Cyber Weekly Digest - 2022 Week #27

Updated: Jul 15

In this week’s Cyber Weekly Digest we delve into some of the latest cyber security news including cyber attacks on publishing giant Macmillan and IT services provider SHI. Keep reading to stay up to date on the biggest cyber security stories from across the work.

1. Macmillan disables network after a likely ransomware attack

Publishing giant Macmillan has disabled its network and office connections to recover from a security incident that is likely to be a ransomware attack. It is currently unclear what ransomware gang was behind the attack and if any sensitive data was stolen. If data was held as ransom and not paid, it is very likely that there will be a ransomware operation that publishes the stolen data in the next few weeks. Macmillan editors have been somewhat untransparent about the incident, however, they are starting to reenable core systems in their network.

2. Privacy protection agency seizes servers of a compromised travel company.

Multiple booking websites’ servers have been seized by The Privacy Protection Authority in Israel after their operators failed to address critical security issues that enabled attackers to breach the data of more than 300,000 individuals. At least 10 websites managed by Gol Tours LTD in Israel were shut down. The Privacy Protection Authority confirmed the cyber-attack, and it is believed that an Iranian threat actor, called Sharp Boys, is responsible. The Sharp Boys threat group claimed the attack in June and leaked 300,000 records of customer data a few days later. The group also shared a screenshot from a remote desktop connection showing that they had access to more than two dozen domains allegedly owned by Gol Tours.