Editor's Message

Welcome to DBD. 2024 was a tough year for me personally, and I'd like to thank every one of you who has supported me - you have been my light in times of darkness. 2024 saw the highest number of ransomware attacks on record, and there's no sign of these attacks slowing down as we head into the new year. Ransomware is a BIG problem that is NOT going away anytime soon, and this year could be just as catastrophic, if not worse, as cyber criminals continue to extort their victims with very little chance of being brought to justice. Wishing you all the very best for 2025. Stay safe. :)


“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC



Monday, 6 January 2025

Data Breaches Digest - Week 2 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 6th January and 12th January 2025.


12th January

AI-powered scams: Protect yourself in the new era of hyper-personalized phishing

ASML-Backed Dutch University Suspends Classes After Cyber Attack

AudioPrints.com Database Reportedly Compromised

Eindhoven University of Technology (TU Eindhoven) takes network offline after cyber attack

Italy Attacked by Pro Palestine Hackers Movement

Kaspersky Reveals AI Dangers In Perfecting Phishing Fraud

Local schools affected by PowerSchool data breach

Magic Unveiled: Happy Magic Trick Shop Database Reportedly Leaked

Manitou Springs School District 14 joins District 49 in 'PowerSchool' data breach

Massive Database Leak Offered Online in Controversial Forum Post

Massive Vehicle Dealer Customer Data Leak Reported in China

Nationwide data breach affects student, staff information at Vermont schools

New Gmail Cyber Attack Confirmed - Encryption Key Hackers Strike

New hacker attacks on Italy: banks, ports and companies targeted

PayPal Phishing Attacks: New Cybersecurity Threat Explained

Phishing texts trick Apple iMessage users into disabling protection

PowerSchool data breach exposes millions of student and teacher records

Sensitive User Information from PingMoney Database Reportedly Exposed

Text scammers resorting to new tactics to get you to enable phishing links

TU Eindhoven network taken offline after cyber attack, no classes on Monday

11th January

A novel PayPal phishing campaign hijacks accounts

Bank of America Notifies Loan Customers of Data Breach

Bartholomew Consolidated School Corporation (BCSC) investigating PowerSchool data breach

Blockchain User Data Leak Sparks Security Concerns

ByteDance used TikTok data before to spy on Americans, US says in Supreme Court showdown

Chile: Data Breach Reported at Informaticarecoleta.cl

Data breach linked to school software provider affected these MetroWest districts

Data Breach Reported at DuxHumanHealth.com

Department of Justice (DoJ) Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering

Fake CrowdStrike Recruiters Distribute Malware Via Phishing Emails

Fake LDAPNightmware exploit on GitHub spreads infostealer malware

Fake Proof-of-Concept (PoC) Exploit Targets Cybersecurity Researchers with Malware

Global data breach impacts Garfield Re-2 School District data

Helena Public Schools impacted by nationwide data breach

Israel Defense Forces (IDF) Medical Records Leak Raises Security Concerns

Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation

Muddling Meerkat Linked to Domain Spoofing in Global Spam Scams

New PayPal Security Warning - $2,000 ‘Phish-Free’ Attacks Ongoing

Pakistan: Data Breach Reported at Horizon Oil

PayPal Users Warned About Sophisticated Cyber Attack Targeting Accounts

Power School data breach potentially exposes personal information of millions of students, includes Ohio

Sensitive Financial Data at Risk: U.S. Treasury Reportedly Breached

User Security Under Threat: Coinbase Reportedly Faces Data Breach

Which Norwich area school districts were affected by the PowerSchool security breach?

