Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and 
Dentons Senior Analyst, Washington DC
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 2nd June and 8th June 2025.4th June
Acreed infostealer poised to replace Lumma after global crackdown
Akeela Inc. Agrees Settlement to Resolve Class Action Data Breach Litigation
Alleged Data Breach at Tradgo: 4.4 GB Database Reportedly for Sale Online
Attackers fake IT support calls to steal Salesforce data
Australian Non-Profit Epworth Hospital Allegedly Targeted by Global Ransomware Group
BidenCash carding market domains seized in international operation
Blancco Report Finds Stolen Devices are a Bigger Cause of Data Loss Than Stolen Credentials or Ransomware
Canada: Committee to discuss Nova Scotia Power breach that allowed theft of 280,000 customers' data
Cartier confirms client data breach, affecting customers in China, other markets
Cartier confirms global data breach affecting customer information
Cartier disclosed a data breach following a cyber attack
Cartier reveals some customer data stolen in cyberattack
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
CISOs need better tools to turn risk into action
Cloud-Native Technology Prompts New Security Approaches
Coinbase Data Breach Links To Support Agents in India
Coinbase ends contract with TaskUs after the $400M data breach to an Indian contractor
Coinbase Faces Backlash For Allegedly Delaying Recent Data Breach Disclosure
Coinbase was aware of the data leak of its customers four months before the breach
Concern Grows Over Agentic AI Security Risks
Crocodilus mobile malware's bites are now even more dangerous
Cyber Attack Wipes Out KiranaPro’s Quick Commerce App Code
Cyber attacks and ransomware rise globally in early 2025
Cybercriminals harness AI to boost phishing & malware attacks
Cybersecurity Support Networks Too Fragmented for SMBs, Say Experts
Cyprus Airways’ customer data, systems breached, hackers claim
Data breach at newspaper giant Lee Enterprises affects 40,000 people
Device Theft Causes More Data Loss Than Ransomware
Dutch university’s rapid response saved it from ransomware devastation
FBI warns of NFT airdrop scams targeting Hedera Hashgraph wallets
Gateway Community Services Announces 34,500-Record Data Breach
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419)
Google warns of cybercriminals targeting Salesforce app to steal data, extort companies
Hacker attack on major American media company exposes employees
Hacker claims millions affected in Claro, Movistar breach - Claro calls it fake
Hacker groups should get uniform names
Hacker targets other hackers and gamers with backdoored GitHub code
Hackers can turn Chrome into spyware using a few simple commands
Hackers claim massive data breach at American Hospital Dubai
Hackers Leak 86 Million AT&T Records with Decrypted SSNs
Hackers target Salesforce accounts in data extortion attacks
Hewlett Packard Enterprise (HPE) Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass
Hewlett Packard Enterprise (HPE) StoreOnce Faces Critical CVE-2025-37093 Vulnerability - Urges Immediate Patch Upgrade
How to Protect Your Online Presence from Devastating DDoS Attacks
How to spot phishing, vishing, smishing
India: Rajkot civic body’s Geographic Information System (GIS) website hit by cyber attack, over 400 GB data feared stolen
Kaspersky Uncovers Rising Dark Web Threats Against Brazilian Firms
Kettering Health Data Breach: 2.6 TB Allegedly Leaked by Interlock Ransomware Group
“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives
MainStreet Bank customers affected by vendor network data breach
Major fashion brand hit by cyber attack with personal data stolen
Major Spanish Retail Brand Hacendado Allegedly Breached, 27 Million Users’ Data Offered for Sale
Majority of Compromises Caused by Stolen Credentials, No Multi-Factor Authentication (MFA)
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Marks & Spencer (M&S) faces ‘unprecedented’ Scottish lawsuit over cyber attack data breach
Marks & Spencer (M&S) stages walk-in recruitment days after cyberattack stops online hiring
Massive Data Breach Exposes 184 Million User Records: Apple, Google, Meta And More Affected
Media giant Lee Enterprises says data breach affects 39,000 people
Meta, Yandex caught using tracking tech that de-anonymizes Android users
Microsoft offers free cybersecurity support to European governments
Microsoft offers to boost European governments' cybersecurity for free
National Cyber Security Centre (NCSC) urges action against 41 million phishing scams
Nearly 3,000 North Face website customer accounts breached as retail incidents continue
Nepal Police Allegedly Breached, Sensitive Data Appears for Sale Online
New Honeywell 2025 Cyber Threat Report reveals ransomware surges 46 percent with Operational Technology (OT) systems as key targets
Newspaper giant Lee Enterprises says nearly 40,000 Social Security numbers leaked in ransomware attack
Next-gen phishing attacks powered by AI are fooling even experts
North Face latest to be targeted by cyberattack, customer data at risk
Out of Office for Summer? Cybercriminals Are Just Getting Started
Over 3 Million Records, Including PII Exposed in App-Building Platform Data Breach
