Dorapepe

40,000 ACCOUNTS OF TOP UK BANK BREACHED, CHINA APPROVES CYBER LAW TO COUNTER THREATS

Last updated: June 19, 2025, 20:25 | Written by: Cameron Winklevoss

40,000 Accounts Of Top Uk Bank Breached, China Approves Cyber Law To Counter Threats
40,000 Accounts Of Top Uk Bank Breached, China Approves Cyber Law To Counter Threats

The digital landscape is constantly evolving, and with it, the threats to our online security. The Hunters International ransomware group allegedly claiming the breach o f the London branch of the Industrial and Commercial Bank of China (ICBC), a major Chinese state-owned bank. The group claims to have exfiltrated a staggering 6.6 terabytes of data, equating to over 5.2 million files.A recent incident involving a significant data breach at a major UK bank, coupled with China's approval of a new cybersecurity law, highlights the increasing complexities and challenges in safeguarding sensitive information.News broke recently of a cyberattack targeting the London branch of the Industrial and Commercial Bank of China (ICBC), one of China's largest state-owned banks, resulting in the potential compromise of approximately 40,000 customer accounts in the UK. China adopts a controversial cyber security law as about 40,000 accounts of a top British bank are reported to have seen suspicious transactions over the weekend. 811 Total views 211 Total sharesSimultaneously, China's move to bolster its cybersecurity framework raises questions about data privacy, international relations, and the global balance of power in the digital age.This article delves into the details of both events, exploring their implications for individuals, businesses, and governments alike. Blog: Under the Digital Radar: Defending Against People s Republic of China s Nation-State Cyber Threats to America s Small Businesses For years, CISA has worked to defend federal, state, local, tribal, and territorial governments as well as our private sector partners from malicious cyber activities emanating from the People s RepublicWe'll examine the nature of the cyberattack on ICBC, discuss China's new cyber law and what it means for cybersecurity at large, and explore the broader context of cybersecurity threats facing the financial sector and beyond.Prepare to understand the convergence of these crucial digital security events.

ICBC London Cyberattack: A Deep Dive

The cyberattack on the London branch of ICBC is a stark reminder of the vulnerabilities facing financial institutions in the digital age.The ransomware group Hunters International has claimed responsibility for the breach, alleging the exfiltration of a massive 6.6 terabytes of data, encompassing over 5.2 million files.This information likely includes sensitive customer data, internal financial records, and other proprietary information. UK Ministry of Defence: In May 2025, the UK's Ministry of Defence (MoD) experienced a significant data breach when a contractor-operated payroll system was compromised by a cyber attack. This system contained personal information including names, bank details, and, in some cases, home addresses of approximately 270,000 current and former UKThe attack underscores the sophistication and persistence of modern cyber threats, emphasizing the need for robust security measures and proactive threat detection.

Hunters International: Who Are They?

Hunters International is a ransomware group known for targeting organizations across various sectors.While their specific origins and motivations remain somewhat obscure, they are believed to be financially motivated, seeking to extort ransom payments from their victims in exchange for decrypting compromised systems and preventing the release of stolen data.Their alleged claim of responsibility in the ICBC London attack further solidifies their reputation as a significant cyber threat actor.

The Extent of the Breach: What Data Was Compromised?

The alleged exfiltration of 6.6 terabytes of data suggests a potentially catastrophic breach. Data Breaches. Oh no pwned! This email address has been found in multiple data breaches.Review the details below to see where your data was exposed.While the full scope of the compromised information is still being investigated, it is likely to include:

  • Customer Account Information: Names, addresses, contact details, account numbers, and potentially, financial transaction history.
  • Internal Financial Records: Data related to ICBC's operations, financial performance, and internal processes.
  • Employee Information: Personal data of ICBC employees, including social security numbers, payroll information, and contact details.
  • Proprietary Information: Trade secrets, intellectual property, and other confidential business data.

The potential exposure of such sensitive data poses significant risks to both ICBC and its customers, including financial fraud, identity theft, and reputational damage.

