Is this email difficult to read? View it in a web browser. ›
The Wall Street Journal ProThe Wall Street Journal Pro

CybersecurityCybersecurity

Sponsored by Zscaler logo.

How Hackers Are Turning Tech Support Into a Threat

By Kim S. Nash
 

Hello. Hackers in recent months have disrupted retail sales in the U.K. and U.S. and stolen hundreds of millions of dollars from crypto holders by targeting the outsourced call centers that many American corporations use to save costs.

The hacks are often meticulously researched and use a variety of techniques, but they have one thing in common: low-level workers who staff call centers and have access to the kind of sensitive information that criminals need to commit crimes. Read the full WSJ story. 

Also today: 

  • Temu in U.S. crosshairs; TikTok gets another reprieve
  • Iran says it is besieged by hacks
  • Krispy Kreme breach is wide and deep
  • Is the mother of all breaches anything new? 
  • And more
 

‏‏‎ ‎
CONTENT FROM: Zscaler
Why Ransomware is Winning Despite Billions Spent on Security

Like a bank robbery, ransomware attacks find weaknesses, break in, move laterally, and steal or encrypt data. Attacks succeed because companies rely on firewalls as their primary defense. Firewalls expose public IPs, inviting attacks. Once breached ransomware quickly spreads. Zscaler CEO Jay Chaudhry shares insights on how embracing Zero Trust AI stops ransomware at all four stages of an attack.

Watch Now

 

More Cyber News

PHOTO: LONG WEI/UTUKUA/ROPI/ZUMA PRESS

When China-owned bargain site Temu last week entered into a data-storage deal with Oracle, the move echoed TikTok’s travails in trying to address U.S. data-privacy concerns. Hours before Temu confirmed the Oracle agreement, Nebraska Attorney General Mike Hilgers filed a lawsuit accusing Temu of using malware to siphon off Nebraskans’ personal data. (WSJ)

President Trump gave TikTok another 90-day reprieve Thursday, issuing an executive order deferring enforcement of the 2024 law requiring the Chinese-controlled video app to be sold or shut down for national security reasons. (WSJ)

Iran shuts down internet, phone service. The communications-tech blackout begun Thursday is intended to curtail cyberattacks from Israel, said Iran's Ministry of Communications and Information Technology. (Bloomberg)

  • Further reading from WSJ Pro Cybersecurity: Companies Warned On Iranian Cyberattacks

PHOTO: ANGUS MORDANT

/BLOOMBERG

Doughnut chain Krispy Kreme disclosed details about the information stolen in a late-2024 cyberattack. More than 161,000 current and former employees or their families were compromised. 
  • Not all data elements were accessed for all people affected, the company said but the compilation includes: financial account details and access information; credit or debit card information in combination with a security code, username and password; digital signature; biometric data; and medical information. 

Oldies but goodies: You might have heard about the recent breach of 16 billion credentials, with some in the cyber realm calling it the "mother of all breaches." That term and the bits of compromised information aren't new. The trove appears to be a collection of previously breached data available online, in some cases, for years. Still, slicing and dicing breached data can lead to victims getting scammed in new ways. (Bleeping Computer)
5,418,866

Number of people whose medical and other personal data was compromised in a hack at health services provider Episource early this year.
 

Executive Insights

Our weekly roundup of stories from across WSJ Pro that we think you'll find useful
  • An Austin startup has U.S. clearance to build a “guideway” on which autonomous hybrid shuttles would ferry freight between Mexico and Texas in an effort to speed up trade.
  • Private equity accounts for about half of the companies in the “shadow IPO pipeline,” setting the stage for what could be a busy second half of companies going public.
  • An Israeli startup is rethinking how to tackle two of the planet’s most stubborn environmental threats—toxic algae that can lead to dead zones in oceans and rising carbon levels.

ILLUSTRATION: THOMAS R. LECHLEITER

The latest must-see news for the ad industry doesn’t come from the usual suspects. Geno Schellenberger and Jack Westerkamp, both 27 years old, run down headlines on their low-fi, high-energy series for Instagram, LinkedIn and an email newsletter.
 

About Us

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten, James Rundle and Catherine Stupp. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.
 
Share this email with a friend.
Forward ›
Forwarded this email by a friend?
Sign Up Here ›
 
Desktop, tablet and mobile. Desktop, tablet and mobile.
Access WSJ‌.com and our mobile apps. Subscribe
Apple app store icon. Google app store icon.
Unsubscribe   |    Newsletters & Alerts   |    Contact Us   |    Privacy Notice   |    Cookie Notice
Dow Jones & Company, Inc. 4300 U.S. Ro‌ute 1 No‌rth Monm‌outh Junc‌tion, N‌J 088‌52
You are currently subscribed as [email address suppressed]. For further assistance, please contact Customer Service at pro‌newsletter@dowjones.com or 1-87‌7-975-6246.
Copyright 2025 Dow Jones & Company, Inc.   |   All Rights Reserved.
Unsubscribe