Europe
French bank account registry (FICOBA)
The French Ministry of Finance disclosed a data breach affecting information tied to more than 1.2 million accounts in the national bank account registry, known as FICOBA.
In late January, a threat actor used credentials stolen from a civil servant with access to an interministerial information-sharing platform. This access allowed the attacker to access part of a database containing records for all bank accounts opened at French banking institutions. The compromised data includes bank identity details (RIBs), international bank account numbers (IBANs), account holder identities, physical addresses, and, in some cases, taxpayer identification numbers.
The ministry said it acted immediately to restrict the threat actor’s access after detecting the incident. However, it was unable to prevent the exposure of data linked to approximately 1.2 million accounts, which may have been exfiltrated.
SourceHow it could affect your business
Email threats, such as business email compromise (BEC) and account takeovers (ATO), are becoming harder to detect as attackers use AI to craft highly convincing messages that trick users into revealing sensitive information, including login credentials. Organizations must strengthen user awareness while also deploying advanced technologies, including Gen AI-driven detection, to identify such attempts and prevent credential abuse before it escalates.
Europe
Deutsche Bahn
Germany’s national rail operator, Deutsche Bahn, suffered a significant distributed denial-of-service (DDoS) attack that severely impacted its IT systems and operations.
The attack began on February 17 and continued into February 18, making key systems such as bahn.de and the DB Navigator app inaccessible. The disruption led to service interruptions and delays nationwide.
Deutsche Bahn has since reported that its systems have largely stabilized. The individuals behind the attack and their motives remain unknown.
SourceHow it could affect your business
Cybercriminals, especially nation-state actors, increasingly target critical public infrastructure with DDoS attacks designed to disrupt essential services and undermine public trust. Organizations operating vital systems should implement DDoS mitigation services, maintain network traffic monitoring and establish incident response plans that allow rapid traffic filtering and failover to minimize operational disruption.
Europe
Eurail B.V.
In another incident affecting public transportation infrastructure, Eurail B.V. confirmed that traveler data stolen in an earlier breach this year is now being offered for sale on the dark web.
Eurail B.V., known as Interrail to EU residents, is a Netherlands-based company that manages and sells the Eurail Pass, enabling international rail travel across Europe with a single ticket. In mid-January, the company disclosed a data breach exposing customer information, including names, dates of birth, passport or ID details, email and postal addresses, country of residence, phone numbers, international bank account numbers and certain health-related data. The company has now confirmed that the stolen data is being offered for sale on the dark web, with a sample data set reportedly published on Telegram.
Eurail B.V. said customers whose data may have been accessed or published will be contacted directly where possible. In the meantime, the company has urged customers to remain vigilant against suspicious calls, emails or messages requesting personal information.
SourceHow it could affect your business
A breach involving this volume of personal data creates prime conditions for social engineering attacks. Threat actors can use verified identity, travel and banking details to craft highly convincing phishing messages and impersonation attempts. Organizations should continuously educate users to recognize suspicious outreach before it escalates further.
North America
Figure Technology Solutions, Inc.
A data breach at blockchain-based fintech giant Figure Technology Solutions, Inc. reportedly affected nearly 1 million customers.
On February 13, Figure confirmed a data breach after an employee was tricked in a social engineering attack, allowing hackers to access and steal a limited number of files. According to Troy Hunt, a security researcher and founder of the data breach notification site Have I Been Pwned, the incident allegedly impacts 967,200 customers. The exposed data reportedly includes unique email addresses linked to customers, along with names, dates of birth, physical addresses and phone numbers.
The company has not yet publicly responded to the researcher’s claims about the scope of the compromised data.
SourceHow it could affect your business
Social engineering remains one of the most effective entry points for attackers because it exploits human trust rather than technical flaws. Organizations should go beyond basic phishing training to conduct regular, realistic simulation exercises, reinforce verification protocols for sensitive requests and create clear reporting channels so suspicious activity is escalated immediately. Consistent reinforcement helps turn employees from potential entry points into active defenders.
Africa
Air Côte d'Ivoire
Air Côte d’Ivoire, the primary airline serving the West African nation of Côte d’Ivoire, was hit by a cyberattack earlier this month.
In a statement released Friday, February 20, the airline confirmed that hackers breached its systems on February 8. The attack affected parts of its information system, requiring technical teams to assist with flight operations and related services. Last week, the INC ransomware group claimed responsibility and alleged it stole 208 GB of data from the airline.
Emergency response teams and international experts have since been engaged to investigate the incident and assess the extent of the breach at the airline, which is partially owned by Air France.
SourceHow it could affect your business
This incident is another example of threat actors increasingly targeting companies that hold vast amounts of customer data. When such organizations are compromised, stolen information can be leveraged in follow-on phishing, fraud or impersonation campaigns, raising the risk of additional identity and financial fraud.
