AI-Hacking Threat Pushes $130B Crypto Sector to the Brink

AI-Hacking Threat Pushes $130 Billion Crypto Sector to the Brink

The crypto hacks came a little over two weeks apart in April, netting the attackers almost $600 million in total while triggering an investor exodus from one major platform and causing another to fail.

But for all the damage the two exploits wrought, what most alarmed cybersecurity experts was how the hackers pulled them off. The attackers — widely believed to be North Korea-linked groups — appear to have used artificial intelligence to select targets and design exploits, according to blockchain forensics firm TRM Labs.

The heists displayed such a leap in sophistication that it’s highly likely the hackers worked with the help of AI, said TRM investigator Nick Carlsen, who specializes in North Korean crypto crime.

AI in criminal hands would mark a sharp escalation of the threat facing crypto, which has lost billions of dollars to hacks over the past few years. The industry is uniquely exposed to digital theft because of the nature of the blockchain infrastructure it operates on.

American Lending Center Data Breach Affects 123,000 Individuals

American Lending Center this week revealed that a data breach discovered last year has impacted more than 123,000 individuals.

American Lending Center (ALC) is a California-based non-bank lender that manages a $3 billion portfolio specializing in government-guaranteed small business loans.

The organization is notifying individuals affected by the data breach that information such as names, dates of birth, and SSNs may have been stolen in a ransomware attack detected in July 2025.

“Through a forensic investigation into this breach, it was discovered that the threat actor compromised internal network, executed a ransomware attack, and accessed certain files that may have contained personal identifying or sensitive information,” ALC said in its notification to impacted customers, a copy of which was submitted to the Maine attorney general’s office.

The investigation was completed on April 8, and ALC has found no evidence that the potentially compromised information has been misused.

Five steps to protect your organisation from AI-powered cyber threats

Cyber criminals are increasingly using artificial intelligence (AI) to carry out attacks that are faster, more advanced and harder to detect. From AI-generated phishing emails that impersonate trusted contacts, to automated tools that scan for and exploit software vulnerabilities, the threat landscape is evolving rapidly.

With this scale and sophistication, cyber security must be a shared responsibility across every part of the economy. As the data protection regulator, we can provide clear expectations and practical support, but all organisations must take proactive steps to prepare themselves for emerging threats.

By investing in cyber resilience and ensuring appropriate security measures are in place, you can build public trust and confidence in how your organisation protects the personal data you hold.

Here are five practical steps you can take today to strengthen your resilience to AI-powered threats.

West Pharmaceutical starts restoring operations after ransomware attack

West Pharmaceutical Services on Wednesday said it has contained a ransomware attack it suffered earlier this month and is restarting critical systems, including manufacturing, receiving and shipping, at certain locations, according to an update on its website.

The Exton, Pa.-based company, one of the world’s leading makers of drug-delivery devices and solutions, confirmed that data was stolen and encrypted in the attack, in a Monday filing with the Securities and Exchange Commission.

The company said it discovered unusual activity on its network on May 4, taking systems offline as a precaution, and had hired outside forensic experts and notified law enforcement.

The initial shutdown and isolation of the affected infrastructure blocked access to enterprise systems, which temporarily disrupted global business operations.

Esse Health Agrees to Pay 2.53M to Settle Data Breach Lawsuit

American Multispecialty Group, doing business as Esse Health, a Missouri-based independent physician group serving the greater St. Louis area, experienced a cyberattack and data breach in April 2025. Esse Health faced multiple class action lawsuits in response to the data breach, and the consolidated class action lawsuit has recently been settled. Esse Health has agreed to pay $2,525,000 to resolve the lawsuit.

The cyberattack was detected by Esse Health on April 21, 2025, and the forensic investigation confirmed that the hackers obtained sensitive data such as names, addresses, birth dates, health information, and health insurance information. Around 5,000 individuals also had their Social Security numbers compromised in the incident. The data breach was reported to the HHS’ Office for Civil Rights as involving the electronic protected health information of 23,671 patients; however, the data breach was much more extensive. The Maine Attorney General was informed that the breach affected 263,601 individuals. The lawsuit states that approximately 521,167 individuals were affected.

Spotting third-party cyber risk before attackers do

In this Help Net Security video, Jeffrey Wheatman, SVP and Cyber Strategist at Black Kite, discusses how organizations can identify and manage third-party cyber exposures before attackers exploit them.

He argues that businesses should move beyond a data-loss mindset toward one centered on resilience, meaning keeping operations running when vendors or partners get hit.

Wheatman walks through practical steps: engaging business stakeholders early, scoping which third parties are business critical, retiring outdated questionnaire-based assessments, and running quick pre-assessments tied to data sensitivity and breach history. He covers concentration risk, cascading exposures from fourth and fifth parties, and governance gaps that leave key decisions unowned.