Tag: russian hackers

Revealed: Sensitive NHS documents on royals, aristocrats and tycoons leaked after Russian hackers target health service

Hundreds of thousands of sensitive NHS documents, some relating to British and foreign Royals, senior judges and members of the House of Lords, have been stolen by Russian hackers, The Mail on Sunday can reveal.

The unprecedented data breach, one of the largest to hit the health service, has seen 169,000 confidential documents dumped on the dark web after the ransomware gang exploited a bug in software provided to NHS bodies by US tech giant Oracle.

Many of those affected by the leak are high-profile NHS private patients – with some invoicing details from Barts NHS Health Trust in London linked to unnamed patients from royal residences including King Charles’s official home Clarence HouseBuckingham Palace, Sandringham and Windsor Castle.

It is unclear which Royals were treated and for what purpose but the leak raises serious concerns about the security of medical details of the Royal Household as the King continues to be treated for an undisclosed form of cancer.

The grave incident also casts doubt over controversial plans to introduce digital ID systems in the UK as Oracle’s billionaire owner, Larry Ellison, is the biggest donor to the Tony Blair Institute, which is lobbying for such systems to be introduced. Others affected by the breach include the BBC, Premier League football clubs, British aristocrats, a member of the Bahraini Royal Family and billionaire business moguls.

The files, which have been seen by the MoS, also include data linked to children being treated at NHS hospitals, women undergoing fertility treatment and patients receiving kidney dialysis.

The extraordinary breach comes after cybersecurity experts warned in October that the Oracle software used by the NHS and the Treasury – which provides financial management and HR support to organisations – was vulnerable to Russian hackers, and that attempts at ‘exploitation’ were ‘highly likely’.

Researchers at Google said hackers from a gang known as Clop had sent emails to executives at ‘numerous organisations… alleging the theft of sensitive data’ and demanding money for its safe return.

Keep reading

Microsoft: Sharp Increase in Ai-Aided Cyberattacks From Russia, China

Foreign adversaries are increasingly using artificial intelligence (AI) in their cyber influence campaigns, with operations picking up “aggressively” this year, Microsoft said on Oct. 16.

In July, Microsoft identified more than 200 instances of AI-generated content from nation-state adversaries, more than four times the number in July 2024, and more than 10 times the number in July 2023, the company’s annual Digital Defense Report shows.

AI can create increasingly convincing emails and generate digital clones of senior government officials or news anchors, according to the report. The sophistication of AI tools has made the operations “easier to scale, more effective, and harder to trace,” and it is becoming increasingly difficult to differentiate state- and non-state actors, the report stated.

For scammers, AI is making it easier to quickly create more convincing websites, profiles, emails, and IDs, the report said. Microsoft said it blocked 1.6 million fake account creation attempts per hour on the company’s platforms.

“Everyone—from industry to government—must be proactive to keep pace with increasingly sophisticated attackers and to ensure that defenders keep ahead of adversaries,” said Amy Hogan-Burney, Microsoft’s vice president for customer security and trust, who oversaw the report.

Keep reading

‘Catastrophic’ attack as Russians hack files on EIGHT MoD bases and post them on the dark web

Russian hackers have stolen hundreds of sensitive military documents containing details of eight RAF and Royal Navy bases as well as Ministry of Defence staff names and emails – and posted them on the dark web, The Mail on Sunday can reveal.

In what has been described as a ‘catastrophic’ security breach, cybercriminals accessed the cache of files by hacking a maintenance and construction contractor used by the MoD.

The ‘gateway’ attack – which targeted third party the Dodd Group – allowed cyber gangsters to circumvent the almost impenetrable cyber defences used by the Armed Forces.  

The MoD said it was investigating the enormous data and security breach, believed to have been carried out by Russian group Lynx.

Leaked documents seen by the MoS disclose information about a number of sensitive RAF and Navy bases, including RAF Lakenheath, in Suffolk, where the US Air Force’s F-35 stealth jets are based and their nuclear bombs are believed to be housed.

Other bases include RAF Portreath – a top-secret radar station that forms part of Nato‘s air defence network – and RAF Predannack, now home to the UK’s National Drone Hub.