10th January

A Massive Mobile Location Data Hack May Have Risked Gay People’s Safety

A new phishing campaign leverages fake Zoom meeting links

5 Red Flags to Recognize Phishing Attempts

Action Fraud issue new alert warning to look out for unusual messages or phishing emails from hotel accounts using the Booking.com platform

Action Fraud issues Booking.com phishing alert

AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics

Allianz Life Insurance Company Data Breach Leaks Policyholder Information

Australian Financial Complaints Authority (AFCA) provides update to victims of Latitude cyber-attack

Banshee Stealer Hits macOS Users via Fake GitHub Repositories

BayMark Health Services Notifies Patients About October Ransomware Attack

BayMark Health Services Reports Data Breach, Exposing Patient Information

Brant Catholic school board hit in ‘cybersecurity incident’

Canadian schools hit by data breach

Cannabis company Stiiizy says hackers accessed customers’ ID documents

Cell C was hit by ransomware gang

Central Alberta school divisions impacted by PowerSchool data breach

China: Online Gambling Platform User Data Exposed

China hacked US Treasury’s CFIUS, which reviews foreign investments for national security risks

Colombia: Data Breach Reported at lecoqsportif.com.co

Comparitech reveals drop in ransomware attacks in 2024, though breached records may increase

Critical National Infrastructure is at risk from ransomware: Peer networks are critical

CrowdStrike spoofed in recruitment phishing scam

CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer

Cyber-attack on UGKK Biggest in Slovak History

Cybercriminals Use Fake CrowdStrike Job Offers to Distribute Cryptominer

Data breach: What we know so far about the third-party system used by local school districts

Data breach disclosed by BayMark Health Services

Data breach impacts North Dakota K-12 education system

Data from several central Ohio school districts compromised in PowerSchool data breach

Dealing a lasting blow to a ransomware ring

District 65 affected by massive data breach

Downloading software illegally? You might want to check your bank account

Eastern Idaho Public Health reports insider data breach involving unauthorized access to medical records

Education impacted by fewer ransomware attacks in 2024

Fake CrowdStrike 'Job Interviews' Become Latest Hacker Tactic

Fake Proof-of-Concept (PoC) Exploit Targets Security Researchers with Infostealer

Folsom-based PowerSchool data breach exposes info of local students, schools nationwide

FunkSec – Alleged Top Ransomware Group Powered by AI

FunkSec ransomware chases notoriety with AI-assisted code

Gerber Life Insurance Files Notice of Data Breach Following Unauthorized Access to Call Center Systems

Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices

Gravy Analytics Breach Leaks Sensitive Location Data from Millions of Popular Apps

Hacker claims breach of Gravy Analytics: 1.4GB of data allegedly leaked

Hacker stole customer data from U.S. rugby team Green Bay Packers' merchandise website

Hackers Attack PowerSchool, Expose K-12 Teacher and Student Data

Hackers Claim Breach of Russian Property Agency, Leak Personal Data

Hackers target HCF nursing homes. What patient information was exposed

Heavy Construction Systems Specialists Targeted in Ransomware Attack, Leading to Data Breach

How a ransomware attack works

How AI will transform cybersecurity in 2025 - and supercharge cybercrime

How CISA Is Fighting Back Against Rising Threats in Schools

How to spot and stop phishing emails

Important Preventative Strategies for Avoiding and Recovering from Ransomware Threats

India: Supreme Court Warns Public About Fake Mimic Websites Following Phishing Attacks On IAS Officers

Insurance Authority warns of rising phishing scams in Hong Kong

Ivanti Urges Patch for Flaws in Connect Secure, Policy Secure and ZTA Gateways

Job-seeking devs targeted with fake CrowdStrike offer via email

Lancaster City Schools part of PowerSchool data breach that affected several Ohio districts

Laramie County Library System Targeted by Ransomware Attack

London Catholic school board says student, staff info compromised in widespread cyber attack

Major Addiction Treatment Firm BayMark Confirms Ransomware Attack Caused Data Breach

Marijuana dispensary STIIIZY warns of leaked IDs after November data breach

Medical billing firm Medusind says 2023 cyber attack impacted over 360,000 people

Medusind Breach Exposes Sensitive Patient Data

Mid-Michigan school records impacted by data breach

Mission Bank Files Notice of Data Breach with California Attorney General

Nebraska schools warning parents about PowerSchool data breach targeting student information

New amateurish ransomware group FunkSec using AI to develop malware

New Gmail Cyber Attack Warning As Private Key Hackers Strike

New Web3 attack exploits transaction simulations to steal crypto

New York sues to recover $2 million in crypto stolen in remote job scams

NSO ruling is a victory for WhatsApp, but could have a small impact on spyware industry

