When cybersecurity makes headlines, it’s usually because something big has happened. This round up explores different stories such as leaked staff data, ransomware attacks, and – on a brighter note – the sentencing of a key member of a cybercrime group.

Here’s a rundown of these incidents and what they mean for you.

Bragg Gaming Group Cyberattack: Internal Systems Accessed, Operations Continue

Casino-tech firm Bragg Gaming Group confirmed attackers had accessed parts of its internal systems. The company says day-to-day operations weren’t affected and early checks show no customer or staff data was hit.

Bragg has called in external experts, hasn’t named a method or group, and added that ransomware doesn’t appear to be involved since nothing was locked.

What’s the Implication of this?

Even if no personal data leaks out, intruders inside corporate systems can still view sensitive material – like code, strategy documents, or partner files. If left unchecked, that access can fuel scams and set up future breaches.

What You Can Do

While it's still not clear how this breach happened, we recommend the following safety measures:

• Train employees on how to spot phishing emails and various social engineering attempts.

• If you reuse passwords (kindly stop this habit), change them and enable 2FA on key accounts.

• Third-party vendors/partners should review who can access shared folders and revoke old access.

While this was contained internally, another case shows how detailed staff directories can be lifted and abused.

Intel “Intel Outside” Directory Exposure: ~270,000 Employee Records

Security researcher Eaton says he found a way to pull data from Intel’s internal “business card” site and connected systems, exposing details on about 270,000 employees worldwide. 

The information included names, job titles, managers, phone numbers, and addresses. Intel fixed the issue by February 28, 2025, but the public write-up only went live on August 19. According to Eaton, it didn’t qualify for Intel’s bug bounty because of the programme’s scope rules.

What’s the Implication of this?

Even though this wasn’t a criminal leak, the same data in the wrong hands could make phishing more convincing. Imagine getting a message that mentions your actual manager or team – it’s harder to ignore.

What You Can Do

• Verify any “HR/IT/manager” request through a known channel before replying.

• Limit how widely internal directories are shared; trim fields that aren’t essential

• Be wary of SMS or email password resets that name your team/role. 

Meanwhile, a telecom provider in the UK limited systems to protect customers after an attack claim from a newer ransomware group.

Colt Technology Services (UK): Support Systems Taken Offline After Attack

Colt Technology Services spotted an issue on Tuesday, August 12, 2025 and took parts of its systems offline, hitting the Colt Online portal and Voice API platform. 

The company says the affected setup is separate from customer networks and that it’s already alerted authorities. Meanwhile, the Warlock ransomware group has claimed responsibility, saying it has “a million documents” for sale. For now, Colt is asking customers to use phone or email while it works on bringing the portals back online.

What’s the Implication of this?

Even if the main networks stay up, outages in support tools can spill over into billing, provisioning, and ticketing. That opens the door for fake invoices and “urgent” account-change scams aimed at customers.

What You Can Do

• Contact Colt only via the official phone/email channels it provided; ignore pop-up sites.

• Rotate any credentials or keys previously shared in tickets if practical.

• If you are part of the finance department/team, verify invoice/payment changes with a second, trusted contact. 

Scattered Spider Hacker Sentenced: Florida Man Gets 10 Years

A 20-year-old Florida man has been sentenced to 10 years in prison for his role in the Scattered Spider cybercrime group.

Noah Michael Urban, also known online as “Sosa” and “King Bob,” admitted to wire fraud and identity theft tied to SIM-swapping schemes. 

Prosecutors say Urban and his associates stole at least $800,000 from victims’ crypto accounts between August 2022 and March 2023. He was also ordered to pay $13 million in restitution and will serve three years of supervised release.

Investigators link Urban to both Scattered Spider and the Star Fraud group, which carried out high-profile attacks on MGM Resorts and Caesars Entertainment.

What’s the Implication of this?

While one member is now behind bars, Scattered Spider continues to operate under different names and remains active against retailers, insurers, and tech firms. Individual arrests may slow attacks but rarely dismantle the wider networks.

What You Can Do

• Be alert for SIM swap risks: contact your carrier to set up a PIN or port-freeze on your account.

• Enable multi-factor authentication that doesn’t rely solely on SMS codes..

Cybersecurity isn’t just about firewalls and software; it’s about people. The threats affect everyone from individual employees to customers, and the fight is waged by everyone from security teams to law enforcement.

Staying safe often comes down to simple steps: verify requests, limit data exposure, and turn on two-factor authentication.

At Cyberkach, we want to help you stay safe with training and clear, actionable steps.

Visit the Cyberkach Blog for tips on protecting yourself and your business from cyber risks. Contact us for Cybersecurity awareness training in your organisation.