Welcome to our latest cybersecurity news roundup, where we bring you the most pertinent updates from the ever-evolving digital security landscape. In this edition, we look at recent developments that shed light on the ongoing challenges and threats individuals and organizations face. This week, we saw data breaches at HTC, Nissan, and Navy contractor Austal USA.

Here’s what went down.

Cybersecurity News Roundup

Cybersecurity continues to be a pressing concern, as evidenced by multiple incidents this week.

HTC Global Services, a leading provider of IT and business process services, recently confirmed that they fell victim to a cyberattack resulting in a data breach. The breach came to light after sensitive information, including employee credentials, was leaked online by the ALPHV ransomware gang. 

The company swiftly responded by acknowledging the incident on X (formerly Twitter) and initiating an investigation to assess the extent of the breach and identify the perpetrators.

The leaked data includes:

• Passports
  

• contact lists
  

• emails
  

• Confidential documents
  

Noted cybersecurity expert Kevin Beaumont believes this attack was perpetuated with the help of the Citrix Bleed vulnerability. He elaborates that a Citrix Netscaler device on the company’s network was exploited to launch the cyberattack on the company network.

Nissan, a major player in the automotive industry, is currently investigating a cyberattack and potential data breach that targeted its systems in New Zealand and Australia.

The Nissan Oceania division alerted its customers about a potential data breach, cautioning them about the possibility of scams in the days ahead. It reassured customers that its dealers' network remains unaffected, and they can submit vehicle and service queries without any delays in processing.

Austal USA, a major contractor for the United States Navy, recently confirmed that it experienced a cyberattack resulting in a data leak. The breach potentially exposes sensitive information related to naval projects and operations.

Headquartered in Australia, the company specializes in high-performance aluminum vessels. Its American counterpart, Austal USA, is currently engaged in various programs, including the construction of 127-meter-long Independence-class littoral combat ships for the U.S. Navy, with each unit costing $360 million. Austal currently has an ongoing contract worth $3.3 billion for the fabrication of 11 patrol cutters for the U.S. Coast Guard.

Later today, the Hunters International ransomware and data extortion group assumed responsibility for the data leak:

Hunters International has issued a threat to release additional data pilfered from Austal's systems in the upcoming days. The compromised information may include compliance documents, recruitment details, financial information, certifications, and engineering data.

Austal USA has not disclosed whether the threat actor gained access to data about engineering schematics or other proprietary U.S. Navy technology.

Cyber criminals seldom rest, and neither do we.

Here's our previous reports that look at the biggest cybersecurity incidents weekly:

• Capital Health Hospitals, Staples and Dollar Tree Cyber Attacks (Nov 30, 2023)

• Samsung, PJ&A and Postmeds Cyber Attacks (Nov 17, 2023)

• OpenAI, Cloudflare and Sberbank DDoS Attacks (Nov 9, 2023)