OneBlood Experiences Data Breach Following Cyberattack

Packers Pro Shop website hacked in data breach

PayPal Phishing Campaign Employs Genuine Links to Take Over Accounts

PayPal Security Warning - $2,000 ‘Phish-Free’ Phishing Attack Confirmed

Phishing Campaign Used CrowdStrike Recruitment as Lure

Phishing Threats, GenAI Among Top Cybersecurity Risks in 2025

PowerSchool Data Breach Impacts Howell Public Schools

PowerSchool data breach leaks info of students and staff at schools across the US

PowerSchool data breach may include some students’ social security numbers

Preventing the next ransomware attack with help from AI

Printing error results in potential Veteran Affairs data breach

Rainy River public school board investigating data breach

Ransomware attack likely responsible for IT crisis at Starkville-Oktibbeha Consolidated School District (SOCSD)

Ransomware Gets Smarter: HexaLocker V2 Introduces Powerful New Mechanisms

Ransomware Hits on Education Reduced in 2024

Ransomware threat: Finance’s 4-part defence role

Rapides student, employee information dating back to 1995 part of PowerSchool data breach

Record-breaking ransomware year

RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns

Rhode Island: State mails letters to Rhode Island residents impacted by major data breach

Rhode Island: State sends official letters to individuals impacted by RIBridges data breach

Russia to Sell $95 Million Worth of Bitcoin Amid Infraud Hacker Group Fallout

Russian nationals arrested by US, accused of running crypto mixers Blender and Sinbad

School districts across central Ohio hit by nationwide data breach

School software provider is the latest target of major hack of personal data

Several Massachusetts school districts informed of PowerSchool data breach

Simcoe Muskoka Catholic school board impacted by data breach

Slovakia Hit by Historic Cyber-Attack on Land Registry

Slovakia’s land registry hit by biggest cyberattack in country’s history, minister says

Spain: 23 Million Citizens’ Data Reportedly Exposed Online

Stillwater Area Public Schools report data breach on Tuesday night

STIIIZY data breach exposes cannabis buyers’ IDs and purchases

Strengthening defences against the evolving threat of ransomware

Supreme Court of India Targeted by Phishing: 15 Fake Websites Impersonate Official Portal

Supreme Court of India under phishing attack; cyber crooks create multiple fake URLs

Substance Use Treatment Giant BayMark Reports Patient Data Breach

Swedish Gambling Authority (SGA) denies Spelpaus data breach following Casino Papers report

Swedish gambling regulator denies reports of Spelpaus data breach

Swiss federal administration hit by hacker attack

T-Mobile Sued Over Massive Data Breach That Leaked Sensitive Info on 79,000,000 Americans

Telefónica confirms internal ticketing system breach after data leak

Thailand: Department of Mineral Fuels Data Breach Raises Security Alarms

The biggest addiction treatment provider in the US says it was hit by data breach

The Green Bay Packers online store breached, customer information compromised

The North Los Angeles County Regional Center Files Notice of Data Breach Following Apparent Ransomware Attack

The Rising Costs of Data Breach Litigation

The State bank of India (SBI) fake banking app shows that SMS authentication has had its day

The Swedish Gambling Authority refutes claims of a data breach

Thousands of current, former New Trier High School students impacted by data breach

Top CISO Focuses for Navigating Cybersecurity in 2025

Town of Webster hit by $520K phishing scam

Treasury hackers also breached US foreign investments review office

University Hospitals agreed to pay patients affected by a data breach

US charges operators of cryptomixers linked to ransomware gangs

US government charges operators of crypto mixing service used by North Korea and ransomware gangs

US to Sell 69,000 Bitcoins Taken From Hacker, But It Could Affect Trump's Crypto Reserve Plans

US Treasury cyber attack attributed to Silk Typhoon APT

USA: Database Leak Exposes Personal Information of 250,000 Citizens

Westerville City Schools among thousands of districts nationwide impacted by data breach

Westerville schools hit by data breach of PowerSchool, platform several area districts use

What to know about protecting your identity, personal information after a data breach

Wisconsin students, school staff information exposed in data breach

Zagg Suffers Credit Card Data Breach After Hackers Inject Malicious Code via Third-Party Addon