Phishing Campaign Uses Fake Booking.com Emails to Deliver Malware
Quick Commerce Platform KiranaPro’s App Code Destroyed In Cyber Attack
RansomHub Surges as Top Threat While AI Insider Extortion Escalates, Says Palo Alto Networks
Ransomware gang claims responsibility for Kettering Health hack
Rethinking governance in a decentralized identity world
SafePay Ransomware Emerges as Most Prolific Threat Actor of May 2025
Scammers stole £47m from HMRC in phishing attack
Separate cyberattacks impact Ohio, Oklahoma, Puerto Rico
Simplicity Should Guide Cybersecurity Purchasing Decisions
SK Telecom Faces Sharp Subscriber Loss After Major Data Breach
SK Telecom Plummets in Subscribers Following Significant Data Breach Crisis
Southern Israel resident convicted of one million NIS fraud through phishing
Startups Focus on Visibility and Governance, not AI
StormWall Reveals India, China and US Faced Most DDoS Attacks in Q1 2025
Telefonica Probes Peruvian Data Breach Amid Cybersecurity Concerns
The North Face confirms customer data exposure in April credential stuffing attack
The North Face customer data stolen in cyber attack
The toxic reality: Mounting ransomware risks in tech era
Threat Actor Bribes Overseas Support Agents to Steal Coinbase Customer Data
Ukraine claims it hacked Tupolev, Russia’s strategic warplane maker
Ukraine's military intelligence claims cyberattack on Russian strategic bomber maker
Volkswagen Group investigates claims of data breach by Stormous ransomware gang
When ransomware listings create confusion as to who the victim was
Widespread Campaign Targets Cybercriminals and Gamers
Your SaaS Data Isn't Safe: Why Traditional DLP Solutions Fail in the Browser Era
3rd June
78% of Security Leaders Say Tool Sprawl Challenges Threat Mitigation
184 million account data breach: exposed accesses to Google, Apple and government agencies
184 million passwords exposed in massive data breach
After Dior and Victoria’s Secret, Cartier hit by cyberattack stealing user data
AI-driven ransomware tops 2025 cyber threats in Middle East, Türkiye, and Africa (META), says Kaspersky
Alert Issued for Shiba Inu (SHIB) Holders Over Phishing Emails Impersonating Coinbase
All the customer data stolen in Cartier cyber attack
Alleged Volkswagen breach unsubstantiated
Amazon Spain denies breach after hacker claims to leak data of over 5 million users
Ambulance Billing Firm Pays Feds $75K in Ransomware Breach
Android malware Crocodilus adds fake contacts to spoof trusted callers
Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets
Another FBI Alert: The Legal Industry Continues To Be Targeted By Ransomware
Australia Enforces Ransomware Payment Reporting
Azerbaijan sentences hacker arrested in State Security Service operation
Bankers Association’s attack on cybersecurity transparency
Blacklock Ransomware Group Claims Four New Victims
Bling slinger Cartier tells customers to be wary of phishing attacks after intrusion
Bradford Health Services reports 2023 data breach, compromising patient and staff data
Cardiff Council admits responsibility for data breach that led to parents’ personal information being leaked
Cartier and The North Face latest victims of cyber attack
Cartier becomes the latest victim of fashion retailer cyber attack wave
Cartier confirms cyberattack, client data breach amid growing trend of retail hacks
Cartier confirms data breach, warns customers of potential targeted attacks
Cartier customer data stolen in latest cyber attack
Cartier data breach raises questions over luxury brand security in South Korea
Cartier has data stolen by hackers in cyber attack
Cartier hit by data breach as cyberattacks on fashion brands surge
Cartier hit by data breach, millions of customers' info leaked
Cartier latest big-name brand to be hit by cyber attack
Cartier latest luxury brand hit by consumer data breach
Cartier reports some customer data stolen in cyberattack
Cartier reveals data breach, personal customer information at risk
CertiK’s latest report reveals $302M lost in blockchain attacks despite phishing drop
China’s quantum satellite can be hacked, but the claim still needs to be verified
CISA warns of ConnectWise ScreenConnect bug exploited in attacks
Code Bug at Compliance Firm Vanta Leaks Customer Data to Other Clients
Coinbase breach tied to bribed TaskUs support agents in India
Coinbase Data Breach: 69,000 Users Affected by Indian Outsourcing Leak
Coinbase delayed revealing data breach that may cost up to $400M, drops third-party vendor
Coinbase Delays Data Breach Disclosure
Coinbase Faces Fresh Heat Over Data Breach
Coinbase Hid Massive Data Breach for Months Before Going Public
Coinbase Knew of Data Breach in January, Delayed Public Disclosure
Coinbase Knew of Its Data Breach Months Before Disclosing
Coinbase Under Fire Over Months-Long Silence on Major Data Breach
Coinbase Was Aware of Data Breach Months in Advance: A Timeline of Silence
Coinbase Was Aware of Data Breach Since January
Colombia National ID and SIMIT Traffic Data Allegedly For Sale Via APIs
Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code
Critical Chrome update: hackers are exploiting a dangerous zero-day
Crocodilus malware adds fake entries to victims' contact lists in new scam campaign
Crypto market losses due to hackers - how much was lost in May?
