Ahold Delhaize breach hits 2 million with data theft

A ransomware attack on Dutch retailer Ahold Delhaize resulted in a significant data breach affecting more than 2.2 million individuals across US businesses.

The breach occurred in November 2024 following network disruptions at supermarket chains, including Giant Food, Food Lion, and Stop & Shop.

The Inc Ransom group claimed responsibility in April 2025, stating it exfiltrated around 6 TB of data. The company confirmed that stolen files included employment records containing sensitive personal and financial information, with some data already posted on the dark web.

Affected individuals are now notified and offered two years of free identity protection services. The compromised data includes names, Social Security numbers, contact details, and medical and employment information.

Supermarkets have become a growing target in recent cyber campaigns. In April, UK retailers such as M&S and Harrods were also attacked, while distributor UNFI faced major disruptions earlier this month.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cyber Command and Coast Guard establish task force for port cyber defence

US Cyber Command has joined forces with the Coast Guard in a major military exercise designed to simulate cyberattacks on key port infrastructure.

Known as Cyber Guard, the training scenario marked a significant evolution in defensive readiness, integrating for the first time with Pacific Sentry—an Indo-Pacific Command exercise simulating conflict over Taiwan.

The joint effort included the formation of Task Force Port, a temporary unit tasked with coordinating defence of coastal infrastructure.

The drill reflected real-world concerns over the vulnerability of US ports in times of geopolitical tension, and brought together multiple combatant commands under a unified operational framework.

Rear Admiral Dennis Velez described the move as part of a broader shift from isolated training to integrated joint force operations.

Cyber Guard also marked the activation of the Department of Defense Cyber Defense Command (DCDC), previously known as Joint Force Headquarters–DOD Information Network.

The unit worked closely with the Coast Guard, signalling the increasing importance of cyber coordination across military branches when protecting critical infrastructure.

Port security has featured in past exercises but was previously handled as a separate scenario. Its inclusion within the core structure of Cyber Guard suggests a strategic realignment, ensuring cyber defence is embedded in wider contingency planning for future conflicts.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Bosch calls for balanced AI rules in Europe

Bosch CEO Stefan Hartung has cautioned that Europe could slow its progress in AI by imposing too many regulations. Speaking at a tech conference in Stuttgart, he argued that strict and unclear rules make the region less attractive for innovation.

Bosch, which holds the most significant number of AI patents in Europe, plans to invest 2.5 billion euros in AI development by the end of 2027. The company is focusing on AI solutions for autonomous vehicles and industrial efficiency.

Hartung urged lawmakers to focus on essential regulations rather than attempting to control every aspect of technological progress. He warned that over-regulation could hinder Europe’s global competitiveness, particularly as the US and the EU ramp up AI investments.

The warning follows significant funding announcements, with the US committing up to 500 billion dollars and the EU planning to mobilise 200 billion euros for AI infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

NATO summit overshadowed by cyber threats

NATO’s 76th summit opened in The Hague amid rising tensions in Europe and the Middle East, overshadowed by conflict and cyber threats. Leaders gathered as rushers in Ukraine dragged on, and Israel’s strikes on Iran further strained global stability.

European NATO members pledged greater defence spending, but divisions with the US over security commitments and strategy persisted. The summit also highlighted concerns about hybrid threats, with cyberespionage and sabotage by Russia-linked groups remaining a pressing issue.

According to European intelligence agencies, Russian cyber operations targeting critical infrastructure and government networks have intensified. NATO leaders face pressure to enhance collective cyber deterrence, with pro-Russian hacktivists expected to exploit summit declarations in future campaigns.

While Europe pushes to reduce reliance on the US security umbrella, uncertainty over Washington’s focus and support continues. Many fear the summit may end without concrete decisions as the alliance grapples with external threats and internal discord.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

WhatsApp prohibited on US House devices citing data risk

Meta Platforms’ messaging service WhatsApp has been banned from all devices used by the US House of Representatives, according to an internal memo distributed to staff on Monday.

The memo, issued by the Office of the Chief Administrative Officer, stated that the Office of Cybersecurity had classified WhatsApp as a high-risk application.

The assessment cited concerns about the platform’s data protection practices, lack of transparency regarding user data handling, absence of stored data encryption, and associated security risks.

Staff were advised to use alternative messaging platforms deemed more secure, including Microsoft Teams, Amazon’s Wickr, Signal, and Apple’s iMessage and FaceTime.

Meta responded to the decision, stating it ‘strongly disagreed’ with the assessment and maintained that WhatsApp offers stronger security measures than some of the recommended alternatives.

Earlier this year, WhatsApp disclosed that Israeli spyware company Paragon Solutions had targeted numerous users, including journalists and civil society members.

The US House of Representatives has previously restricted other applications due to security concerns. In 2022, it prohibited the use of TikTok on official devices.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

DeepSeek under fire for alleged military ties and export control evasion

The United States has accused Chinese AI startup DeepSeek of assisting China’s military and intelligence services while allegedly seeking to evade export controls to obtain advanced American-made semiconductors.

The claims, made by a senior US State Department official speaking anonymously to Reuters, add to growing concerns over the global security risks posed by AI.

DeepSeek, based in Hangzhou, China, gained international attention earlier this year after claiming its AI models rivalled those of leading United States firms like OpenAI—yet at a fraction of the cost.

