As your dedicated cybersecurity services provider, CyberOne equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 11, 2026
Information security updates and events from the past week
1.Telus Digital mega‑breach (Canada)
- Canadian IT and services provider Telus Digital disclosed a major security incident after attackers accessed parts of its internal infrastructure.
- A hacker group claims theft of several hundred terabytes up to one petabyte of data, with samples suggesting exposure of multi‑tenant customer data, internal documents, source code, and communications; full scope is still under forensic investigation.
2.Loblaw retail group data breach (Canada)
- The same weekly incident overview reported a data breach at Loblaw, Canada’s largest food and pharmacy retailer, with attackers obtaining internal information and customer‑related data.
- While detailed datasets are not yet publicly enumerated, early analysis indicates exposure of personal data connected to loyalty, ecommerce, or digital services, reinforcing third‑party and large‑retail attack surface risk.
3.Stryker med‑tech cyberattack (healthcare & devices)
- Medical‑technology company Stryker suffered a cyberattack that disrupted operations and required suspension of some services.
- Officials reported ongoing work to restore affected systems and said they currently believe core citizen/patient personal data integrity is intact, though a group calling itself Green Blood Group claimed responsibility and access to agency‑level systems.
4.LexisNexis Reach2Shell exploitation
- LexisNexis confirmed a data breach after hackers exploited the critical Reach2Shell vulnerability that had been public and patchable since late 2025.
- The company says stolen data was “old, non‑sensitive” information such as customer names, user IDs, business contact details, product‑usage metadata, survey IP addresses, and support tickets, and that highly sensitive identifiers like Social Security or financial data were not taken.
5.Ransomware focus: Qilin, KillSec, Everest (South Korea)
- ASEC’s “Ransom & Dark Web Issues – Week 2 March 2026” highlighted active campaigns by Qilin, KillSec, and Everest ransomware families.
- Recent South Korean victims include a dermatology clinic (healthcare), the local branch of a global advertising firm, an exhibition‑management platform, and an elevator manufacturer, illustrating how attackers are hitting healthcare, media/marketing, SaaS platforms, and industrial manufacturing simultaneously.
6.Cybercrime spike tied to Iran war
- Akamai data showed a 245% increase in cybercrime traffic (credential harvesting, scanning, automated recon) since the start of the Iran war, with banking/fintech (40% of malicious traffic) hardest hit, followed by e‑commerce, gaming, tech, and media.
- Botnet‑driven discovery traffic jumped 70%, automated reconnaissance 65%, and there were notable rises in broad infrastructure scanning (52%), credential theft attempts (45%), and pre‑DDoS recon (38%), often routed via proxy services in Russia and China.
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. CyberOne is here to help! Check out our services.