9th January

Asheville City Schools may be affected by major, global breach of student and staff data

Banshee stealer evades detection using Apple XProtect encryption algorithm

Banshee Stealer variant targets Russian-speaking macOS users

BayMark Health Services Experiences Data Breach Following Apparent Cyberattack

Belen Consolidated Schools addresses possible data breach

Blue Yonder tells supermarkets data is safe after group claims credit for ransomware attack

Building Resilience Into Cyber-Physical Systems Has Never Been This Mission-Critical

Casio says October ransomware compromised the data of about 6,500 individuals

Chinese hackers likely behind Ivanti VPN zero-day attacks

Chinese spies targeting new Ivanti vulnerability, Mandiant says

Chinese-linked Hackers May Be Exploiting Latest Ivanti Vulnerability

City of Corvallis email hijacked, used in potential phishing scam

Critical Ivanti Zero-Day Exploited in the Wild

Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection

Cybersecurity Risks in Crypto: Phishing, Ransomware and Other Emerging Threats

Data breach at New Trier High School exposed records of thousands of students and graduates

December ransomware attacks slam healthcare, public services

E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws

EU Commission Liable for Breaching EU’s Own Data Protection Rules

EU court fines EU for breaching its own data protection laws

Fake CrowdStrike job offer emails target devs with crypto miners

Fancy Product Designer Plugin Flaws Expose WordPress Sites

FBI, police investigating Webster cyberattack, town says

Fintech exposes millions of customer files, fails to close the leak

Fortinet CISO Details ‘Phish-Free’ Phishing Scheme Using PayPal

Government Launches £1.9m Initiative to Boost UK’s Cyber Resilience

Hackers are exploiting a new Ivanti VPN security bug to hack into company networks

Hackers claim to breach Russian state agency managing property, land records

Harnessing AI for Proactive Threat Intelligence and Advanced Cyber Defense

Holiday hangover: hackers using e-greeting cards to spread malware

Holton Public Schools warn of data breach

How to protect your child's identity amid PowerSchool data breach

Indianapolis Public Schools (IPS) student info, employee social security info leaked in PowerSchool data breach

Instagram User Database Reportedly Leaked

Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)

Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure

Japan Faces Prolonged Cyber-Attacks Linked to China’s MirrorFace

K-12 software provider for 60M+ students naively pay hackers to erase stolen data

Largest US addiction treatment provider notifies patients of data breach

Major US medical billing firm breached, 360K+ customers' healthcare data leaked

Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers

Malicious WordPress Plugin Assists in Phishing Attacks

Massive Database of URL Login Credentials and Passwords Reportedly Leaked

Mega Logs Pack for December Reportedly Leaked

MirrorFace hackers targeting Japanese government, politicians since 2019

MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan

Nationwide data breach at software provider used by Alabama schools

Near North District School Board involved in data breach

New Banshee Stealer Variant Bypasses Antivirus with Apple's XProtect-Inspired Encryption

New York attorney general aims to recover $2.2M for people robbed by phishing scams

New Zealand: Unauthorized Access to Two Companies Reportedly Offered

Parent information compromised in Bonneville School District 93 data breach

Patient information may have been breached by incident in Utica doctors' practice

PayPal ‘phish-free’ phishing attack could fool you (and your mother), CISO warns

Phishing Campaign Abuses Legitimate Services to Send PayPal Requests

PowerSchool data breach: Hackers steal student Social Security numbers, grades, and medical information from edtech giant

PowerSchool Data Breach Update: Student, Parent, and Staff Information Exposed

PowerSchool data breach possibly exposed student, staff data

PowerSchool Experiences Data Breach Affecting an Unknown Number of Students and Administrators

PowerSchool Reportedly Pays Ransom to Prevent Student Data Leak

PowerSchool says hackers stole students’ sensitive data, including Social Security numbers, in data breach

Ransomware Shock - $133 Million Paid, 195 Million Records Compromised

Recent research reveals “phish-free PayPal phishing” scam

School software provider is the latest target of major hack of personal data

Some Northeast Ohio schools impacted by data breach

Some Winston-Salem city services knocked offline by cyberattack

Space Bears Ransomware: What You Need To Know

Teen hackers: How AI is changing the nature of hacking and other fraudulent activities