Cyber Attacks Are Up 47% in 2025 – AI is One Key Factor
Cyber Attacks Surge 47% in Q1 2025, Report Warns
Cyber Storm Hits Cartier: Data Breach Unveiled
Cyberattacks Hit Top Retailers: Cartier, North Face Among Latest Victims
Cybersecurity incident disrupts operations at multiple Covenant Health facilities
Cyprus Airways Allegedly Breached, Massive Cache of Passenger and Flight Data Reportedly Up For Sale
Czechs most often face attacks on bank identities and fake buyers at bazaars
Data Breach at Adidas Exposes Customer Contact Details
Data breach at Cumberland County Hospital in Kentucky could impact patients, employees
Delaware Department of Motor Vehicles (DMV) warns residents to be aware of text message phishing scam
Development vs. security: The friction threatening your code
Don’t get hooked: new warning urges the public to continue reporting phishy emails and texts with 41 million already reported
Environmental Protection Agency breach claims lack teeth, researchers say
Fake Docusign Pages Deliver Multi-Stage NetSupport RAT Malware
Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack
'Forest Blizzard' vs 'Fancy Bear' - cyber companies hope to untangle weird hacker nicknames
Germany hands Vodafone $51 million fine over data privacy violations
Good Cybersecurity Enabled Ukraine’s Surprise Attack on Russia, Says National Cyber Security Centre (NCSC)
Google patches new Chrome zero-day bug exploited in attacks
Google, Instagram logins among 184 million passwords leaked in massive data breach
Hacker attack on mental health org exposes patient diagnoses
Hacker Nicknames No More: Tech Giants Unite to Simplify Cyber Threats
Hackers milking fake Booking.com sites to plant malware
Half of Firms Suffered Two Supply Chain Incidents in Past Year
Health giant Kettering still facing disruption weeks after ransomware attack
Healthcare Cybersecurity: Responding to Ransomware
Hewlett Packard Enterprise warns of critical StoreOnce auth bypass
How global collaboration is hitting cybercriminals where it hurts
How To Protect Your Small Business From Ransomware Attacks
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals - and security experts say police will be keeping close tabs
‘I think it’s very bad:’ Data breach in St. Cloud raises concerns among residents
Indian grocery startup KiranaPro was hacked and its servers deleted, CEO confirms
Interlock and the Kettering Ransomware Attack: ClickFix’s Persistence
Jordan: Ministry warns of phishing messages posing as National Contact Center
Lewis & Clark College Reaches $500K Settlement Over Data Breach
Luxury brand Cartier confirms it was hacked, customer data stolen
Lyrix Ransomware Targets Windows Users with Advanced Evasion Techniques
MainStreet Bank Data Breach Impacts Customer Payment Cards
Malicious RubyGems pose as Fastlane to steal Telegram API data
Marks & Spencer (M&S) faces 'unprecedented' customer lawsuit over cyberattack data breach
Marks & Spencer (M&S) holds in-store recruitment days as cyber attack hits online hiring
Marriott wins US appeals order striking down data breach class action
Mastercard: Fraud attempts jump as retailers feel cyber attack sting
Mastercard AI boss warns of surge in fraud attempts as retailers feel cyber attack sting
Microsoft and CrowdStrike Launch Shared Threat Actor Glossary to Cut Attribution Confusion
Microsoft, CrowdStrike Partner to Bring Clarity to Threat Actor Identities
Microsoft, Crowdstrike to create unified "Rosetta Stone" of threat actors and their wacky names
'Midnight Blizzard', 'Cozy Bear' and more...How Microsoft, Google and other tech companies plans to untangle weird hacker nicknames
Mysterious Whistleblower Exposes Major Ransomware Kingpins
New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch
New Lyrix Ransomware Attacking Windows Users With New Evasion Tactics
New three-step phishing scam spreading in Finland
North Face warns customer logins compromised in April credential stuffing attack
Officials Warn Public of Phishing Scams Posing as Iowa Department of Motor Vehicles (DMV)
Ohio’s Healthcare Mystery: The Ransomware Siege Plunging Kettering into Chaos
OmniRide confirms data breach following ransomware incident
