{"id":10655,"date":"2026-05-19T11:28:10","date_gmt":"2026-05-19T08:28:10","guid":{"rendered":"https:\/\/cyberone.bg\/?p=10655"},"modified":"2026-05-19T11:28:14","modified_gmt":"2026-05-19T08:28:14","slug":"weekly-cybersecurity-report-week-20-2026","status":"publish","type":"post","link":"https:\/\/cyberone.bg\/en\/weekly-cybersecurity-report-week-20-2026","title":{"rendered":"Weekly Cybersecurity Report | Week 20, 2026"},"content":{"rendered":"\n<p>As your dedicated cybersecurity services provider,<strong>\u00a0<a href=\"https:\/\/cyberone.bg\/\">CyberOne<\/a><\/strong>\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Weekly Cybersecurity Report | Week 20, 2026<\/h2>\n\n\n\n<p><strong><u>Information security updates and events from the past we<\/u><\/strong><strong><u>ek<\/u><\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"1\"><a id=\"1\" href=\"#1\"><strong>1.<strong><strong><strong><strong><strong><strong><strong><strong><strong>Inditex, the parent company of Zara and brands such as Bershka, Pull&Bear and Massimo Dutti, has confirmed that the data of around 197,000 customers was exposed in a hack to an external technology provider.<\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/a><\/h3>\n\n\n\n<p>What was confirmed?<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Unauthorized access to databases stored at a former technology provider<\/li>\n\n\n\n<li>According to the company, the databases did not contain names, passwords, payment details, addresses or phone numbers<\/li>\n\n\n\n<li>Inditex\u2019s systems and operations were not compromised<\/li>\n<\/ul>\n\n\n\n<p>What was exposed?<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>According to Have I Been Pwned, the data includes 197,400 unique email addresses<\/li>\n\n\n\n<li>order IDs, product SKUs, geographic locations, purchase history and customer service inquiries<\/li>\n<\/ul>\n\n\n\n<p>ShinyHunters claims to have stolen a 140GB archive from BigQuery systems and has 95 million customer service records in its possession<\/p>\n\n\n\n<p>Zara competitor Mango also suffered a data breach last October after its marketing vendor was hacked<\/p>\n\n\n\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/zara-data-breach-exposed-personal-information-of-197-000-people\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/zara-data-breach-exposed-personal-information-of-197-000-people\/<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2\"><a id=\"2\" href=\"#2\"><strong>2.<strong><strong><strong><strong><strong><strong><strong><strong><strong>\u0160koda online store hacked \u2013 personal customer information exposed<\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/a><\/h3>\n\n\n\n<p>\u0160koda Auto Deutschland confirmed that its online store was hacked after attackers exploited a vulnerability in the store\u2019s software. The store has been taken down, the vulnerability has been fixed, and the incident is under forensic investigation.<\/p>\n\n\n\n<p>What Exposed?<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Names and addresses, email addresses and phone numbers, order information, account access details (email and password encrypted as a hash),<\/li>\n\n\n\n<li>Full credit card details are not stored in the store and are only processed via external payment providers, so according to the findings, there has been no access to them<\/li>\n<\/ul>\n\n\n\n<p>The incident has been reported to the German Data Protection Authority<\/p>\n\n\n\n<p>What is recommended for customers?<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Change passwords, especially if you have also used the same password on other services<\/li>\n\n\n\n<li>Be wary of emails, SMS or calls referring to \u0160koda orders and asking to enter details or click on links<\/li>\n\n\n\n<li>Monitor account and credit statements and report any suspicious activity<a href=\"https:\/\/www.skoda-auto.de\/unternehmen\/sicherheitsvorfall-skoda-shop\">https:\/\/www.skoda-auto.de\/unternehmen\/sicherheitsvorfall-skoda-shop<\/a><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"3\"><a id=\"3\" href=\"#3\"><strong>3.<strong><strong><strong><strong><strong><strong><strong><strong><strong>International Monetary Fund warns: AI is turning cyberattacks into a threat to global financial stability<\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/a><\/h3>\n\n\n\n<p>The International Monetary Fund (IMF) has published an analysis that warns that AI-based cyberattacks can cause shocks to the global financial system such as liquidity crises, solvency concerns and market disruptions.<\/p>\n\n\n\n<p>No longer a technical risk, but a systemic risk.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Models like Anthropic\u2019s Mythos have proven that vulnerabilities can be found and exploited in any major operating system and browser, even in the hands of a non-expert<\/li>\n\n\n\n<li>Attackers discover and exploit vulnerabilities faster than defense teams can update<\/li>\n\n\n\n<li>The financial system is built on shared digital infrastructures of the same software, the same cloud providers, the same payment networks. One vulnerability can affect many institutions at the same time<\/li>\n<\/ul>\n\n\n\n<p>What does the IMF recommend?