Starbucks is manually processing barista payroll after a ransomware attack disrupted the third-party software it uses for scheduling. Despite the outage, the company assured employees they would be paid correctly and instructed store managers on manual workarounds to keep operations running smoothly.
The attack targeted Blue Yonder, a cloud services provider whose clients include major grocery chains and Fortune 500 companies. Blue Yonder has faced backlash as its systems remain compromised, with multiple companies, including Ford, assessing potential impacts. The cybersecurity firm CrowdStrike is assisting with recovery efforts.
Ransomware attacks have surged globally, with hackers targeting critical operations, especially during high-demand periods like the holiday season. Starbucks’ new CEO Brian Niccol now faces an additional hurdle on top of three straight quarters of declining sales.
The White House has engaged leading United States telecommunications executives in a high-level meeting to address a significant cyber-espionage campaign allegedly linked to China. National Security Adviser Jake Sullivan and Deputy Adviser Anne Neuberger hosted the meeting, seeking industry insights and strengthening government-private sector partnerships to counteract future cyber threats.
Earlier this month, US authorities disclosed that hackers, purportedly linked to China, accessed surveillance data meant for law enforcement by breaching multiple telecom companies. Senator Mark Warner described the breach as the ‘worst telecom hack in our nation’s history.’
Though the identities of the companies and executives involved remain undisclosed, the meeting underscores the urgency of cybersecurity improvements amid escalating threats from state-sponsored actors. While China has categorically denied involvement, the incident amplifies concerns over Beijing’s alleged cyber activities targeting critical US infrastructure.
The discussions aim to establish better safeguards against sophisticated attacks, reinforcing collaboration between federal agencies and the telecom sector to bolster national cyber resilience.
Microsoft announced that most services for Outlook and Teams were restored late Monday after a widespread outage disrupted users throughout the day. While a small number of users continue to face issues with Outlook on the web, the company promised full restoration by Tuesday.
The disruption peaked with over 5,000 complaints logged on Downdetector, though Microsoft implemented fixes that restored functionality to 98% of affected environments by midday. Progress slowed in the afternoon, but by evening, reports of issues had significantly declined.
This outage, which impacted countless office workers ahead of the Thanksgiving holiday, is the latest in a year of major tech disruptions globally. Although significant, the scale of this incident was far smaller than the summer outage of CrowdStrike’s systems, which caused billions in losses across industries.
Australia plans to enforce a ban on social media use for anyone under 16, requiring platforms to verify user ages through methods such as biometrics or government IDs. Prime Minister Anthony Albanese emphasised strict privacy protections, mandating the destruction of personal data once age verification is complete.
The proposed laws, among the toughest globally, would impact platforms like Instagram, TikTok, X, and Snapchat. They include no exemptions for parental consent or existing accounts, with non-compliance penalties of up to $32 million. Critics, including Elon Musk, argue the measures could restrict internet access for Australians.
The government aims to fast-track the legislation and pass it by Thursday, marking a significant step in global efforts to regulate social media and protect minors.
A Brighton tradesman lost £75,000 to a fake bitcoin scheme that used a deepfake video of Martin Lewis and Elon Musk. The kitchen fitter, Des Healey, shared his experience on BBC Radio 5 Live, revealing how AI manipulated Martin’s voice and image to create a convincing endorsement. Des admitted he was lured by the promise of quick returns but later realised the devastating scam had emptied his life savings and forced him into debt.
He explained that the fraudsters, posing as financial experts, gained his trust through personalised calls and apparent success in his fake investment account. Encouraged to invest more, he took out £70,000 in loans across four lenders. Only when his son raised concerns about suspicious details, such as background music on calls, did Des begin to suspect foul play and approach the police.
Martin Lewis, Britain’s most impersonated celebrity in scams, described meeting Des as emotionally challenging. He commended Des for bravely sharing his ordeal to warn others. Martin emphasised that scams prey on urgency and secrecy, urging people to pause and verify before sharing personal or financial details.
Although two banks cancelled loans taken by Des, he still owes £26,000 including interest. Des expressed gratitude for the chance to warn others and praised Martin Lewis for his continued efforts to fight fraud. Meanwhile, Revolut reaffirmed its commitment to combating cybercrime, acknowledging the challenges posed by sophisticated scammers.
The National Information Technology Development Agency (NITDA) has partnered with TikTok under the ‘Safer Together’ initiative to enhance digital safety and literacy in Nigeria. That collaboration, announced at the TikTok Online Safety and Digital Awareness Programme in Abuja, reflects Nigeria’s leadership in Africa’s digital transformation, supported by a growing tech ecosystem and increasing connectivity.