One hacker, many names: Industry collaboration aims to fix cyber threat label chaos
Over 8 Million records with US patient medical data have been spilled online
Palo Alto Networks’ Unit 42 Extortion and Ransomware Trends Report reveals aggressive new tactics and escalation of threat actor collaboration
Password Attack - The North Face Confirms Data Breach
Personal information stolen from Cartier in latest cyber attack
Phone chipmaker Qualcomm fixes three zero-days exploited by hackers
Potato firm Nokota Packers hit by ransomware attack
Ransomware a ‘persistent threat’ to industrial entities
Ransomware as a Service: The Billion-Dollar Threat Hiding in Plain Sight
Russian Hackers Black Owl Target Critical Industries to Steal Financial Data
SafePay, DevMan Emerge as Major Ransomware Threats
Scammers are impersonating Interactive Brokers: Here’s what you need to know
Scattered Spider: Three things the news doesn’t tell you
Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization
Security bug at compliance firm Vanta exposed customer data to other users
Shocking! Coinbase Hid Customer Data Breach for 4 Months, Reuters Reveals
SK Telecom continues to lose users after data breach
SK Telecom faces sharp subscriber decline following massive data breach
Smart Cars, Dumb Passwords: Auto Industry Still Runs on Weak Passwords
Smartfren Allegedly Breached: Internal SIM Registration Panel Access for Sale
Sri Lanka: Water Board confirms no data breach due to cyberattack on SMS system
Stormous ransomware claims cyber attack on Volkswagen
Tech Giants Launch Glossary to Standardize Hacker Names
Tennessee Authorities Warn of Phony Text Messages Phishing for Sensitive Information, Telling Victims Their Bank Account Is at Risk
The Coinbase Data Breach Was A Wake-Up Call For Crypto Investors
There's another phishing scam going around, Wisconsin Division of Motor Vehicles (DMV) warns
Thousands impacted by cyberattacks on governments in Ohio, Oklahoma, Puerto Rico
Urgent TikTok warning as hacker claims to sell data of 428 million users on the dark web
Vendor Email Compromise (VEC) Attacks Alarmingly Effective at Driving Engagement
Victoria’s Secret delays earnings release after security incident
Volkswagen Group investigates hacker data breach claims
Wisconsin Division of Motor Vehicles (DMV) warns about another phishing scam using its name
Wisconsin Division of Motor Vehicles (DMV) warns of new phishing scam targeting drivers with fake texts
WoW Health Allegedly Breached, Customer Database Reportedly for Sale Online
'Years of neglect' to blame for Legal Aid Agency data breach, minister says
2nd June
48% of security pros are falling behind compliance requirements
2022 Fire Rescue Victoria cyber attack still causing issues
A mysterious leaker is exposing ransomware hackers to the world
Acreed Emerges as Dominant Infostealer Threat Following Lumma Takedown
AI Emerges as the Top Concern for Security Leaders
AI takes lead in fight against voice phishing in wake of SK Telecom hack
Alleged ransomware attack disrupted MathWorks services
Attackers breached ConnectWise, compromised customer ScreenConnect instances
Australia launches mandatory ransomware payment reporting rules
Backdoors in Python and NPM Packages Target Windows and Linux
Bribery scheme at Indian call center linked to $400 million Coinbase data breach
Cartier Data Breach: Luxury Retailer Warns Customers That Personal Data Was Exposed
Cartier discloses data breach amid fashion brand cyberattacks
Changing Threat Landscape Drives Cybersecurity Spending Shifts
Chief Financial Officers (CFOs) targeted globally by phishing attacks
Chief Financial Officers (CFOs) Targeted in Sophisticated Phishing Campaign Using Legit NetBird Tool
City of Durant targeted by ransomware attack, some services impacted
City of Sheboygan ransomware attack exposes nearly 70,000 individuals' data
Coinbase hack linked to third-party vendor leak in India, sources say
Coinbase Hack Tied to Underpaid Indian BPO Agents in $400M Data Breach Fallout
Coinbase Learned of Data Breach in January
Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
Cryptojacking Campaign Targets DevOps Servers Including Nomad
Cyber Bureau warns of phishing scams targeting bank and digital wallet users