Details of contractors’ names, car registrations and mobile numbers, as well as MoD personnel’s names and email addresses, have also been uploaded. Some documents are marked ‘Controlled’ or ‘Official Sensitive’.

The disclosure follows a warning from the National Cyber Security Centre last week that the number of significant hacking attacks in the UK have reached a record high, with 204 taking place in the year to September.

Keep reading

Cyberattack on Ukraine Exposes The Dangers of Digital ID Systems

Ukraine’s reliance on its new digital identity systems has become a warning about the dangers of digital ID, as a recent cyberattack exposed critical vulnerabilities in the country’s digital infrastructure.

Last month, several key government databases were taken offline, disrupting essential services like legal filings and marriage registrations. Officials assured citizens that the controversial Diia, the government’s widely used e-governance app, would soon be restored, but the incident laid bare significant risks within the app’s centralized backend platform, Trembita.

This breach, the most serious since Trembita’s launch in 2020, raises urgent questions about the security of Ukraine’s growing dependence on digital IDs and is a clear warning to other countries that are rushing to embrace the controversial tech.

Trembita, the platform enabling Diia’s operations, functions as a digital network connecting government databases. While officials insisted it operated as designed during the breach, cybersecurity experts are sounding alarms. Mykyta Knysh, a former Ukrainian security official, described the platform’s centralized architecture as a dangerous “single point of failure.” Warnings about these risks had surfaced before — security analysts cautioned in 2021 that consolidating sensitive personal and administrative data under Diia would leave Ukraine exposed to large-scale attacks.

The Russian hacking group XakNet has claimed responsibility for the attack.

Keep reading

RaHDit Hacker Group Doxxes Ukraine Militants Who Attacked Russia’s Kursk Region

Previously, the hacker group RaHDit divulged info on more than 3,200 foreign mercenaries in the Ukrainian Armed Forces, as well as releasing information on 1,500 active employees of Ukraine’s foreign intelligence service, including those working undercover in more than 20 countries.

The Russia-based RaHDit hacker group has leaked data on over 800 Ukrainian Armed Forces militants who attacked the Kursk region.

Among the identified individuals are members of the 82nd Airborne Assault Brigade, the 61st Mechanized Brigade, and UAV operators, as well as some 200 foreign mercenaries from Armenia, Israel, Georgia, Jordan, Kazakhstan, Turkiye, Moldova, Syria, and other countries.

The hacker group RaHDit, which specifically launched its NemeZida project to denounce 21st century Nazis and their crimes, issued an appeal to Ukrainian troops to surrender, adding a reminder to use the special “Volga” radio frequency established by Russian forces for Ukrainian soldiers wanting to surrender.

The Russia-based hackers have previously doxxed everything from Ukrainian intel agents and drone operators to thousands of foreign mercenaries fighting in the ranks of Ukraine’s military.

Keep reading

Russian hackers steal US government emails with Microsoft, officials confirm

Russian state-backed hackers have stolen email correspondence between US government agencies and Microsoft via a breach of the software giant’s systems, US officials confirmed on Thursday.

Microsoft has notified “several” US federal agencies that the hackers may have stolen emails that Microsoft sent to those agencies that included login information such as usernames, or passwords, Eric Goldstein, a senior official at the US Cybersecurity and Infrastructure Security Agency (CISA), told reporters.

“At this time, we are not aware of any agency production environments that have experienced a compromise as a result of a credential exposure,” Goldstein said. In other words, a CISA official told CNN, there is no evidence yet that the hackers had used the stolen credentials to successfully break into federal computer systems that are actively in use.

But the breach of Microsoft emails is still forcing the tech giant and US cyber officials to scramble to ensure there is no further damage at the hands of the alleged Russian operatives.

CISA on Thursday publicly released an “emergency directive” that orders civilian agencies potentially affected by the hacking campaign to shore up their defenses. CISA described the potential exposure of agency login credentials as an “unacceptable risk to agencies.”

CNN has requested comment from the Russian Embassy in Washington, DC.

The hackers in question are an infamous cyber-espionage group that US officials have previously tied to Russia’s foreign intelligence service.