<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Treat cyber as a financial stability issue, not a technical problem<\/li>\n\n\n\n<li>Build the system with the assumption that breaches will happen and ensure that you can recover quickly and limit the spread<\/li>\n\n\n\n<li>Management exercises, scenario analysis and board-level oversight<\/li>\n\n\n\n<li>International cooperation because cyber risks know no borders, and countries With fewer resources more exposed The bottom line according to the IMF: The question is no longer \u201cif\u201d a cyberattack will hit the financial system, but whether the system can absorb the blow without collapsing.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"4\"><a id=\"4\" href=\"#4\"><strong>4.<strong><strong><strong><strong><strong><strong><strong><strong><strong>The Everest ransomware group has hit Rehab Clinics Group, a leading UK healthcare provider specializing in rehabilitation and addiction treatment<\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/a><\/h3>\n\n\n\n<p>The attack is affecting a range of medical services across the UK. The group has managed to add the company to its list of leaks, and it appears they are holding sensitive medical and personal information about patients, which could be made public if the ransom demands are not met.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"5\"><a id=\"5\" href=\"#5\"><strong>5.<strong><strong><strong><strong><strong><strong><strong><strong><strong>West Pharmaceutical Services, one of the world\u2019s largest suppliers of injectable solutions, reports a ransomware attack on the US stock exchange.<\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/a><\/h3>\n\n\n\n<p>According to the report, attackers broke into the company\u2019s network on 4.5, stole data and compromised systems. Following the attack, the company\u2019s systems were disrupted, including shipping, receiving and manufacturing systems around the world.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"5\"><a id=\"5\" href=\"#5\"><strong>6.<strong><strong><strong><strong><strong><strong><strong><strong><strong><strong>The Nitrogen attack group has named Foxconn, the world\u2019s largest electronics manufacturer, as a victim.<\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/a><\/h3>\n\n\n\n<p>The group claims to have 8TB of data belonging to the company, including millions of files.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"5\"><a id=\"5\" href=\"#5\"><strong>7.<strong><strong><strong><strong><strong><strong><strong><strong><strong><strong>The Instructure learning system, which is used by thousands of schools and universities around the world, has experienced one of the largest data breaches in the education sector.<\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/strong><\/a><\/h3>\n\n\n\n<p>The ShinyHunters hacker group claimed to have stolen information on approximately 275 million students, teachers and staff.<\/p>\n\n\n\n<p>The information included names, emails, private messages and student numbers.<\/p>\n\n\n\n<p>The system was even temporarily disabled during exam periods, causing chaos at many universities.<\/p>\n\n\n\n<p><strong><em>The cybersecurity attacks highlighted in this report aren\u2019t just incidents, they\u2019re blueprints of the adversary\u2019s arsenal. To protect your business you need the right partner. CyberOne is here to help! Check out our <a href=\"https:\/\/cyberone.bg\/en\/services\">services<\/a>.<\/em><\/strong><\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As your dedicated cybersecurity services provider,\u00a0CyberOne\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape. Weekly Cybersecurity Report | Week 20, 2026 Information security updates and events from the past week 1.Inditex, the parent company of Zara and [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":8618,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[65],"class_list":["post-10655","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weekly-cyber-updates","tag-weekly-cybersecurity-report"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/10655","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/comments?post=10655"}],"version-history":[{"count":1,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/10655\/revisions"}],"predecessor-version":[{"id":10656,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/10655\/revisions\/10656"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media\/8618"}],"wp:attachment":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media?parent=10655"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/categories?post=10655"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/tags?post=10655"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}