The Police Service of Northern Ireland (PSNI) made a major blunder recently when they accidentally released the names and roles of 10,000 officers and staff in response to a Freedom of Information request. This breach, which lasted for three hours, included intelligence and security service personnel. The PSNI attributed the mistake to “human error,” and the Information Commissioner’s Office has launched an investigation. Concerns about the safety of officers have been raised, leading the police service to consider reassigning individuals to different roles.
In another cybersecurity incident, North Korean hackers from the Lazarus group targeted NPO Mashinostroyeniya, a prominent Russian missile manufacturer. The breach occurred in late 2021 but went undetected until May 2022. Experts believe the hackers had access to email traffic, network hopping capabilities, and data extraction abilities. While it remains unclear what exactly was stolen, North Korea announced updates to its missile program following the breach, suggesting a possible connection.
Microsoft also faced a significant cybersecurity breach when China-based hackers stole a digital key used for signing tokens assigned to users logging into Outlook email accounts. At least 25 organizations, including government bodies, had their Outlook accounts compromised. US Senator Ron Wyden has demanded three federal inquiries into Microsoft’s “negligent cybersecurity practices” and called for the Cyber Safety Review Board to investigate the incident. Bloomberg News reports that the review board is already planning to do so. Microsoft has expressed its willingness to cooperate fully with any federal investigations into the breach.