The Good, the Bad, and the Vulnerable: Highlights from Australia’s 2024 Cybersecurity Report

The Shadow AI Threat Looming Over 2025: A Wake-Up Call for Enterprises

The State of Ransomware in the U.S.: Report and Statistics 2024

Thousands of Live Hacker Backdoors Found in Expired Domains

Trussville City Schools affected by PowerSchool student data breach

UN Aviation Agency says hacker stole about 42,000 recruitment applications

United States: Data Breach Reportedly Exposes Inbound Call Information

US Treasury hack linked to Silk Typhoon Chinese state hackers

Volkswagen faces scrutiny over massive data breach affecting 15 million vehicles

What Schools Should Know About the PowerSchool Data Breach

What’s Next for Open Source Software Security in 2025?

Wisconsin students, school staff information exposed in data breach

Xanthops.com Full Database Reportedly Leaked

8th January

Casio Admits Security Failings as Attackers Leak Employee and Customer Data

Casio says hackers stole personal data of 8,500 people during October ransomware attack

Casio warns employees, customers about data leak from October ransomware attack

CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation

Court orders European Commission to pay its first-ever GDPR fine

Critical Vulnerabilities in Moxa Routers Allow Root Privilege Escalation

Cyberattacks and Industry Vulnerabilities: What 2025 Holds

Data Breach Allegedly Targets AXA Colpatria in Colombia

Data Breach Reportedly Targets Kladovaya Zdorovya LLC in Russia

Data of more than 8,500 customers breached on Green Bay Packers shopping website

Edtech giant PowerSchool says hackers accessed personal data of students and teachers

Education software firm’s hack exposes personal data for students, teachers nationwide

EU court fines European Commission for breaching its own data privacy laws

Fake Government Officials Use Remote Access Tools for Card Fraud

Federal Communications Commission (FCC) Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance

Finance AI NAS System Breach Raises Concerns

German City Government Faces Data Breach Allegations

Green Bay Packers Pro Shop Data Breach Compromises Customers

Green Bay Packers Retail Site Hacked, Data of 8,500 Customers Exposed

Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens

How to protect yourself from phishing attacks in Chrome and Firefox

Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)

Ivanti warns hackers are exploiting new vulnerability

Ivanti warns of new Connect Secure flaw used in zero-day attacks

Japan says Chinese hackers targeted its government and tech companies for years

Manens-Tifs SpA Data Breach Raises Corporate Security Concerns

Medical billing firm Medusind discloses breach affecting 360,000 people

Millions of Email Servers Exposed Due to Missing TLS Encryption

Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks

Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers

Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections

New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices

New PayPal Phishing Scam Exploits MS365 Tools and Genuine-Looking Emails

One in four admit snooping on ex’s accounts

Over 4,000 backdoors hijacked by registering expired domains

Pall Mall Process to tackle commercial hacking proliferation raises more concerns than solutions

Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques

Russian internet provider confirms its network was ‘destroyed’ following attack claimed by Ukrainian hackers

Russian ISP confirms Ukrainian hackers "destroyed" its network

Scammers Exploit Microsoft 365 to Target PayPal Users

Scammers Impersonate Authorities to Swipe OTPs with Remote Access Apps

SonicWall urges admins to patch exploitable SSLVPN bug immediately

Step-by-Step Guide to Achieving GDPR Compliance

Thailand Shipping Order Data Reportedly Exposed

The top target for phishing campaigns

The US has a new cybersecurity safety label for smart devices

The U.S. Cyber Trust Mark set to launch

They’re everywhere: Treasury hack shows Chinese hackers are stepping up their game

Thousands of credit cards stolen in Green Bay Packers store breach

Time tracker makes remote workers' screens public: what we know so far

Turkey: Selfie ID Card Data Breach Sparks Privacy Concerns

UK foreign workers had their passports and visas leaked, hackers claim

UK Immigration Database Reportedly for Sale

Ukrainian hackers take credit for hacking Russian ISP that wiped out servers and caused internet outages