UK's Response: NCSC Monitoring the Situation

The UK's National Cyber Security Centre (NCSC), the government's authority on cyber threats and part of GCHQ, is actively monitoring the situation. Ethereum just suffered a $1.4B hack, draining Bybit s cold wallet in one of the biggest crypto exploits ever. Now, the crypto world is split should EthereumThe NCSC plays a crucial role in providing guidance and support to organizations affected by cyberattacks, as well as coordinating the national response to significant incidents. According to a 2025 report by IBM, finance firms are averaging $5.9 million per data breach. Below are seven growing cybersecurity threats, as well as some suggestions for how banks can keep data secure. 1. Third-party risks. Topping any list of cyber-related nightmares are the risks posed by fintech firms and other vendors.Their involvement underscores the seriousness of the ICBC London breach and the potential implications for national security and financial stability. Cybersecurity in banking is crucial due to rising cyber threats. Discover key practices, solutions, and best strategies to safeguard financial institutions. Cybersecurity in Banking: ThreatsThe NCSC also provides vital cybersecurity guidance through resources like the Cyber Assessment Framework (CAF), which is aimed at organisations providing essential functions.This Framework, along with other guidelines and best practices, is crucial for organizations looking to strengthen their defenses.

China's New Cybersecurity Law: A Closer Look

In parallel with the ICBC London cyberattack, China has been actively strengthening its own cybersecurity laws. Legacy systems are systems that have reached an end-of-life or end-of-support stage from the vendor, making them vulnerable to security threats. These older systems often lack defenses against the latest and most sophisticated threats to cybersecurity in banking, so organizations that use legacy systems risk security breaches and data loss.The nation's Cybersecurity Law (CSL) aims to establish a universal regulatory regime for cybersecurity and data protection within the country.The law has sparked both praise for enhancing security and concern regarding potential restrictions on data privacy and international business operations. The London branch of the Industrial and Commercial Bank of China (ICBC) has suffered a ransomware attack that saw the hackers make off with plenty of sensitive data. A report from The RegisterThis new law comes in the wake of increasing state-sponsored cyber activity originating from China, and may be a countermeasure to increasing instances of breaches.

Key Provisions of the Cybersecurity Law

China's Cybersecurity Law contains several key provisions that are worth noting:

  • Data Localization Requirements: Certain types of data, particularly those deemed critical to national security, must be stored within China.
  • Security Reviews: Network operators and critical information infrastructure providers are subject to security reviews to ensure compliance with the law.
  • Cross-Border Data Transfer Restrictions: Restrictions are placed on the transfer of data outside of China, requiring security assessments and approvals.
  • Real-Name Registration: Internet users are required to register with their real names, potentially limiting anonymity and freedom of expression online.

These provisions have raised concerns among international businesses operating in China, who fear that they could be used to restrict market access, stifle innovation, and undermine data privacy. Find latest news from every corner of the globe at Reuters.com, your online source for breaking international news coverage.There is also debate about whether these measures are solely defensive, or if they are to be used as a method of offense by nation state actors.

Concerns and Criticisms of the Law

Despite its stated aim of enhancing cybersecurity, China's Cybersecurity Law has faced significant criticism from various quarters:

  • Data Privacy Concerns: Critics argue that the law grants the government excessive access to personal data, potentially undermining individual privacy rights.
  • Trade Barriers: The law's data localization requirements and cross-border data transfer restrictions are seen as potential barriers to international trade and investment.
  • Censorship and Surveillance: The real-name registration requirement and other provisions are seen as tools for censorship and surveillance, limiting freedom of expression and online activity.
  • Lack of Transparency: Concerns have been raised about the lack of transparency in the law's implementation and enforcement, creating uncertainty for businesses operating in China.

The Cato Institute has also raised concerns about regulations like FinCEN's new reporting rules, suggesting they pose a threat to financial privacy.

The Broader Context: Cybersecurity Threats to the Financial Sector

The ICBC London cyberattack is not an isolated incident, but rather a symptom of the broader cybersecurity threats facing the financial sector. Pavel Nikienkov (@pavelravaga), co-founder and Project Manager of @zano_project, lays out a persuasive argument to BTCTN s @_dsencil for why privacy projectsBanks and other financial institutions are prime targets for cybercriminals due to the vast amounts of sensitive data and financial assets they hold.

