Category: Sri Lanka

Harley-Davidson Faces Data Breach, Customer Information Leaked

Harley Davidson, the iconic American motorcycle manufacturer, has become the latest victim of a cyberattack. A hacking group known as “888” is reportedly responsible for the breach, which exposed sensitive customer information. The stolen data, which is now being sold on the dark web, includes email addresses, phone numbers, physical addresses, and full names, putting affected customers at risk of phishing and identity theft.

According to sources from Telegram, the group accessed Harley-Davidson’s servers in December 2024, obtaining personal details of over 66,700 individuals. In response, the company has engaged a forensic team to investigate the breach. Harley-Davidson has promised to release further details about the 888 group once the investigation is complete.

US Government Bans Transfer of Citizens’ Data to Foreign Countries

In a significant move to safeguard national security, the U.S. government has enacted Executive Order 14117, which prohibits the transfer of American citizens’ personal data to foreign servers. The new law aims to mitigate rising cyber threats and blocks the export of data to countries like China, Russia, Iran, North Korea, Venezuela, Cuba, and regions such as Hong Kong and Macao.

The executive order was initially set to take effect in February of the previous year, but its implementation was delayed. With the law now in effect, U.S. citizens’ data is better protected from foreign cyber threats.

NoName Hackers Target French Websites After Attacks in Italy

The cybercriminal group NoName57 (also known as NoName57(16)) has escalated its activities, shifting its focus from Italy to France. Following successful attacks on Italian government websites, including airport-related platforms, NoName hackers have now launched DDoS (Distributed Denial of Service) attacks on several French municipal sites.

The group, which aligns with pro-Russian sentiments, stated on their social media channels that these cyberattacks were in retaliation for France’s support of Ukraine. NoName continues to target the digital infrastructure of countries they consider adversaries to Russia.

Sri Lanka’s Police Website and Social Media Accounts Hacked

In an unprecedented cyberattack, Sri Lanka’s police department became the target of hackers, who compromised the department’s website and social media accounts. The attack, which marked the first of its kind in Sri Lanka, caused disruptions, though the situation has largely been brought under control. Senior police official K.B. Manatunga confirmed that the department’s Facebook and Twitter accounts had been restored, but the YouTube channel and the website of the Printer Department remain offline.

Chinese authorities have launched an investigation into the breach and are exploring the possibility of foreign intelligence involvement in the attack.

The post Cybersecurity news headlines trending on Happy New Year 2025 appeared first on Cybersecurity Insiders.

The Sri Lankan Government has recently reported a significant data loss incident involving over 5000 email accounts spanning from May to August 2023. The primary cause of this data loss was identified as a cyber attack, specifically a ransomware variant. Unfortunately, the situation has been exacerbated by the fact that even the backup servers were compromised, making data recovery a daunting challenge.

According to the Information and Communication Technology Agency of Sri Lanka (ICTA), the root cause of this incident lies in the usage of outdated Microsoft Exchange 2013 software, which is no longer supported by Microsoft. This outdated software was in use on the Lanka Government Network (LGN), a critical network utilized by key government entities such as the Cabinet Office, Presidential Officials, Ministry of Education, and Ministry of Health. The implications of this cyber incident could prove to be dire, given the sensitive nature of the data involved.

Mahesh Perera, the CEO of ICTA, issued a statement acknowledging that all Gov.lk email accounts fell victim to the malware attack, which was first identified on August 26th of this year. He did not explicitly label this incident as a software upgrade failure; however, he did imply that the need for upgrading the Microsoft Exchange services had been pending since 2021. Unfortunately, these upgrade plans had been stalled due to financial constraints within the government’s budget and the overall economic challenges faced by the country.

Mr. Perera clarified that the government has no intentions of negotiating with the perpetrators of the attack. In other words, no ransom demands will be entertained.

While an unofficial source in Sri Lanka leaked information on a Telegram channel, attributing the incident to the LockBit Ransomware or the Russian-speaking BlackCat gang, there has been no official confirmation regarding the identity of the attackers.

It’s worth noting that this incident unfolded against the backdrop of Sri Lanka grappling with high inflation and the depreciation of the Sri Lankan Rupee in international markets, further compounding the challenges faced by the country.

 
 
 

 

The post Ransomware targets over 5000 government email addresses appeared first on Cybersecurity Insiders.