UN aviation agency confirms hacker breached recruitment database to access thousands of records

UN aviation agency confirms recruitment database security breach

UN aviation agency International Civil Aviation Organization (ICAO) confirms its recruitment database was hacked

Unpatched critical flaws impact Fancy Product Designer WordPress plugin

Update Chrome and Firefox now to patch these critical security flaws

US Launches Cyber Trust Mark for IoT Devices

US to Launch Cyber Trust Mark to Label Secure Smart Devices

Xstrahl eBt Therapy Equipment Data Breach Sparks Concerns

7th January

2 Maine School Districts Hit by Cyber Attacks

$2.5M Eskenazi Health data breach class action settlement

$8 Million Settlement Agreed in University of Missouri Health Care (MU Health Care) Data Breach Lawsuit

Alleged GTA San Andreas Source Code Leak Revealed as Dangerous Ransomware Scam

Argentina’s Airport Security Payroll System Targeted in Cyberattack

Atos denies data breach claims made by the Space Bears hacker group

Atos software firm denied the claims of Space Bears ransomware

Azerbaijani state service: 134 public employees were subjected to hacker attacks in 2024

Barracuda highlights evolving phishing techniques to look out for in 2025

Beware the Rise of the Autonomous Cyber Attacker

BIOS flaws expose iSeq DNA sequencers to bootkit attacks

Brazilian Finance Ministry hit by data breach exposing financial information

Canada: Cyber attack on Kingston Police

Casio says data of 8,500 people exposed in October ransomware attack

China protests U.S. sanctions on cybersecurity firm, claims foreign hacker attacks

China Protests US Sanctions for Its Alleged Role in Hacking, Complains of Foreign Hacker Attacks

Chrome extensions hijacked in phishing attack

CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing

CISA: Third-Party Data Breach Limited to Treasury Department

CISA Claims Treasury Breach Did Not Impact Other Agencies

CISA says Treasury was the only US agency breached via BeyondTrust

CISA warns of critical Oracle, Mitel flaws exploited in attacks

Cl0p Ransomware Group Blames Software Company and Leaks Data

Consumer products to get 'Cyber Trust' marks in 2025, White House says

Critical Infrastructure Ransomware Attack Tracker Reaches 2,000 Incidents

Cyber Attacks Surge: Global Giants Face $15 Trillion Threat By 2030

Cybercrime in 2025: What to look out for

Cybersecurity Resolutions Everyone Should Make This Year

Cybersecurity Statistics By Small Business, Ransomware, GDPR, AI, Job Opportunities, Interruption, Security Investment and Facts

Cybersecurity trends in 2025

Dark Web Dangers Aren’t as Hidden as You Think

Dental Group Penalized $350,000 for Misleading Public About Ransomware Attack and Data Breach

DNA sequencer company notifying customers of vulnerabilities in popular device

Do Not Click - New Gmail, Outlook, Apple Mail Warning For Billions

Employee fired after data breach at Eastern Idaho Public Health

Exostar Files Official Notice of Data Breach Following Incident Involving Third-Party System

Four ways to mitigate the abuse of generic top-level domains

Fraunhofer IAO confirms ransomware attack, investigations ongoing

Google warns of legit VPN apps being used to infect devices with malware

Green Bay Packers defenses breached as fans’ credit card details stolen

Green Bay Packers' online store hacked to steal credit cards

Green Bay Packers’ online store part of data breach

Green Bay Packers Pro Shop Experiences Data Breach Affecting Victims’ Credit Card Info

Habib’s Fast-Food Chain Customer Data Reportedly Exposed

Hackers Claim Harley-Davidson Dealer Data Breach

Harley-Davidson says ‘no impact’ on business following alleged cyber attack

How AI and deepfakes are redefining social engineering threats

Hyperice Sends Data Breach Letters Following June 2024 Cyberattack

Indian government websites are still redirecting users to scam sites

Information Commissioner's Office (ICO) fines Advanced Computer Software Group Ltd £6.09m over GDPR data breach

International Civil Aviation Organization investigating possible records data breach

International Civil Aviation Organization (ICAO) Investigating Potential Data Breach

