Major Ransomware Campaign Targets 40+ Firms Across Retail, Insurance, and Hospitality Sectors A large-scale ransomware attack has compromised over 40 organizations in the retail, insurance, and hospitality industries, including high-profile companies such as Carnival, Pitney Bowes, Hallmark, and Zara. The incident, classified as a "major" cybersecurity event by the FBI, underscores the growing threat of ransomware in an era of increasingly complex IT infrastructures. The attack highlights vulnerabilities in sectors handling sensitive customer data, with recent breaches in Europe such as the Venice breach, Basic-Fit data exposure, and an Inditex incident further demonstrating the rising frequency of cyber incidents. U.S. agencies have also issued warnings about PLC attacks, while Microsoft phishing campaigns and an actively exploited Google Chrome zero-day add to the escalating threat landscape. The incident serves as a reminder that traditional backup strategies alone are insufficient against modern cyber threats, as attackers increasingly target critical systems beyond data storage. Security experts emphasize the role of Security Information and Event Management (SIEM) systems in enabling proactive threat detection and response, helping organizations identify and mitigate risks before they escalate.

Hallmark Data Breach Exposes 1.7 Million Customer Records In a recent cybersecurity incident, greeting card giant Hallmark confirmed a data breach that occurred in March, with attackers gaining access to its Salesforce environment. The stolen data published this week includes 1.7 million unique email addresses, along with names, phone numbers, physical addresses, and customer support ticket details. Analysis of the exposed records reveals that 82% of the affected email addresses were already linked to LinkedIn profiles, suggesting potential overlap with professional networks. The breach highlights vulnerabilities in third-party integrations, as attackers exploited access to Salesforce, a widely used customer relationship management (CRM) platform. The incident underscores the risks of storing sensitive customer data in cloud-based systems and the growing trend of attackers targeting enterprise software to extract large-scale datasets. No financial or payment information was reported as compromised, but the exposure of personal details raises concerns about phishing and identity-related fraud. The full impact of the breach remains under investigation.