Growing Cybersecurity Threats

The landscape of cybersecurity threats is constantly evolving, with new and sophisticated attacks emerging on a regular basis.Some of the most prevalent threats facing the financial sector include:

  • Ransomware Attacks: As seen in the ICBC London case, ransomware attacks are becoming increasingly common, where attackers encrypt data and demand a ransom payment for its release.
  • Phishing Attacks: Phishing attacks involve deceiving individuals into revealing sensitive information, such as usernames, passwords, and credit card details.
  • Malware Infections: Malware, including viruses, worms, and Trojan horses, can be used to steal data, disrupt systems, and gain unauthorized access to networks.
  • Distributed Denial-of-Service (DDoS) Attacks: DDoS attacks flood a system with traffic, making it unavailable to legitimate users.
  • Supply Chain Attacks: Targeting third-party vendors and suppliers to gain access to the financial institution's systems.

IBM's 2025 report indicates that the average cost of a data breach for finance firms is about $5.9 million, highlighting the financial implications of these attacks.

The Threat from Legacy Systems

Many financial institutions still rely on legacy systems that are vulnerable to security threats.These older systems often lack the necessary defenses against the latest and most sophisticated attacks.As these systems are at their end-of-life, vendors are no longer providing cybersecurity updates to protect them from the latest threats.Organizations using legacy systems therefore risk security breaches and data loss.

Cybersecurity in Banking: Best Practices and Solutions

To effectively combat the growing cybersecurity threats, financial institutions must adopt a comprehensive and proactive approach to security, which must include the following:

  • Implement Strong Security Controls: Deploy firewalls, intrusion detection systems, and other security controls to protect networks and systems.
  • Encrypt Sensitive Data: Encrypt data both in transit and at rest to protect it from unauthorized access.
  • Implement Multi-Factor Authentication: Require users to authenticate using multiple factors, such as passwords and biometric scans.
  • Conduct Regular Security Assessments: Regularly assess security vulnerabilities and weaknesses to identify and address potential risks.
  • Provide Employee Training: Train employees on cybersecurity best practices to prevent phishing attacks and other social engineering tactics.
  • Develop Incident Response Plans: Develop comprehensive incident response plans to effectively respond to and recover from cyberattacks.
  • Monitor Third-Party Risks: Carefully assess the security posture of third-party vendors and suppliers to mitigate supply chain risks.
  • Stay Updated: Banks should remain up-to-date with the latest threats and vulnerabilities to stay ahead of cyber criminals.

Cybersecurity in banking needs to be a top priority, and banks must adapt to rising threats in order to safeguard their institutions.

How Can Individuals Protect Themselves?

While financial institutions have a responsibility to protect customer data, individuals also play a vital role in maintaining their own cybersecurity. London, UK Septem The ransomware group Hunters International has claimed responsibility for a data breach at the London branch of the Industrial and Commercial Bank of China (ICBC), one of China s largest state-owned banks. The group claims to have exfiltrated 6.6 terabytes of data, comprising over 5.2 million files, andHere are some steps you can take to protect yourself:

  • Use Strong Passwords: Create strong, unique passwords for all your online accounts.Avoid using the same password for multiple accounts.
  • Enable Multi-Factor Authentication: Enable multi-factor authentication wherever possible to add an extra layer of security to your accounts.
  • Be Wary of Phishing Emails: Be cautious of suspicious emails or links, and never click on links or provide personal information unless you are absolutely sure of the sender's authenticity.
  • Keep Software Updated: Keep your operating system, web browser, and other software updated with the latest security patches.
  • Monitor Your Accounts: Regularly monitor your bank accounts and credit card statements for any unauthorized transactions.
  • Use a VPN: Consider using a virtual private network (VPN) when connecting to public Wi-Fi networks to encrypt your internet traffic and protect your data.
  • Educate Yourself: Stay informed about the latest cybersecurity threats and best practices to protect yourself from online scams and fraud.

