion to reduce inequalities and empower remote communities.

A major priority is supporting youth and fostering local innovation through programs that provide digital skills training and professional integration opportunities, enabling young people to participate actively in the digital economy. At the same time, the initiative aims to build vibrant entrepreneurship ecosystems so that communities can become creators, not just consumers, of technology.

Environmental sustainability and ethical responsibility are also at the heart of the collaboration, with strong commitments to reducing the digital sector’s ecological footprint and ensuring responsible practices in areas like data use, cybersecurity, and AI. The partnership seeks to embed inclusivity, innovation, and sustainability into the digital transformation process.

That partnership reflects a shared goal of using digital technology to promote equality and sustainable development, focusing on sovereign, innovative, and locally driven digital services.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Kuwait to strengthen telecom resilience amid regional tensions

Kuwait is implementing strategic policies to disaster-proof its telecommunications and digital infrastructure in light of rising regional tensions, particularly the ongoing conflict between Iran and the Zionist entity. Under any emergency scenario, these policies prioritise the continuity of essential services, such as the internet, mobile networks, and digital government systems.

To operationalise this approach, the government, led by the Minister of State for Communication Affairs, convened a high-level emergency meeting with key stakeholders, including the Ministry of Communications, the Communications and Information Technology Regulatory Authority (CITRA), and major telecom providers like Zain, Ooredoo, stc, and Virgin Mobile. The goal is to ensure unified national readiness through regular coordination, planning, and communication.

Kuwait is reinforcing its technical and operational capabilities to support these policies. The Ministry of Communications has raised its alert level and is conducting real-time monitoring of local networks to detect and respond to disruptions quickly.

Telecom providers have confirmed their infrastructure is prepared for various emergency scenarios, citing the activation of emergency centres, advanced technical support systems, and contingency plans. At the same time, CITRA has taken steps to maintain stable data flows by activating local internet exchange points (IXs) and securing alternative international routing paths, measures designed to minimise the impact of any potential regional connectivity breakdown.

In parallel, Kuwait is safeguarding digital public services as a core part of its policy framework. The Central Agency for Information Technology (CAIT) has implemented contingency plans and system integration efforts to ensure the continuity of government digital services. These measures aim to guarantee that citizens can access essential services, even during crises.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

ChatGPT now supports MCP for business data access, but safety risks remain

OpenAI has officially enabled support for Anthropic’s Model Context Protocol (MCP) in ChatGPT, allowing businesses to connect their internal tools directly to the chatbot through Deep Research.

The development enables employees to retrieve company data from previously siloed systems, offering real-time access to documents and search results via custom-built MCP servers.

Adopting MCP — an open industry protocol recently embraced by OpenAI, Google and Microsoft — opens new possibilities and presents security risks.

OpenAI advises users to avoid third-party MCP servers unless hosted by the official service provider, warning that unverified connections may carry prompt injections or hidden malicious directives. Users are urged to report suspicious activity and avoid exposing sensitive data during integration.

To connect tools, developers must set up an MCP server and create a tailored connector within ChatGPT, complete with detailed instructions. The feature is now live for ChatGPT Enterprise, Team and Edu users, who can share the connector across their workspace as a trusted data source.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Salt Typhoon hackers breached Viasat during 2024 presidential campaign

According to Bloomberg News, satellite communications firm Viasat Inc. was reportedly among the targets of the Chinese-linked cyberespionage operation known as Salt Typhoon, which coincided with the 2024 US presidential campaign.

The breach, believed to have occurred last year, was discovered in 2025. Viasat confirmed it had investigated the incident in cooperation with an independent cybersecurity partner and relevant government authorities.

According to the company, the unauthorised access stemmed from a compromised device, though no evidence of customer impact has been found. ‘Viasat believes that the incident has been remediated and has not detected any recent activity related to this event,’ the firm stated, reaffirming its collaboration with United States officials.

Salt Typhoon, attributed to China by US intelligence, has previously been accused of breaching major telecom networks, including Verizon, AT&T and Lumen. Hackers allegedly gained full access to internal systems, enabling the geolocation of millions of users and the interception of phone calls.

In December 2024, US officials disclosed that a ninth telecom company had been compromised and confirmed that individuals connected to both Kamala Harris’s and Donald Trump’s presidential campaigns were targeted.

Chinese authorities have consistently rejected the claims, labelling them disinformation. Beijing maintains it ‘firmly opposes and combats cyberattacks and cybertheft in all forms’.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft begins password deletion in six weeks

Microsoft has announced that it will begin deleting saved passwords from its Authenticator app in six weeks, urging users to shift to more secure passkeys. The company confirmed that by August 2025, saved passwords will no longer be accessible, marking a decisive move away from traditional logins.

Users can transition their credentials to Microsoft Edge or adopt passkeys, which are less vulnerable to phishing and breaches. Despite growing risks, Google is making similar recommendations as most users still rely on passwords or outdated two-factor authentication.

The changes reflect a broader industry push to phase out passwords entirely, citing their inherent insecurity and the surge in credential-based attacks. Microsoft also warned that attackers are intensifying efforts to exploit passwords before their relevance fades.

Authenticator will continue supporting passkeys, but users must keep it enabled as their passkey provider. Microsoft’s message is clear: act now to secure your accounts before password support disappears.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

UK cyber agency warns AI will accelerate cyber threats by 2027

The UK’s National Cyber Security Centre has warned that integrating AI into national infrastructure creates a broader attack surface, raising concerns about an increased risk of cyber threats.

Its latest report outlines how AI may amplify the capabilities of threat actors, especially when it comes to exploiting known vulnerabilities more rapidly than ever before.

By 2027, AI-enabled tools are expected to shorten the time between vulnerability disclosure and exploitation significantly. The evolution could pose a serious challenge for defenders, particularly within critical systems.

The NCSC notes that the risk of advanced cyber attacks will likely escalate unless organisations can keep pace with so-called ‘frontier AI’.

The centre also predicts a growing ‘digital divide’ between organisations that adapt to AI-driven threats and those left behind. The divide could further endanger the overall cyber resilience of the UK. As a result, decisive action is being urged to close the gap and reduce future risks.

NCSC operations director Paul Chichester said AI is expanding attack surfaces, increasing the volume of threats, and speeding up malicious activity. He emphasised that while these dangers are real, AI can strengthen the UK’s cyber defences.

Organisations are encouraged to adopt robust security practices using resources like the Cyber Assessment Framework, the 10 Steps to Cyber Security, and the new AI Cyber Security Code of Practice.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.