This Week - 1.4TB of data leaked on the dark web

Welcome to Infosec K2K’s Weekly News Update! As technology continues to advance, so do the risks associated with it. At Infosec K2K, we’re committed to protecting the keys to your kingdom and keeping you informed. Every week, we gather the latest news and insights on cyber threats, data breaches, and other essential topics in the world of cyber security.

In The News This Week

730,000 files allegedly stolen after Tata Technologies hit by ransomware attack

Tata Technologies , an Indian engineering firm working with firms like Honda and 福特 , was the victim of a ransomware attack last month. The hackers, known as Hunters International, have listed 1.4TB of stolen data, including over 730,000 files, for sale on the dark web. Tata Technologies temporarily suspended some IT services after the breach, and is still investigating the incident. This isn’t the first ransomware attack on a company in the Tata Group , which includes over 100 companies.

Find out more on TechRadar Pro : https://www.techradar.com/pro/security/major-ransomware-attack-sees-tata-technologies-hit-1-4tb-dataset-with-over-730-000-files-allegedly-stolen?

15GB of medical data found on second-hand hard drives

A Dutch man discovered 15GB of sensitive medical data on second-hand hard drives that he’d bought at a Belgian flea market. The data, from between 2011 and 2019, included Dutch citizen numbers, addresses, and prescriptions. The drives came from Nortade ICT Solutions, a healthcare IT firm that’s now closed down. Regulations have been passed since then to ensure that third-party vendors handle data more securely - authorities may investigate those involved in the data mishandling.

Find out more on ITPro : https://www.itpro.com/security/data-breaches/its-your-worst-nightmare-a-batch-of-eur5-hard-drives-found-at-a-flea-market-held-15gb-of-dutch-medical-records-and-experts-warn-it-couldve-caused-a-disastrous-data-breach?

Polish Space Agency taken offline after cyber attack

The POLSA Polska Agencja Kosmiczna | Polish Space Agency shut down its internet access last weekend in order to contain a cyber attack. Officials reported the breach to authorities and launched an investigation, but they haven’t yet disclosed the attack’s nature or culprit. POLSA’s email systems were compromised, forcing staff to rely on phones, and the agency was working with Polish cyber security teams (CSIRT NASK and CSIRT MON) to restore operations.?

Find out more on BleepingComputer : https://www.bleepingcomputer.com/news/security/polish-space-agency-offline-as-it-recovers-from-cyberattack?

Vodafone trialling quantum-safe technology for smartphone users

Vodafone has teamed up with IBM , and is using their quantum-safe technology to protect smartphone users from future quantum cyber threats. The trial will integrate post-quantum cryptography (PQC) into Vodafone’s Secure Net service, which protects users from phishing and malware. Since quantum computers could soon break the strongest encryption solutions, being proactive is essential.?

Find out more on Infosecurity Magazine : https://www.infosecurity-magazine.com/news/vodafone-trials-quantum-safe/?

The Stats This Week

49,000 building access systems left unprotected online

Researchers found 49,000 misconfigured Access Management Systems (AMS) online, exposing employees’ data and creating security risks across industries like healthcare, education, and government. These vulnerabilities could give hackers unauthorised access to biometric records, ID details, and access logs, leading to cyber attacks and even physical breaches a. Italy had the highest exposure (16,678 systems), closely followed by Mexico and Vietnam. Experts urge firms to fix these immediately - while some AMS vendors are addressing the issue, many organisations have yet to confirm that they’re taking action.

Find out more on Tech Monitor : https://www.techmonitor.ai/technology/cybersecurity/49000-building-access-systems-gaps?

57% of businesses faced OT security incidents last year?

A recent report from the SANS Institute found that 57% of organizations faced an OT security incident in the past year, and IT compromise (58%) was the leading cause of attacks. Despite an increase in cyber security budgets, only 9% of professionals are focused solely on OT security. Many firms are dedicating less than a quarter of their security budgets to OT. Experts have warned that failing to think about OT security could leave critical infrastructure vulnerable, and are urging firms to invest in it.

Find out more on Infosecurity Magazine : https://www.infosecurity-magazine.com/news/half-organizations-serious-ot?

78% of CISOs report seeing more AI cyber threats

A recent survey by Darktrace found that 78% of CISOs have seen a rise in the number of AI-powered cyber threats - a 5% rise from 2024. However, 60% of people surveyed feel adequately prepared for these, up nearly 15%. Some of the key challenges include AI knowledge gaps and staff shortages, with only 11% planning to expand their cyber security teams this year. Despite this, 64% plan to use AI-powered security tools - many experts see AI as necessary for protecting their data from the latest cyber threats.

Find out more on DIGIT.FYI:

https://www.digit.fyi/cisos-seeing-more-impact-from-ai-cyber-threats?

Thoughts from Infosec K2K

A recent report from the SANS Institute revealed that over half of global organisations have faced serious OT security incidents over the past 12 months. The findings come from a survey of over 180 professionals in sectors including energy, IT, government, and critical infrastructure. The incidents led to data loss, unauthorised access, and operational disruptions. Although 43% said that they hadn’t experienced any incidents like these - meaning that they aren’t fully aware of the risks their OT systems could be facing right now.

With 58% of respondents revealing that IT compromise was the most common source of attacks, it’s clear that keeping IT systems and OT systems separated is now a vulnerability. Despite this, only 27% of the businesses surveyed have CISOs involved in budget decisions. If IT and OT systems aren’t integrated, this could leave businesses open to more attacks. Although OT security budgets have been increasing, only 9% of cyber security professionals dedicate all of their time to OT security.?

It’s clear from this report that organisations need to reevaluate their approach to both IT and OT security, and ensure that OT networks aren’t left vulnerable. Protecting industrial systems isn’t just about preventing cyber attacks but also about ensuring national security and making sure that critical infrastructure is resilient. With cyber attacks becoming more and more sophisticated every day, businesses need to take proactive steps and secure their OT environments today.

Find out more on the SANS Institute: https://www.sans.org/white-papers/2025-ics-ot-cybersecurity-budget-spending-trends-challenges-future?

—

Got questions about this week’s news? We’re here to help! Learn how best to bolster your cyber security defences by getting in touch with our expert team at Infosec K2K.?

Stay updated on all things #CyberSecurityNews when you subscribe to our weekly newsletter by clicking 'Subscribe' at the top of this page!