It’s the latest twist in a hacking incident that Microsoft first revealed in January but has only grown more serious as new details emerge. In March, Microsoft revealed that the hackers accessed some of Microsoft’s core software systems and were using that information for follow-on attacks on Microsoft customers.

Days after Microsoft disclosed the breach in January, another Big Tech company, Hewlett Packard Enterprise, said the same hackers had breached its cloud-based email systems. The full extent and exact purpose of the hacking activity isn’t clear, but experts say the group responsible has a history of wide-ranging intelligence gathering campaigns in support of the Kremlin.

The same Russian group was behind the infamous breach of several US agency email systems using software made by US contractor SolarWinds, which was revealed in 2020. The hackers had access for months to the unclassified email accounts at the departments of Homeland Security and Justice, among other agencies, before the spying operation was discovered.

Russia denied involvement in the activity.

Keep reading

Western Journalists Are Cowardly, Approval-Seeking Losers

Research conducted by New York University’s Center for Social Media and Politics into Russian trolling behavior on Twitter in the lead-up to the 2016 US presidential election has found “no evidence of a meaningful relationship between exposure to the Russian foreign influence campaign and changes in attitudes, polarization, or voting behavior.”

Which is to say that all the years of hysterical shrieking about Russian trolls interfering in US democracy and corrupting the fragile little minds of Americans — a narrative that has been used to drum up support for internet censorship and ever-increasing US government involvement in the regulation of online speech — was false.

And to be clear, this isn’t actually news. It was established years ago that the St Petersburg-based Internet Research Agency could not possibly have had any meaningful impact on the 2016 election, because the scope of its operations was quite small, its posts were mostly unrelated to the election and many were posted after the election occurred, and its funding was dwarfed by orders of magnitude by domestic campaigns to influence the election outcome.

What’s different this time around, six years after Trump’s inauguration, is that this time the mass media are reporting on these findings.

The Washington Post has an article out with the brazenly misleading headline “Russian trolls on Twitter had little influence on 2016 voters“. Anyone who reads the article itself will find its author Tim Starks acknowledges that “Russian accounts had no measurable impact in changing minds or influencing voter behavior,” but the insertion of the word “little” means anyone who just reads the headline (the overwhelming majority of people encountering the article) will come away with the impression that Russian trolls still had some influence on 2016 voters.

“Little influence” could mean anything shy of tremendous influence. But the study did not find that Russian trolls had “little influence” over the election; it failed to find any measurable influence at all. 

Keep reading

The Russian Twitter Bots Story Is A Study In Media’s ‘Lie, Set The Narrative, Then Quietly Backtrack’ Playbook

The Washington Post admitted Monday that “Russian trolls on Twitter had little influence on 2016 voters” — years after the Post and other corporate media water-carriers pushed the false story that former President Donald Trump’s election was illegitimate, due in part to Russian interference via bots on Twitter targeting U.S. social media users. The admission cites a New York University study that found “there was no relationship between exposure to the Russian foreign influence campaign and changes in attitudes, polarization, or voting behavior.”

Media treatment of the non-story followed a predictable, three-step process that’s become the propaganda press’s MO: Spread a false claim, control the narrative while crushing dissent with bogus “fact checks,” and then admit the truth only after the news cycle has achieved its intended purpose.

Keep reading

Hackers, Havana Syndrome, And Other Invisible Russian Aggressions That Only The CIA Can See

The House Foreign Affairs Committee is reportedly marking up its hilarious Havana Syndrome Attacks Response Act this week which calls for sanctions upon whoever the president determines is responsible for inflicting US officials with hangover-like symptoms using high tech microwave beams. The condition has not been proven to actually exist in any tangible way and has been commonly attributed to psychogenic illnessCuban crickets, and actual hangovers.

At the same time, virulent Russiagater Julia Ioffe has published an anonymously-sourced article proclaiming that the Kremlin is responsible for this mysterious alleged ailment.

In an article for Puck News titled “Havana Syndrome: A Cold War Saga in Biden’s Washington“, Ioffe reports that anonymous sources at the Walter Reed Military Medical Center have told her that this strange affliction now has so many victims among US government employees that the facility is at capacity, and that Russia is to blame for it.

Keep reading