Yazılar

Cyberattacks on M&S and Co-op Originated from Help Desk Deception, Says Report

/in /tarafından

Cybercriminals launched recent attacks on British retailers Marks & Spencer (M&S) and Co-op Group by impersonating employees to trick IT help desks into resetting passwords, according to a report by BleepingComputer. This social engineering tactic allowed hackers to gain initial access to internal systems.

The UK’s National Cyber Security Centre (NCSC) responded by urging all organisations to re-evaluate their help desk protocols, warning that online criminal activity like ransomware and data extortion is on the rise and that even large enterprises are vulnerable to such basic forms of manipulation.

While both M&S and Co-op declined to comment, the consequences of the M&S breach are already being felt. Shares dropped 4% on Tuesday and are down 12% since the cyber incident was disclosed on April 22. The company halted online orders for clothing and home products via its website and app on April 25, with no timeline for resumption. Some food product availability has also been disrupted.

Deutsche Bank analysts estimate the incident has cost M&S around £30 million ($40 million) so far, with an ongoing weekly impact of approximately £15 million. Though cyber insurance may offset part of the loss, it typically covers a limited time period. The broader risks include loss of consumer trust, data breach fines, and long-term reputational damage.

Ciaran Martin, former CEO of the NCSC, noted that the recovery time for such attacks is often lengthy due to the need to completely rebuild compromised IT networks.

Meanwhile, a group identifying as DragonForce claimed responsibility for attacking both M&S and Co-op, as well as stealing staff and potential customer data from the latter. The same group also claims responsibility for attacking Harrods. The report also links the cyberattack on M&S to the Scattered Spider” hacking collective, known for using DragonForce ransomware, although the NCSC said it could not confirm the connection.

Datadog Raises 2025 Revenue Outlook as AI-Fueled Cloud Security Demand Surges

/in /tarafından

Datadog has raised its full-year 2025 revenue forecast and posted better-than-expected first-quarter sales, propelled by strong demand for AI-driven cloud security and monitoring tools and a growing base of large enterprise clients.

The cloud infrastructure and observability provider now expects 2025 revenue between $3.22 billion and $3.24 billion, up from its earlier range of $3.18 billion to $3.20 billion, and above Wall Street’s $3.20 billion consensus, according to LSEG.

Datadog’s first-quarter revenue rose 25% year-over-year to $761.6 million, beating analyst expectations of $741.5 million. Adjusted earnings came in at 46 cents per share, also topping forecasts of 43 cents.

CEO Olivier Pomel highlighted rapid innovation across the Datadog platform, stating the company is helping customers “observe, secure, and act” in cloud environments increasingly shaped by artificial intelligence.

Datadog also announced the acquisition of Eppo, a feature flagging and experimentation platform, to enhance its AI and analytics capabilities and support faster, lower-risk product development.

Newer services like App Builder and On-Call are showing strong uptake, and security monitoring is gaining substantial traction among clients. Datadog ended the quarter with approximately 3,770 customers generating over $100,000 in annual recurring revenue, a 13% year-over-year increase.

FBI Investigating Cyberattack at Oracle Involving Patient Data Theft

/in /tarafından

The FBI is currently investigating a cyberattack at Oracle that resulted in the theft of patient data, according to a Bloomberg News report. The attack, which occurred after January 22, compromised Oracle’s servers, where hackers copied patient data to an external location. The breach is believed to have been an attempt to extort multiple medical providers in the United States.

Oracle, which acquired Cerner Corp. in 2022 for $28 billion, notified its healthcare customers about the breach earlier this month. However, it remains unclear how many patient records were affected and which healthcare providers were targeted. The breach involved older Cerner servers, where data had not yet been transferred to Oracle’s cloud storage.

While the FBI has declined to comment, Oracle confirmed it became aware of the breach on February 20. Oracle has not yet responded to further inquiries. The company’s involvement in healthcare IT through its Cerner acquisition has likely increased its exposure to cybersecurity risks in the healthcare sector.