Investigations Finds Sensitive Information Taken in Rivers Casino Philadelphia Data Breach

Italian digital identity provider suffers data breach, 5.5M customers affected

Japanese carrier NTT Docomo said DDoS attack disrupted multiple services

Limited number of Social Security numbers impacted in Indiana University Health (IU Health) data breach

Malicious Browser Extensions are the Next Frontier for Identity Attacks

Massachusetts health firm reaches $80,000 settlement with HHS following ransomware investigation

Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers

Moxa Urges Immediate Updates for Security Vulnerabilities

Netskope Data Shows Phishing Success Rate Tripled in 2024

Netskope finds enterprise phishing clicks nearly tripled over the past year

New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities

New HIPAA Security Rule Would Strengthen Healthcare Cybersecurity

New Mirai botnet targets industrial routers with zero-day exploits

New Research Highlights Vulnerabilities in MLOps Platforms

New York Adopts Amendment to the State Data Breach Notification Law

Nigeria: Hacker Steals Over N1 Billion From Enugu State Government System

Nigeria: National Bureau of Statistics (NBS) Website Remains Down for Three Weeks Following Cyber Attack

Nigeria: Police Uncover N1 Billion Cyber Fraud, Arrest Hacker Who Targeted Enugu State Government

No Evidence of Data Breach for Go Sport in France

No timeline for service restoration after Winston-Salem cyber attack

Norwex class action claims data breach exposed personal identifying info

Packers Pro Shop website hit by data breach, credit monitoring offered to affected fans

Patient’s Request for Records Uncovers Dental Practice’s Ransomware Attack, Leading to $350K Settlement

Personal Data Privacy Ltd: Digital Personal Data Protection (DPDP) Act institutionalises data breach as much as it protects data in some cases

Phishing Click Rates Triple in 2024

Phishing clicks nearly tripled in 2024 as criminals aim for smarter attacks

Phishing Clicks Nearly Tripled in 2024, Ubiquitous Use of Personal Cloud Apps and GenAI Tools Require Modern Workplace Security to Mitigate Risk

Phishing Clicks Surged 190% in 2024

Phishing lures and workplace AI

PowerSchool hack exposes student, teacher data from K-12 districts

Qilin ransomware operation claims hack of Aussie freight forwarder

Qilin Ransomware Targets Australian Freight Forwarder Globelink International

Ransomware Hits 6 Million: Senior Care Data Leaks Spark Alarm

Ransomware is doubling down - What you need to know about the recent surge

Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers

Rhysida claims cyber attack on Montreal North, sets $1.64m ransom

Rhysida lays claim on Montreal North compromise

Richmond University Medical Center data breach affects 674,000

Rivers Casino Philadelphia Informs Employees of Data Breach

Rivers Casino users could be eligible for financial compensation after data breach

Russian hackers turn trusted online stores into phishing pages

State-aligned APT groups are increasingly deploying ransomware – and that’s bad news for everyone

T-Mobile Faces $2M Washington Data Breach Lawsuit for Neglect

T-Mobile Sued by Washington State Over 2021 Data Breach

T-Mobile Sued for Data Breach by State of Washington

Telegram hands over data on thousands of users to US law enforcement

Telegram reports spike in sharing user data with law enforcement

Teton Orthopaedics Sends Out Data Breach Letters Following Ransomware Attack

The evolution of AI in phishing attacks: why even the most experienced can fall, victim

Thomas Cook says cyber attack disrupted its Indian operations

Treasury Sanctions China-Based Flax Typhoon Hacker

U.S. auto dealer says cyber attack compromised customers' personal information

U.S. Sanctions Chinese Cybersecurity Firm Over Cyberattacks

UK confirms plans to criminalize the creation of sexually explicit deepfake content

UK Government to Ban Creation of Explicit Deepfakes

UN aviation agency 'actively investigating' cybercriminal’s claimed data breach

UN aviation agency confirms possible data breach

UN aviation agency investigating possible data breach

UN aviation agency investigating 'potential' security breach

UN aviation agency investigating reports of possible data breach

UN aviation agency ‘investigating’ security breach after hacker claims theft of personal data

