Orange Belgium has confirmed a data breach affecting 850,000 customers, after a cyberattack targeted one of its internal IT systems. The attack, discovered in late July, exposed names, phone numbers, SIM card details, tariff plans and PUK codes. No financial or password data was compromised.
The telecoms provider blocked access to the affected system and notified authorities. A formal complaint has also been filed with the judiciary. All affected users are being informed via email or SMS and are urged to stay alert for phishing and identity fraud attempts.
Orange Belgium has advised users to strengthen account security with strong, unique passwords and to be cautious of suspicious links and messages. This marks the third cyber incident involving Orange in 2025, following earlier attacks, though those breaches varied in impact.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Private conversations with xAI’s chatbot Grok have been exposed online, raising serious concerns over user privacy and AI safety. Forbes found that Grok’s ‘share’ button created public URLs, later indexed by Google and other search engines.
The leaked content is troubling, ranging from questions on hacking crypto wallets to instructions on drug production and even violent plots. Although xAI bans harmful use, some users still received dangerous responses, which are now publicly accessible online.
The exposure occurred because search engines automatically indexed the shareable links, a flaw echoing previous issues with other AI platforms, including OpenAI’s ChatGPT. Designed for convenience, the feature exposed sensitive chats, damaging trust in xAI’s privacy promises.
The incident pressures AI developers to integrate stronger privacy safeguards, such as blocking the indexing of shared content and enforcing privacy-by-design principles. Users may hesitate to use chatbots without fixes, fearing their data could reappear online.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Weymouth and Kingston Maurward College in Dorset is investigating a recent phishing attack that compromised several email accounts. The breach occurred on Friday, 15 August, during the summer holidays.
Spam emails were sent from affected accounts, though the college confirmed that personal data exposure was minimal.
The compromised accounts may have contained contact information from anyone who previously communicated with the college. Early detection allowed the college to lock down affected accounts promptly, limiting the impact.
A full investigation is ongoing, with additional security measures now in place to prevent similar incidents. The matter has been reported to the Information Commissioner’s Office (ICO).
Phishing attacks involve criminals impersonating trusted entities to trick individuals into revealing sensitive information such as passwords or personal data. The college reassured students, staff, and partners that swift action and robust systems limited the disruption.
The colleges, which merged just over a year ago, recently received a ‘Good’ rating across all areas in an Ofsted inspection, reflecting strong governance and oversight amid the cybersecurity incident.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The EU has engaged in talks with the Bangladesh Telecommunication Regulatory Commission to strengthen cooperation on data protection, cybersecurity, and the country’s digital economy.
The meeting was led by EU Ambassador Michael Miller and BTRC Chairman Major General (retd) Md Emdad ul Bari.
The EU emphasised safeguarding fundamental rights while encouraging innovation and investment. With opportunities in broadband expansion, 5G deployment, and last-mile connectivity, the EU reaffirmed its commitment to supporting Bangladesh’s vision for a secure and inclusive digital future.
Both parties agreed to deepen collaboration, with the EU offering technical expertise under its Global Gateway strategy to help Bangladesh build a safer and more connected digital landscape.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A fake Telegram Premium website infects users with Lumma Stealer malware through a drive-by download, requiring no user interaction.
The domain, telegrampremium[.]app, hosts a malicious executable named start.exe, which begins stealing sensitive data as soon as it runs.
The malware targets browser-stored credentials, crypto wallets, clipboard data and system files, using advanced evasion techniques to bypass antivirus tools.
Obfuscated with cryptors and hidden behind real services like Telegram, the malware also communicates with temporary domains to avoid takedown.
Analysts warn that it manipulates Windows systems, evades detection, and leaves little trace by disguising its payloads as real image files.
To defend against such threats, organisations are urged to implement better cybersecurity controls, such as behaviour-based detection and enforce stronger download controls.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Zoom has patched a critical Windows vulnerability that could let attackers fully take control of devices without needing credentials. The flaw, CVE-2025-49457, stems from the app failing to use explicit paths when loading DLLs, allowing malicious files to be executed.
Attackers could exploit this to install malware or extract sensitive data such as recordings or user credentials, even pivoting deeper into networks. The issue affects several Zoom products, including Workplace, VDI, Rooms, and Meeting SDK, all before version 6.3.10.
Zoom urges users to update their app immediately, as the flaw requires no advanced skill and can be triggered with minimal access. However, this highlights the increasing cybersecurity concerns associated with the digital world.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Over 1.2 million internet-connected healthcare devices and systems that expose patient data have been identified in research by Modat. The United States, South Africa, and Australia topped the list, with vulnerable systems including MRI scanners, CT machines, and hospital management platforms.
Using its Modat Magnify platform, the company identified misconfigurations, weak passwords, and unpatched software as common risks. Some devices had no authentication, while others used factory-default passwords such as ‘admin’ or ‘123456’. Sensitive MRI, dental X-ray, and blood test records were accessed.
Modat worked with Health-ISAC and Dutch CERT Z-CERT for responsible disclosure, alerting organisations to secure exposed systems. CEO Soufian El Yadmani said devices should never be open to the internet without safeguards, warning that remote access must be secure.
The research stressed that healthcare cybersecurity is a patient safety issue. Outdated or unprotected devices could enable fraud, extortion, or network breaches. Regular security checks, asset inventories, and monitoring were recommended to reduce risks.
Founded in 2024, Modat uses its Device DNA dataset to catalogue internet-connected devices globally. It aims to help healthcare and other sectors close the gap between rising cyber threats and effective resilience.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Visa has launched a new Cybersecurity Advisory Practice to support businesses in identifying and countering growing cyber risks. The initiative aims to provide practical insights tailored to clients of all sizes.
The practice will be powered by Visa Consulting & Analytics, which brings together a global team of consultants, product specialists and data scientists. Services include training, threat analysis and cybersecurity maturity assessments.
Jeremiah Dewey, a veteran with over 20 years of experience in the field, has been named global head of cyber products. He will lead product development and build strategic partnerships.
Visa says the goal is to offer scalable solutions to both small businesses and large enterprises, enabling them to stay resilient in an evolving digital threat market.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
