Top news stories this week
- Nord noise. NordVPN says exposed credentials came from a third-party test environment, not production systems.
- Mismanaged health. Illinois Department of Human Services and Manage My Health suffer data breaches.
- Stalling. Sales at Jaguar Land Rover drop sharply after cyber incident.
- Patch panic. Critical vulnerabilities raised in Microsoft, HPE and Veeam backup software.
- Nicked nicking. Browser extensions caught stealing AI chat logs.
- One way ticket. Alleged scam lord arrested in Cambodia and extradited to China.
1. NordVPN disputes hacker claims, citing dummy data and limited exposure
NordVPN have denied recent breach allegations, stating that attackers accessed only a third-party test environment containing dummy data. The company said the exposed Salesforce API keys never connected to production systems or customer information.
So what?
Cyber incident response and thorough forensic work allow organisations to assess claims quickly, limit uncertainty, and communicate impact with confidence.
[Researcher: Lawrence Copson]
2. Illinois Department of Human Services and Manage My Health suffer data breaches
The Illinois Department of Human Services (IDHS) accidentally exposed sensitive information of over 700,000 individuals through publicly accessible internal maps for a period of almost four years. The error, which was discovered and remediated in September 2025, was disclosed this month by IDHS under the Health Insurance Portability and Accountability Act (HIPAA).
Separately, Manage My Health, a widely used patient portal in New Zealand, suffered a cyber breach exposing sensitive health data of around 120,000 patients. The incident triggered complex legal processes, regulatory notifications, legal injunctions, and a government-led review.
So what?
These incidents highlight the importance of appropriate handling of sensitive personal information and the impact compromised data has on organisations, including the effort, cost and erosion of public trust.
[Researcher: Milda Petraityte]
3. Sales at Jaguar Land Rover Sales drop sharply after cyber incident
After suffering a major cyberattack which forced production shutdowns in September 2025, Jaguar Land Rover (JLR) has reported a 43% drop in third-quarter wholesale volumes. Although the disruption comes in combination with US tariffs and the phase-out of older Jaguar models, JLR stated that the cost of the cyberattack totalled GBP 196 million (USD 220 million) in the quarter.
So what?
The incident underscores how a cyber incident can cripple the company operations, inflict hundreds of millions in losses, and expose businesses to severe operational and economic risks on a global scale.
[Researcher: Milda Petraityte]
4. Critical flaws in widely used software raise urgency for rapid patching
Security researchers disclosed new critical vulnerabilities in Veeam backup software that could allow attackers to take control of backup servers if organisations fail to patch. At the same time, CISA warned that serious flaws affecting Microsoft Office and HPE OneView face active exploitation in the wild. The issues span core enterprise tools used for data protection, infrastructure management, and everyday productivity.
SO WHAT?
Organisations must stay alert to critical vulnerability disclosures, track patch updates closely, and increase monitoring to reduce the risk of rapid exploitation.
[Researcher: Lawrence Copson]
5. Browser extensions caught stealing AI chat logs.
Chat logs from nearly 1 million users have been put at risk from two malicious extensions found on the Chrome Web Store designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations under the guise of optimising browser performance. This new form of malicious activity, capturing AI conversations, has been termed “prompt poaching”.
So What?
Users should refrain from installing extensions from unknown sources. Administrators of corporate devices should take the opportunity to review and refresh policies around browser extensions – and AI use.
[Researcher: Lester Lim]
6. Alleged scam lord arrested in Cambodia and extradited to China
Chen Zhi, the head of the Prince Group conglomerate and alleged architect of a multi-billion scam empire was arrested in Cambodia and immediately extradited to China. Zhi's arrest marks the latest development in the dramatic collapse of one of the nation's most notable businesses, which has investments in the real estate, banking, entertainment, and airline sectors.
SO WHAT?
This event marks the most significant law enforcement action to date against the widespread scamming industry in Southeast Asia.
[Researcher: Houren Lee]
-1-1.jpeg?width=121&height=121&name=MicrosoftTeams-image%20(11)-1-1.jpeg)
