Top news stories this week
- Long road to recovery. Jaguar Land Rover operations continue to stall amid delays in UK cyber legislation.
- Meta inspector abettor. Ex-WhatsApp executive files lawsuit alleging Meta ignored app flaws.
- Under the sea. Microsoft’s Azure cloud services disrupted by undersea cable incident.
- Not sitting comfortably. US furniture brand Lovesac discloses data breach.
- Charged. Two key ransomware and cybercrime operators arrested .
- Reset. Plex asks customers to reset passwords following breach.
1. Jaguar Land Rover extends operational shutdown after cyberattack amid delays in UK cyber legislation
Jaguar Land Rover’s (JLR) UK factories will remain closed until at least next Wednesday as the luxury car manufacturer continues to respond to the cyberattack that took place on August 31 2025. The halt in operations is costing the company around GBP 5 million a day with suppliers to JLR also heavily impacted.
In light of the recent high-profile cyberattacks in the UK this year, the UK government is under mounting pressure to enact the Cyber Security and Resilience Bill (CSRB,) which has reportedly been delayed again.
So what?
Increasingly, legislation is being used by governments to encourage or force companies to build cyber resilience, such as the European Union’s NIS2 Directive. The continued delay to the UK's new Cyber Security and Resilience Bill appears at odds with the recent wave of high-profile attacks and their growing economic impact.
[Researcher: Richard Winter]
2. Ex-WhatsApp executive files lawsuit alleging Meta ignored app flaws
A former senior cyber security executive at WhatsApp filed a lawsuit accusing its parent company Meta of ignoring internal vulnerabilities in the app’s security measures. The lawsuit claims that the company failed to remedy the hacking and takeover of more than 100,000 accounts each day and about 1,500 engineers had unrestricted access to user data without adequate oversight, potentially exposing billions of users.
So what?
Companies should take this opportunity as a cue to review and update access policies and permissions, particularly in the event of material changes in a company’s business, scope or tech stack.
[Researcher: Lester Lim]
3. Microsoft’s Azure cloud services disrupted by undersea cable incident
Microsoft’s Azure cloud service in the Middle East and Asia has been disrupted after subsea fibre-optic cables were cut in the Red Sea. Microsoft was able to reroute the network traffic through other paths, but multiple countries have suffered temporary outages and latency of the services.
So what?
While disruption to subsea cables impact multiple countries and businesses, organizations should include these events into their business continuity and disaster recovery planning and testing.
[Researcher: Milda Petraityte]
4. US furniture brand Lovesac discloses data breach
Lovesac, a large US furniture manufacturer and retailer, has confirmed it suffered a data breach resulting from a ransomware attack earlier this year. Sensitive personal information including names and Social Security numbers were exposed in the incident which triggered legal investigations and regulatory notifications. As a result, shares in the company dropped on the day of disclosure.
SO WHAT?
Organizations should focus on building their cyber resilience as the far reaching impact of cyberattacks include regulatory and legal action, reputational damage and value erosion.
[Researcher: Milda Petraityte]
5. Two key ransomware and cybercrime operators arrested
The US Department of Justice has charged Ukrainian national, Volodymyr Viktorovich Tymoshchuk, for his role as the administrator of the LockerGoga, MegaCortex, and Nefilim ransomware operations. Between July 2019 and June 2020, Tymoshchuk and his accomplices allegedly breached the networks of over 250 companies across the United States.
Separately, the FBI coordinated an investigation in partnership with the Kosovo Police's Cybercrime Investigation Directorate, on Kosovo national Liridon Masurica; who has pleaded guilty to running BlackDB.cc, a cybercrime marketplace that has been active since 2018.
So What?
The takedown of these key figures could lead to a temporary reduction in ransomware activity and dark web marketplace operations. However, organizations should remain vigilant for spikes in activity or targeted campaigns, as arrests of high-profile cybercriminals may provoke retaliatory actions from affiliated threat actors.
[Researcher: Tlhalefo Dikolomela]
6. Plex suffers another data breach
Plex, a media streaming platform, has experienced a data breach. Stolen data includes usernames, email addresses, hashed passwords, and authentication data. Plex has notified users to reset their passwords, but this was not their first incident. In August 2022, Plex also faced a breach that exposed user data and passwords.
SO WHAT?
Plex's repeated data breaches show that companies need to prioritise cybersecurity measures. Protecting user data is crucial for maintaining trust and preserving a company's reputation.
[Researcher: Claire Yin]
