[Cyber Recap] Bayard, Cultura, Truffaut, Assurance retraite... Cyber-attacks on French companies multiply

📰 Bayard press group and La Croix newspaper victims of cyberattack: On Sunday, September 8, a ransomware attack paralyzed several systems of the Bayard press group, impacting in particular the publications of the La Croix newspaper. While Bayard remains tight-lipped about the origin of the attack, the disruptions also affected other publications in the group (Le Pèlerin, Notre temps...), and most internal editorial, production and newsroom tools were also reportedly affected. The incident seems to have been resolved at the start of the week, and the group's publications were able to resume on Wednesday September 11.

‍

💳 After Boulanger, Cultura, Truffaut, and other retailers are also hit by a cyberattack: Data stolen from Boulanger and Cultura - which could concern millions of customers - are gleaned and put up for sale on the BreachForum website by the same hacker, alongside files from other retailers such as Truffaut, PepeJeans, DiviaMobilités and Cybertek. For several of the victim companies, an external IT service provider was involved, but the company concerned was not disclosed.

‍

💻 Data leak at Assurance retraite: Following allegations of theft by the same hacker behind the cyberattacks on Boulanger and Cultura, Assurance retraite has confirmed a data theft affecting 370,000 beneficiaries. While the organization is reassuring that no banking data has been stolen, the information stolen includes personal and sensitive information, such as social security numbers and approximate amounts of beneficiaries' resources.

‍

🇺🇸 The USA is offering $1 million for information that could help locate a Russian hacker: Tim Vakhaevich Stigal, accused of orchestrating four cyberattacks to steal customer payment information from several companies, is currently facing 24 charges, and is on the US Secret Service's most wanted fugitives list.

‍

💳 Slim CD compromised, 17 million bank details exposed: A cyberattack against Slim CD, an American payment services platform. 17 million personal and banking data have been compromised. An initial investigation revealed that the attack is believed to have begun in August 2023, and that the data was discreetly exfiltrated for almost a year, until suspicious activity was detected last June.

‍

And what cyber news has impressed you the most this week?

If you don't know me yet: every week, I select and present you with a recap of the world's cybersecurity highlights. Follow me on LinkedIn so you don't miss out!