However, US officials now say that the firm has shared data with Chinese surveillance networks and provided direct technological support to the People’s Liberation Army (PLA). According to the official, DeepSeek has appeared in over 150 procurement records linked to China’s defence sector.

The company is also suspected of transmitting data from foreign users, including Americans, through backend infrastructure connected to China Mobile, a state-run telecom operator. DeepSeek has not responded publicly to questions about these privacy or security issues.

The official further alleges that DeepSeek has been trying to access Nvidia’s restricted H100 AI chips by creating shell companies in Southeast Asia and using foreign data centres to run AI models on US-origin hardware remotely.

While Nvidia maintains it complies with export restrictions and has not knowingly supplied chips to sanctioned parties, DeepSeek is said to have secured several H100 chips despite the ban.

US officials have yet to place DeepSeek on a trade blacklist, though the company is under scrutiny. Meanwhile, Singapore has already charged three men with fraud in investigating the suspected illegal movement of Nvidia chips to DeepSeek.

Questions have also been raised over the credibility of DeepSeek’s technological claims. Experts argue that the reported $5.58 million spent on training their flagship models is unrealistically low, especially given the compute scale typically required to match OpenAI or Meta’s performance.

DeepSeek has remained silent amid the mounting scrutiny. Still, with the US-China tech race intensifying, the firm could soon find itself at the centre of new trade sanctions and geopolitical fallout.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

TikTok denies buying Trump memecoins after bribe claims

TikTok has strongly denied accusations by US congressman Brad Sherman that its owners purchased $300 million worth of Trump meme coins. Responding via its official policy account on X, the company labelled the claims false and misleading.

Sherman alleged that the memecoin purchase was effectively a bribe to influence Donald Trump’s stance on banning TikTok in the US.

However, the accusations appear based on a report involving GD Culture Group, a Nasdaq-listed company with no direct connection to TikTok or its parent ByteDance.

GD Culture reportedly announced plans to buy Trump coins and Bitcoin while using TikTok to distribute AI-enhanced content. Despite this, no financial link between the firm and Trump or TikTok has been confirmed.

The timing of the claim coincides with Trump’s third delay in enforcing the TikTok ban, raising further political speculation. Sherman, a long-time crypto critic, also said that Trump’s crypto ventures threaten the US dollar’s dominance.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ryuk ransomware hacker extradited to US after arrest in Ukraine

A key member of the infamous Ryuk ransomware gang has been extradited to the US after his arrest in Kyiv, Ukraine.

The 33-year-old man was detained in April 2025 at the request of the FBI and arrived in the US on 18 June to face multiple charges.

The suspect played a critical role within Ryuk by gaining initial access to corporate networks, which he then passed on to accomplices who stole data and launched ransomware attacks.

Ukrainian authorities identified him during a larger investigation into ransomware groups like LockerGoga, Dharma, Hive, and MegaCortex that targeted companies across Europe and North America.

According to Ukraine’s National Police, forensic analysis revealed the man’s responsibility for locating security flaws in enterprise networks.

Information gathered by the hacker allowed others in the gang to infiltrate systems, steal data, and deploy ransomware payloads that disrupted various industries, including healthcare, during the COVID pandemic.

Ryuk operated from 2018 until mid-2020 before rebranding as the notorious Conti gang, which later fractured into several smaller but still active groups. Researchers estimate that Ryuk alone collected over $150 million in ransom payments before shutting down.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Judge halts OPM data sharing with DOGE amid privacy concerns

A federal judge in New York ordered the US Office of Personnel Management (OPM) to stop sharing sensitive personal data with the Department of Government Efficiency (DOGE) agents.

The preliminary injunction, issued on 6 June by Judge Denise Cote, cited a strong likelihood that OPM and DOGE violated both the Privacy Act of 1974 and the Administrative Procedures Act.

The lawsuit, led by the Electronic Frontier Foundation and several advocacy groups, alleges that OPM unlawfully disclosed information from one of the largest federal employee databases to DOGE, a controversial initiative reportedly linked to billionaire Elon Musk.

The database includes names, social security numbers, health and financial data, union affiliations, and background check records for millions of federal employees, applicants, and retirees.

Union representatives and privacy advocates called the ruling a significant win for data protection and government accountability. AFGE President Everett Kelley criticised the involvement of ‘Musk’s DOGE cronies’, arguing that unelected individuals should not have access to such sensitive material.

The legal action also seeks to delete any data handed over to DOGE. The case comes amid ongoing concerns about federal data security following OPM’s 2015 breach, which compromised information on more than 22 million people.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Nvidia’s sovereign AI vision gains EU support

Nvidia CEO Jensen Huang’s call for ‘sovereign AI’ is gaining traction among European leaders who want more control over their data and digital future. He argues that nations must develop AI rooted in their own language, culture and infrastructure.

During a recent European tour, Huang unveiled major partnerships and investments European cities, citing the region’s over-reliance on US tech firms. European officials echoed his concerns, with French President Emmanuel Macron and German Chancellor Friedrich Merz supporting national AI initiatives.

The EU plans to build four AI gigafactories, aiming to reduce dependence on US cloud giants and strengthen regional innovation. Nvidia has committed to providing chips for these projects, while startups like Mistral are working to become local leaders in AI development.

Despite enthusiasm, high energy costs and limited resources may hinder Europe’s progress. Industry voices warn that without sustained investment, the region could struggle to match the spending power of US hyperscalers.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!