Risky Bulletin: Washington Post Email Accounts Hacked
Hosted by Risky.biz | Released on June 16, 2025
In this episode of Risky Bulletin, host Claire Aird delves into a series of significant cybersecurity incidents that have recently unfolded across the globe. From high-profile email breaches to substantial investments in healthcare cybersecurity, the episode provides a comprehensive overview of the current threat landscape. Below is a detailed summary of the key discussions, insights, and conclusions drawn during the episode.
1. Washington Post Email Accounts Compromised
Claire Aird opens the bulletin with alarming news about a breach affecting the Washington Post. The incident involved unauthorized access to email accounts belonging to several reporters, particularly those on the national security and economic policy teams.
Claire Aird [02:15]: "Hackers have gained access to some reporters' email accounts at the Washington Post, targeting key journalists in sensitive areas."
According to the Wall Street Journal, the attack is suspected to be orchestrated by a foreign government, highlighting the growing trend of state-sponsored cyber espionage. The breach was initially detected on Thursday, with the Washington Post informing its staff by Sunday, indicating a swift response to the threat.
2. Sorbonne University Data Theft
Next, the discussion shifts to a cyber attack on France's Sorbonne University, which disrupted the institution's IT systems earlier this month. This intrusion led to the theft of sensitive information, including banking details and Social Security numbers of some staff members.
Claire Aird [05:40]: "Officials at Sorbonne University reported that hackers stole critical banking details and Social Security numbers, exacerbating fears from last year's breach."
This is not the first incident for the university; in October of the previous year, hackers had compromised personal information of over 73,000 staff and students, underscoring the persistent vulnerabilities within academic institutions.
3. Zoomcar User Data Compromised
The episode highlights a significant data breach at Zoomcar, an Indian car-sharing platform, where hackers have stolen data of approximately 8.4 million users. The compromised data includes customer names, contact details, addresses, and car registration numbers.
Claire Aird [09:22]: "Hackers are leveraging the stolen data from Zoomcar to demand a ransom, threatening to release the information publicly if their demands are unmet."
This breach echoes a similar incident in 2018 when Zoomcar faced a data compromise affecting 3.5 million users, indicating ongoing security challenges for the company.
4. WestJet Investigates Security Breach
Canadian airline WestJet is currently investigating a security incident that impacted its website and mobile app for several hours on Friday. Thankfully, the breach did not disrupt scheduled flights or critical operations.
Claire Aird [12:10]: "WestJet assures that there were no interruptions to flight schedules despite the temporary compromise of their digital platforms."
The lack of operational impact suggests that WestJet's contingency measures were effective in mitigating potential fallout from the breach.
5. Cochley Email Provider Hacked
A significant development involves the email provider Cochley, which is reportedly hacked, leading to the sale of its data on an underground hacking forum. Cochley has publicly denied the breach, attributing the security claims to the age of their systems.
Claire Aird [15:30]: "Despite Cochley's denial, threat intelligence researchers indicate that the leaked data appears authentic, raising concerns about the provider's security protocols."
Cochley is known for its popularity among cybercriminals and ransomware groups, often being used to disseminate threats and malicious activities.
6. Ukrainian Intelligence Targets Russian Telco Orion
In a geopolitical twist, Ukraine's military intelligence has reportedly hacked into the Russian telecommunications company Orion, causing significant disruptions.
Claire Aird [18:45]: "The hack resulted in the wiping of backups and disabling of 370 servers and 500 network switches, leading to widespread internet and TV outages in four major Russian cities."
This intrusion, occurring on Russia's Independence Day (June 12), was further complicated by the involvement of the hacktivist group BO Team, illustrating the intersection of state-sponsored and independent cyber operations.
7. US Law Enforcement Assists Vietnamese Company Against Ransomware
A cooperation between a US law enforcement agency and a Vietnamese state-owned company resulted in the decryption of data following a ransomware attack that crippled over 1,000 servers.
Claire Aird [22:05]: "The attackers demanded $2.5 million, but officials opted for decryption without paying the ransom, citing the lack of a legal framework for state enterprises to comply with such demands."
Though the company's name remains undisclosed, it is identified as a multi-billion dollar energy firm, emphasizing the high stakes involved in protecting critical infrastructure.
8. EU Invests €145.5 Million in Healthcare Cybersecurity
Shifting focus to positive developments, the European Union is channeling €145.5 million into enhancing cybersecurity measures within hospitals and healthcare providers.
Claire Aird [25:20]: "This investment will bolster the Horizon Europe program, facilitating the use of generative AI in cybersecurity, and support the Digital Europe program to defend against ransomware attacks."
This substantial funding underscores the EU's commitment to safeguarding sensitive healthcare data and ensuring the resilience of critical health services against cyber threats.
9. Indonesian Police Arrest Cyber Scam Suspects
In Southeast Asia, Indonesian authorities have apprehended 38 suspects linked to a cyber scam operation based in Bali. The group operated from five different locations and targeted foreigners to harvest personal data for investment scams.
Claire Aird [28:40]: "The arrested individuals allegedly received $1 for each data point collected, highlighting the commodification of personal information in cybercriminal ecosystems."
This crackdown exemplifies the global efforts to dismantle cyber scam networks exploiting vulnerable populations for financial gains.
10. CISA Advises on Firmware Updates for Security Cameras
The Cybersecurity and Infrastructure Security Agency (CISA) has issued advisories for organizations to either install firmware updates or restrict access to security cameras from four specific vendors: PTZ, Optics, ValueHD, MultiCam, and Smtav.
Claire Aird [31:55]: "Vulnerabilities in these devices could allow attackers to use hard-coded admin credentials, execute malicious code, and leak user credentials and configuration files."
While PTZOptics has released the necessary firmware updates, the other vendors have yet to respond, leaving devices at risk of exploitation.
11. Malicious Firefox Add-ons Identified
Security experts have uncovered malicious add-ons within Firefox's official store, posing significant threats to users' online safety.
Claire Aird [35:10]: "One of the add-ons was leveraging pop-ups to redirect users to tech support scams, while others were artificially inflating social media metrics to manipulate engagement."
These findings highlight the ongoing battle against malicious software infiltrating trusted platforms, necessitating vigilant scrutiny of browser extensions.
12. Apple's New Call Screening Feature in iOS
Concluding the episode, Apple announced the introduction of a new feature in iOS aimed at combating scam calls. Scheduled for release with iOS 26 later this year, the feature automatically answers calls from unknown numbers and requests the caller to state their name and purpose.
Claire Aird [38:25]: "Apple estimates that this feature could block up to 1 billion scam calls annually, providing users with an additional layer of protection against fraudulent activities."
This proactive measure reflects the tech giant's commitment to enhancing user security and mitigating the pervasive issue of phone-based scams.
Conclusion
Today's episode of Risky Bulletin underscores the multifaceted nature of cybersecurity threats, ranging from targeted email breaches of prominent news organizations to large-scale data thefts affecting millions of users worldwide. The discussions emphasize the importance of robust security measures, proactive threat intelligence, and international cooperation in combating cyber threats. Additionally, the episode highlights significant investments and technological advancements aimed at strengthening defenses across critical sectors, particularly healthcare and infrastructure. As cyber threats continue to evolve, the insights provided offer valuable guidance for organizations and individuals striving to navigate the complex cybersecurity landscape.
Note: All timestamps correspond to the original podcast transcript provided.
