InfoSecBulletin Cybersecurity for mankind
Russia’s two largest pharmacy chains halted operations in several regions on Tuesday due to cyberattacks that affected their digital systems and took their networks offline.
The closures of Neopharm and Stolichki have affected over 1,100 pharmacies in more than 80 cities in central Russia, making it difficult for customers to access prescriptions, medication reservations, loyalty programs, and point-of-sale systems.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Stolichki, the larger of the two networks with over 1,000 locations, operates in Moscow, St. Petersburg, and the Leningrad, Tula, and Vladimir regions.
Notices posted to the company’s website apologized for the disruption and promised that “unavailable features would be restored soon.”
Neopharm, operating over 110 pharmacies in Moscow and St. Petersburg, faced shutdowns due to nonfunctional IT systems, forcing employees to go home.
Initially, the chains cited “technical reasons” for the outages. Stolichki later confirmed that the suspensions were caused by a cyberattack and that restoration efforts were underway.
Mash, a Telegram news channel, reports that all Stolichki stores in Moscow have completely shut down, with cash registers and accounting systems disabled.
Employees were put on unpaid leave while the company evaluated the situation. Sources indicated that the outages might last for two days.
Until mid-2022, Yevgeny Nifantiev, a businessman and former State Duma deputy, fully controlled Stolichki and Neopharm. After being sanctioned for supporting Russia’s invasion of Ukraine, he transferred his stake to the Zdravinvest mutual investment fund.
Sergei Shulyak, CEO of DSM Group, stated that certain fund structures can protect against secondary sanctions, enabling sanctioned individuals to indirectly control their business while separating themselves from direct ownership.
The pharmacy outages followed closely on the heels of another major cyberattack, this time against flagship airline Aeroflot.
On Monday, the Ukrainian group Silent Crow and Belarusian group Cyber Partisans took credit for destroying 7,000 Aeroflot servers, disrupting operations at Moscow’s airports and nationwide.
Russia’s Prosecutor General’s Office confirmed that Aeroflot’s system failures stemmed from unauthorized access.
The Cyber Partisans stated that the airline was still using the outdated Windows XP system and that CEO Sergei Aleksandrovsky hadn’t changed his password since 2022.
