Hawaiian Airlines cyberattack, United Natural Foods update, Russia throttles Cloudflare

Cyber Security Headlines - Detailed Summary

Hosted by CISO Series | Release Date: June 30, 2025

1. Hawaiian Airlines Suffers Cyberattack

Overview: Hawaiian Airlines reported a significant cyberattack that disrupted some of its IT systems. Despite the incident, the airline maintained its full flight schedule and has been diligently working towards restoring operations to normalcy.

Key Points:

• Incident Timing: The cyberattack was first reported on Thursday morning.
• Operational Impact: While some IT systems were taken down, the airline ensured the safety and continuation of its flight operations.
• Attribution: Numerous incident responders have linked the attack to the "Scattered Spider" group, notorious for recent assaults on UK retailers and insurance companies like Aflac.

Notable Quote: Steve Prentiss stated, “The airline stated it was still able to safely operate a full flight schedule and was working towards an orderly restoration” (00:07).

2. United Natural Foods Cyber Incident Update

Overview: United Natural Foods (UNFI), a major food distributor supplying Whole Foods and other specialty food markets across the U.S. and Canada, disclosed a cyber incident that could impact its quarterly income.

Key Points:

• System Restoration: UNFI has successfully restored its systems post-incident.
• Financial Impact: The company anticipates a negative effect on its income for the final quarter of its fiscal year, ending in August.
• Data Security: No data breaches were reported, and no group has claimed responsibility for the attack.
• Insurance Coverage: UNFI's cyber insurance will cover some of the incurred costs, with payouts expected in the next fiscal year.

Notable Quote: Steve Prentiss noted, “This attack did not include any data breaches and no group has claimed responsibility as of yet” (00:07).

3. Russia Throttles Cloudflare, Rendering Sites Inaccessible

Overview: Russian Internet Service Providers (ISPs) have been throttling access to websites and services protected by Cloudflare, severely limiting accessibility for users within Russia.

Key Points:

• Throttling Mechanism: Russian ISPs restrict access to only the first 16 KB of any web asset, rendering most Cloudflare-protected sites unusable.
• Cloudflare's Stance: The company stated it cannot remediate the issue as the throttling is beyond its control, with no effective workarounds available.
• Strategic Intent: Cloudflare believes this move is part of Russia's broader strategy to expel Western tech firms from its domestic market.

Notable Quote: Steve Prentiss explained, “Russia throttles Cloudflare making sites inaccessible from the country” (00:07).

4. Ahold Delez Data Breach Information Released

Overview: Ahold Delhaize, one of the world's largest food retail chains, has announced a data breach affecting over 2 million individuals due to a ransomware attack in November.

Key Points:

• Affected Information: Personal, financial, and health data of individuals were compromised.
• Geographical Impact: The breach affected US systems of the multinational retailer operating in Europe, the US, and Indonesia.
• Perpetrators: No specific cybercrime group has been identified, though the Inc. Ransomware Group referenced Ahold Delhaize on its dark web portal in April.

Notable Quote: Steve Prentiss reported, “Ahold Delez D E L H A I Z E... is now notifying more than 2 million individuals that their personal, financial and health information was stolen” (00:07).

5. Microsoft Security Updates Following CrowdStrike Outage

Overview: In response to a major IT outage caused by a faulty software update from CrowdStrike last year, Microsoft has announced significant changes to enhance security and reduce similar risks in the future.

Key Points:

• Issue Details: The outage affected millions of Windows devices globally due to vulnerabilities in CrowdStrike's Falcon software.
• Microsoft's Response:
  • Antivirus software will no longer have direct access to the Windows kernel.
  • Introduction of a new endpoint security platform requiring rigorous testing and review of third-party security updates before deployment.

Notable Quote: Steve Prentiss highlighted, “Microsoft has now announced changes to reduce such risks” (05:XX).

6. FBI Warns of Social Engineering Exploiting Healthcare Sector

Overview: The FBI has issued a cautionary alert regarding increasing social engineering attacks targeting patients and healthcare providers, aiming to steal sensitive medical and financial data.

Key Points:

• Attack Methods: Criminals impersonate health insurers and claims investigators via emails and texts to extract sensitive information or solicit fraudulent payments.
• Targeted Entities: Healthcare providers and patients are the primary victims.
• Criminal Tactics: Utilization of previously leaked or partial personal data to enhance the credibility of their schemes.

Notable Quote: Errol Weiss from Health ISAC mentioned, “Such scams are increasing, often involving impersonation of trusted entities like government agencies or major brands” (05:XX).

7. Google's Emissions Surge Due to AI Development

Overview: Google has reported a 51% increase in carbon emissions since 2019, primarily driven by the escalating energy demands of artificial intelligence technologies.

Key Points:

• Energy Consumption: A 27% year-over-year rise in electricity usage attributed to data centers supporting AI models like Google’s Gemini and ChatGPT.
• Environmental Impact: Despite investments in renewable energy and carbon removal, Google's scope 3 emissions remain challenging to reduce.
• Future Projections: Experts warn AI advancements could lead data centers to consume up to 4.5% of global energy by 2030.
• Decarbonization Challenges: Delays in implementing low-carbon energy solutions, such as small modular reactors, further complicate efforts to mitigate emissions.

Notable Quote: Steve Prentiss observed, “Google's carbon emissions have jumped 51% since 2019, largely due to the growing energy demands of artificial intelligence” (05:XX).

8. Hacker's Role in the El Chapo Case

Overview: A Justice Department watchdog report reveals how a hacker employed by the Sinaloa drug cartel infiltrated systems to monitor and ultimately eliminate sources involved in the El Chapo investigation.

Key Points:

• Surveillance Tactics: The hacker accessed cameras and phones to track an FBI official in Mexico, specifically the FBI assistant legal attaché.
• Data Exploitation: Leveraged hacked mobile phone data and city camera systems to monitor the official's movements and communications.
• Consequences: Information gathered was used to intimidate and kill potential sources and cooperating witnesses, severely undermining the investigation.

Notable Quote: Steve Prentiss reported, “A hacker hired by the Sinaloa drug cartel... infiltrated cameras and phones to track an FBI official... and then used data from that surveillance to kill and intimidate potential sources” (07:XX).

Conclusion

The episode of Cyber Security Headlines delivered comprehensive coverage of significant cyber incidents impacting various sectors, from aviation and food distribution to global tech firms and law enforcement. Key themes included the evolving tactics of cybercriminal groups, the intersection of cybersecurity and geopolitical strategies, and the pressing environmental concerns linked to technological advancements.

For more in-depth stories and daily updates, listeners are encouraged to visit CISOseries.com.

Timestamp Guide:

• 00:07: Introduction and initial headlines.
• 05:XX: Mid-episode security updates.
• 07:XX: Final news segments and closing remarks.

Note: Advertisements and sponsor messages were excluded to focus solely on content-rich segments.