Sri Lanka Cyberattack, SilentGlass Threat Defense, Rituals Data Breach – Cybersecurity News [April 20, 2026]
Here’s a quick roundup of the most important cybersecurity stories from last week, highlighting data risks, major breaches, and significant developments shaping the cybersecurity space. A group of threat actors managed to break into the systems of the Sri Lankan finance ministry. Meanwhile, the NCSC revealed a brand new technology to safeguard monitors from cyberattacks. The cosmetic giant Rituals fell prey to a threat attack that led to a customer data breach. Also, a French identity document agency got targeted by cybercrooks recently.
SPF verifies sender IP authenticity, DKIM ensures message integrity, and DMARC enforces policies to prevent spoofing and protect email security.
Sri Lankan finance ministry attacked by cybercrooks!
The External Resources Department of the Sri Lankan Finance Ministry just got hacked by a group of threat actors. The hackers managed to access the computer system of this department and stole a whopping $2.5 million. The same fund was to be utilized for bilateral debt repayment to Australia.
Sri Lankan authorities feel that the threat attack was carried out back in January 2026. However, they noticed the theft recently, when the Australian creditor complained about incomplete debt payment. The authorities became fully aware of the cyber heist only after the hackers attempted to divert the payments that were due to India.
A strict investigation is underway. Four senior officers have also been suspended. Meanwhile, the department is seeking guidance from international law enforcement agencies. Experts are trying to recover the stolen funds.
Matthew Ducksworth, the Australian High Commissioner in Sri Lanka, has assured that Australia will be assisting the investigation process.
This threat attack is a huge blow to Sri Lanka’s already wobbling economy.
Revolutionary SilentGlass unveiled by NCSC to prevent threat attacks!
A revolutionary technology has been unveiled by the UK National Cyber Security Centre (NCSC) on April 22. This tech will successfully prevent monitors from threat attack incidents. SilentGlass, the plug-and-play device, has been revealed at CYBERUK (the annual conference that revolves around cybersecurity). The device has been designed in association with Goldilock Labs and Sony UK.
This modern gadget is used to block any kind of suspicious or unexpected activity that takes place between the DisplayPort connections or HDMI and the monitor screens. The best part about this device is that NCSC claims it is fully functional and successful even in high-risk cyber threat ecosystems.
The NCSC has already been using SilentGlass for government organizations. Now, the device is available to the general public as well.
Since monitors store and process sensitive, valuable data, they are a highly sought-after target for threat actors. This is why the latter often tries to abuse monitors to break into systems and carry out fraudulent activities for monetary gain or to create disruption and chaos.
The plug-and-play device, SilentGlass, exactly caters to this issue. It is now globally available at affordable pricing to mitigate cyber threats.
Cosmetics brand Rituals’ data breach incident exposed customer membership records to cybercrooks!
Rituals, the cosmetics brand, recently experienced a data breach incident. The threat attack resulted in the customer’s personal data being exposed to threat actors. Rituals shared about the cyber mishap last Wednesday were communicated via emails sent to the affected customers.
The cosmetics brand has acknowledged unauthorized downloads of customer data in April. The compromised data includes a crucial set of information, such as names, DOBs, email addresses, phone numbers, etc., of the Rituals customers. Although the attack has impacted its global customer base, a major chunk of the affected customers are from the US.
There has been no clarity yet on the nature of the threat against Rituals. A stringent investigation is underway to gather more details about the threat.
What’s concerning is that there are over 41 million customers in Rituals’ affected membership database. The cosmetics brand has been tight-lipped about the exact number of members impacted by the cyberattack.
French identity document agency targeted by threat actors!
Hackers have targeted the National Agency for Secure Documents of the French government on April 15. This website manages driver’s licenses and identity documents. The Interior Ministry is apprehensive that the breach might have exposed some of the personal information to the hackers. The ANTS website offers services like application processing for national identity cards, passports, residence permits, and so on.
Initial level of investigation suggests that sensitive data like names, login credentials, dates of birth, places of birth, postal addresses, unique identifiers, etc., might have been compromised.
The authorities have confirmed that the breached data does not include any kind of attachments that might have been submitted along with the applications. Also, the leaked data does not give the hackers any kind of access to the ANTS portal accounts.
There’s yet no clarity around the exact number of users whose data was compromised in the threat attack incident. Also, the nature and origin of the cyberattack are still unknown. An investigation is underway to understand the scope of the cyber mishap and mitigate the extent of damage. Also, additional security measures are being deployed to ensure seamless service continuity and bolster existing data security mechanisms.
There has yet to be any confirmation around the culprits of the cyber mishap. Also, the authorities have not shared any potential motive for this kind of cyberattack.
This attack is just a part of a series of threats that have been targeting French public institutions in recent times.
Last week, personal data of some of the French students was compromised, as confirmed by the French Education Ministry. The breach happened because of a threat attack on the French student account management system.
In February 2026, cybercrooks were able to break into the network of the French National Bank Accounts File. This database consists of the records of all the bank accounts across the nation. The threat attack exposed highly sensitive data that includes information on 1.2 million bank accounts.