The partnership addresses key challenges such as misinformation, cyberbullying, and digital exploitation while aligning with NITDA’s regulatory framework, emphasising awareness, innovation, and inclusivity. NITDA aims to achieve 70% digital literacy by 2027, fostering digital inclusion and empowering youth to drive the country’s digital economy. TikTok’s safety features, including screen time management and anti-bullying tools, are integral to educating parents, teachers, and stakeholders on safe and responsible digital practices.
The programme highlights the importance of collective efforts in creating a secure digital environment, requiring collaboration between the government, private sector, and civil society. Through initiatives like this, the partnership aims to inspire creativity, build trust, and shape positive digital experiences for millions in Nigeria while addressing the risks associated with technological advancement.
British businesses have lost an estimated £44 billion ($55 billion) in revenue over the past five years due to cyberattacks, with more than half of private sector companies experiencing at least one incident, according to a report by insurance broker Howden. Companies earning over £100 million annually faced the highest risk, with cyberattacks cutting 1.9% of revenue on average.
The report identified compromised emails (20%) and data theft (18%) as the leading causes of cyber incidents. Despite these risks, only 61% of businesses used anti-virus software, and just 55% had network firewalls, with cost and limited IT resources cited as major obstacles to better cybersecurity.
“Cybercrime is rising as businesses rely more on technology, exposing vulnerabilities to malicious actors,” said Sarah Neild, head of UK cyber retail at Howden. The findings are based on a September survey of 905 UK private-sector IT leaders conducted by YouGov.
According to Morgan Adamski, executive director of US Cyber Command, Chinese hackers are embedding themselves in US critical infrastructure IT networks to prepare for a potential conflict with the United States. He announced that China-linked cyber operations aim to secure strategic advantages in the event of a major clash.
These operations involve compromising key networks and positioning themselves to execute disruptive attacks. Examples include manipulating heating, ventilation, and air conditioning (HVAC) systems in server rooms or disrupting vital energy and water controls, officials said earlier this year.
Speaking at the Cyberwarcon security conference in Arlington, Virginia, Adamski emphasised the scale of the threat, noting that the US government has launched globally coordinated efforts to counter these operations. These efforts include offensive and defensive measures designed to degrade and disrupt China’s cyber activities worldwide. Actions range from exposing cyber campaigns to imposing sanctions and issuing cybersecurity advisories, with support from allied nations.
Earlier, US Senator Mark Warner described a suspected China-linked cyberespionage campaign, dubbed ‘Salt Typhoon,’ as the worst telecommunications hack in US history. Beijing has repeatedly denied conducting cyberattacks on US entities.
The UN Office for Disarmament Affairs (ODA) will conduct a simulation exercise in early 2025 to help Member States engage with the Global Points of Contact (POC) Directory.
The directory ensures quick and effective responses to cybersecurity incidents by providing a reliable channel for diplomatic and technical contacts across countries. It is part of broader efforts to implement the agreed confidence-building measures (CBMs) and promote cyber stability and security globally, particularly under frameworks such as the UN’s Open-Ended Working Group (OEWG) on the security of ICTs. Most states have recently appointed their POCs and participated in the first ‘ping’ test (a test conducted by the directory manager to verify that the information in the directory is up-to-date).
In hybrid format, the exercise aims to familiarise nominated POCs with practical aspects of participating in the directory and clarify the roles of diplomatic and technical contacts. In collaboration with the UN Institute for Disarmament Research (UNIDIR) and the International Telecommunications Union (ITU), the event will occur virtually, with an in-person debrief.
The UK government has announced the launch of a Laboratory for AI Security Research (LASR), an initiative to protect against emerging AI-driven threats and bolster Britain’s cyber resilience. The lab, backed by an initial £8.22 million in government funding, will bring together experts from academia, industry, and government to address AI’s evolving challenges to national security.
Speaking at the NATO Cyber Defence Conference in London, the Chancellor of the Duchy of Lancaster emphasised that AI is revolutionising national security and noted that ‘[…]as we develop this technology, there’s a danger it could be weaponised against us. Our adversaries are exploring how to use AI on the physical and cyber battlefield’.
LASR will collaborate with leading institutions, including the Alan Turing Institute, Oxford University, Queen’s University Belfast, and Plexal, alongside government agencies such as GCHQ, the National Cyber Security Centre, and the MOD’s Defence Science and Technology Laboratory. Partnerships will extend to NATO allies and Five Eyes countries, fostering an international approach to AI security.
In addition to LASR, the government announced a £1 million incident response project to help allies respond more effectively to cyberattacks. This initiative will further enhance international cooperation in managing cyber incidents.
The official communication highlights that this announcement aligns with the government’s broader agenda, including the forthcoming Cyber Security and Resilience Bill (to be introduced to Parliament in 2025) and the designation of data centres as critical national infrastructure (CNI) to secure the UK’s position as a global leader in cybersecurity and AI innovation.