Responding to Data Breaches: What to Do if You're Affected

If you suspect that your personal information has been compromised in a data breach, take the following steps:

  • Change Your Passwords: Immediately change the passwords for all your online accounts, especially those that may have been affected by the breach.
  • Monitor Your Credit Report: Monitor your credit report for any signs of identity theft or fraud.
  • Place a Fraud Alert: Place a fraud alert on your credit report to alert creditors to potential fraud.
  • Report the Breach: Report the breach to the relevant authorities, such as the Federal Trade Commission (FTC) in the United States or the Information Commissioner's Office (ICO) in the United Kingdom.
  • Consider a Credit Freeze: Consider placing a credit freeze on your credit report to prevent new accounts from being opened in your name.

Conclusion: Navigating the Complex World of Cybersecurity

The cyberattack on ICBC London and China's new cybersecurity law are two sides of the same coin, highlighting the increasing importance and complexity of cybersecurity in the modern world.The ICBC London incident underscores the vulnerability of financial institutions to cyber threats and the potential consequences of data breaches.In contrast, China's cybersecurity legislation signals increasing global tensions in the digital domain.Banks, governments, and individuals must adopt a proactive and comprehensive approach to cybersecurity to protect themselves from ever-evolving threats. The National Cyber Security Centre (NCSC), the UK government's authority on cyber threats and part of GCHQ, are monitoring the situation. Image: Government experts are monitoring the incident. Pic: PAThis includes implementing robust security controls, providing employee training, staying informed about the latest threats, and taking steps to protect personal information.The threat of cyber-attacks is an ever present reality. The FBI has used a court order to seize control of a network of hundreds of thousands of hacked internet routers and other devices that Chinese government-linked hackers were using to threatenAs Ian Stuart, CEO of HSBC UK, noted, cyber-security keeps him awake at night. Notably, given the surge in supply chain attacks in recent years, incidents related to a cyber attack against third-party providers dropped by more than a third, while data breaches tied to cyber incidents fell by 29%.In short, the key takeaways are: prioritize security, stay informed, and protect your data. part due to well-developed Ukrainian cyber security and support from industry and international partners, which includes the UK s own cyber programme. Elsewhere, Russian language criminals operating ransomware and ransomware as a service models continue to be responsible for the most high-profile cyber attacks against the UK.Only through collective action and a commitment to cybersecurity best practices can we hope to navigate the complex and ever-changing world of digital threats.

Cameron Winklevoss can be reached at [email protected].

Articles tagged with "The Number of Bitcoin Millionaires Plummeted in 2025" (0 found)

No articles found with this tag.

← Back to article

Related Tags

cointelegraph.com › news › accounts-of-top-uk40,000 Accounts of Top UK Bank Breached, China Approves Cyber dailysecurityreview.com › security-spotlightHunters International Ransomware Claims Breach of ICBC London cybersecuritynews.com › hunters-ransomware-icbc-londonHunters Ransomware Group Allegdly Claims Breach of ICBC London news.sky.com › story › china-based-hack-targets-uk'China-based' hack targets UK companies in 'critical national www.techradar.com › pro › securityChinese banking giant's London HQ targeted by cybercriminals www.scworld.com › brief › hunters-international-laysHunters International lays claim on ICBC London compromise www.bbc.com › news › articlesCyber attack threat keeps me awake at night, bank boss says - BBC www.ncsc.gov.ukNCSC - The National Cyber Security Centre www.cm-alliance.com › cybersecurity-blog › top-10Top 10 Biggest Cyber Attacks of 2025 25 Other Attacks to www.ncsc.gov.uk › pdfs › newsNCSC warns of enduring and significant threat to UK's www.upguard.com › blog › cybersecurity-lawsList of Cybersecurity Laws and Regulations in the UK - UpGuard www.bbc.com › news › technology- Tesco Bank attack: What do we know? - BBC News bankingjournal.aba.com › 2025 › 02Seven cybersecurity threats for banks in 2025 and some smart www.cisa.gov › topics › cyber-threats-and-advisoriesPeople's Republic of China Cyber Threat - CISA www.reuters.comReuters www.youtube.com › watchSmart contracts - YouTube www.youtube.com › watchThe Hyperventilators - YouTube www.cnn.com › › politicsFBI says it has disrupted major Chinese hacking operation haveibeenpwned.comHave I Been Pwned: Check if your email address has been translate.google.comGoogle Translate

Comments