Cybercriminals lose key tool for malware development: police shut down AVCheck
Dutch Police Lead Shut Down of Counter AV Service AVCheck
Entire Conti Ransomware Gang Including Key Leaders With Photo & Infrastructure Exposed
Ethereum EIP-7702 Exploit Drains $150K in Phishing Scam
Evolving Phishing Trends to Watch in 2025
Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions
FBI Investigates Phishing Campaign that Impersonated Senior Trump Adviser Susie Wiles via Deepfakes
'Forest Blizzard' vs 'Fancy Bear' - cyber companies hope to untangle weird hacker nicknames
Funnull Infrastructure Provider Hit With Office of Foreign Assets Control (OFAC) Sanctions Over Role in Cyber Scams
Hacker claims Volkswagen breach, fails to provide evidence
Hackers make Sonos Era 300 speakers play unwanted tunes: severe RCE flaw discovered
Hong Kong: Phishing tops 440,000 cyber threats recorded last year
In wake of Good Friday cyberattack, city of Abilene replacing all desktops, laptops
Indonesian Government Employee System “Ekinerja Tulungagung” Allegedly Breached
International operation takes down crypting sites used for testing malware
Iranian Robbinhood Ransomware Operator Pleads Guilty in US City Attacks
Journalists access unsecured server and expose GRU hacker unit
Legal Aid Agency (LAA) cyber attack “devastating” on legal aid firms
Linux Crash Reporting Flaws (CVE-2025-5054, 4598) Expose Password Hashes
MainStreet Bank reports vendor cyber incident that leaked customer info
Major potato packer hit with ransomware, hackers claim
Malaysian home minister’s WhatsApp hacked, used to scam contacts
Masimo restores production, delivery commitments remain unaffected
Melbourne-based 3P Corporation breached by Space Bears ransomware
Nearly 1 million users switch mobile carriers in May in wake of SK Telecom (SKT) data breach
New Linux Vulnerabilities Expose Password Hashes via Core Dumps
New tech by WithSecure is an ‘undo’ button for ransomware
North Dakota Enacts Financial Data Security and Data Breach Notification Requirements
NSO appeals WhatsApp decision, says it can’t pay $168 million in ‘unlawful’ damages
Phishing Awareness Campaign: Action Fraud Press Release
Phishing threats intensify for Missouri marijuana businesses as attackers exploit websites
Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN
Pro-Ukraine hacker group Black Owl poses ‘major threat’ to Russia, Kaspersky says
Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU
Qualcomm Fixes Three Adreno GPU Flaws Abused in Android Attacks
Qualcomm fixes three Adreno GPU zero-days exploited in attacks
Ransomware Attacks Expected to Grow in Scale and Frequency
Royal Moroccan Football Federation Allegedly Breached, FTP Server Data Leaked
Russell County USD 407 and PowerSchool Data Breach Update
Russian hacker identified as alleged leader of Trickbot cybercrime syndicate
‘Russian Market’ emerges as a go-to shop for stolen credentials
SK Telecom continues to lose users after data breach
Sophisticated Malware Campaign Targets Windows and Linux Systems
Sysdig Reveals Discovery of Cyberattack Aimed at Tool to Build AI Apps
Taiwanese crypto exchange BitoPro reportedly loses $11.5M in hack
The North Face warns customers of April credential stuffing attack
The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats
The UK’s New Cyber Security Bill: A Call to Action for Tech Businesses
U.S., Dutch Agencies Shut Down AVCheck Services Used by Threat Groups
Universitas Udayana Bali Allegedly Breached
Uruguay’s National Vehicle System SUCIVE Allegedly Breached, Access Reportedly for Sale Online
US Sanctions Philippines’ Funnull Technology Over $200M Crypto Scam
Vanta bug exposed customers’ data to other customers
Victoria’s Secret Security Incident Shuts Down Website
Weaponized SVGs: Inside a global phishing campaign targeting financial institutions
Whistleblower unmasks ransomware leaders
Working From Home (WFH) staff are leaving British businesses exposed to a lethal cyber attack that will 'cripple' their firms and wipe them out
Yuantong Express Allegedly Breached: 7.4 Million User Data Records Reportedly for Sale
Welcome to last month's DLR Report, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed between 1st May and 31st April 2025.