UN aviation body investigates potential data breach

UN civil aviation agency confirms possible data breach

United Nations Fears Data Breach Leaking Global Aviation Data

US cyber watchdog says no indication breach at Treasury hit other federal agencies

US government launches cybersecurity safety label for smart devices

US Telecom Breaches Widen as 9 Firms Hit by Chinese Salt Typhoon Hackers

Village Fertility Pharmacy Group Announces Data Breach Stemming from Unauthorized Access to Email Account

Walker County Schools alerting parents, educators of student information system data breach

Washington Attorney General Sues T-Mobile Over 2021 Data Breach

Washington Attorney General sues T-Mobile over data breach that impacted more than 2M residents

Washington State Sues T-Mobile For Negligence Over Massive 2021 Data Breach

Washington state sues T-Mobile over 2021 data breach security failures

Washington state sues T-Mobile over allegedly shoddy cyber practices leading to 2021 breach

6th January

A Hacker Sentenced For Stealing And Selling Unreleased Coldplay Songs

Ascension Living residents, employees among 6 million affected by data breach

Balancing proprietary and open-source tools in cyber threat research

Cameron John Wagenius: Hacker behind Trump, Harris private call logs extortion threat arrested

China protests US sanctions for its alleged role in hacking, complains of foreign hacker attacks

China’s Salt Typhoon Attacks Guam entity; US Sanctions Chinese Company

Chinese hackers also breached Charter and Windstream networks

Chinese Hackers Double Cyber-Attacks on Taiwan

Chinese hackers infiltrate US telecommunications, steal data of over a million people

CISA: Treasury was only federal agency impacted by recent China breach

CISA says ‘no indication’ of wider government hack beyond Treasury

CISA says recent government hack limited to US Treasury

Cisco Field CTO, Predicts Mobile Devices as the Next Ransomware Target

Cybercriminals Target Ethereum Developers with Fake Hardhat npm Packages

Eagerbee backdoor deployed against Middle Eastern government organizations, ISPs

FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices

Foreign hacker organizations launch cyberattacks against China, some suspected of criminal offenses

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

Hacker Sentenced After Stealing Unreleased Coldplay Tracks

Hackers reportedly compromise Argentina’s airport security payroll system

Harley-Davidson target of cyber attack threatens to expose data of 66,000 customers

India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements

India Sees 55% Rise In Ransomware Attacks In 2024, May And October Witness Highest Incidents

Inverclyde Council at risk of 'costly and damaging' cyber attack

Is healthcare cybersecurity in critical condition?

Lookout Threat Lab Researchers Say iOS is More Vulnerable to Phishing Than Android

Luton hacker sentenced after stealing music from Coldplay

Meet the Chinese ‘Typhoon’ hackers preparing for war

New Infostealer Campaign Uses Discord Videogame Lure

New PhishWP Plugin Enables Sophisticated Payment Page Scams

Only 26% of Europe’s top companies earn a high rating for cybersecurity

Pig butchering victim sues banks for allowing scammers to open accounts

Russian-Speaking Attackers Target Ethereum Devs with Fake Hardhat npm Packages

Scammers Drain $500m from Crypto Wallets in a Year

School districts in Maine, Tennessee respond to holiday cyberattacks

Security in 2025 - Challenges, Risks, and What Leaders Must Do

Supply Chain Attack Targets Key Ethereum Development Tools

Tampa General Hospital agrees to $6.8 million settlement over cyberattack affecting 2.4 million patients

The Philippines: Bureau of Immigration (BI) nabs Japanese phishing suspect

Users receive at least one advanced phishing link every week

Volkswagen Data Breach Exposes Locations of 800,000 Electric Vehicles

Vulnerable Moxa devices expose industrial networks to attacks

Washington Attorney General suing T-Mobile over alleged failure to secure sensitive data

Washington files lawsuit against T-Mobile after ‘massive’ data breach

Washington state sues T-Mobile over data breach that impacted millions of residents

What Are the 7 Essential Cybersecurity Skills You Need for 2025?

Why construction companies face cybersecurity risks - and how to combat them

WordPress phishing plugin drives online shopping fraud

WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps