Editor's Message

Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and PRiSM celebrated it's 2nd anniversary. Little did I know when I started both of these ventures just how much an impact they would have on my life and I'd like to thank each and everyone of you who have supported me over the years, with a special thanks to those individuals who have kindly shared their knowledge with me, and continue to do so. Thanks again for your support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC

Monday, 16 June 2025

Data Breaches Digest - Week 25 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 16th June and 22nd June 2025.


18th June

New Linux udisks flaw lets attackers get root on major Linux distros

17th June

8.4 million affected in Indian ridesharing company data breach

23andMe fined £2.31m over UK users' genetic data breach

23andMe fined millions by UK watchdog over 'profoundly damaging' cyber attack

92% of Top Email Domains Remain Unprotected Against Phishing

170,000 Records Exposed in Real Estate Investment and Management Database

Anubis ransomware adds novel file wiping capabilities

Anubis Ransomware Now Wipes Data After Encryption, Experts Warn

Anubis ransomware threatens permanent data loss

Anubis Ransomware Ups the Ante with File-Wiping Feature, Double Extortion Tactics

Are Forgotten Active Directory (AD) Service Accounts Leaving You at Risk?

Brits Lose £106m to Romance Fraud in a Year

Canada, U.K. to reveal findings of 23andMe data breach probe

Car sharing platform Zoomcar reports data breach compromising personal info

Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code Execution

China accuses foreign spies of targeting military research via phishing emails

China’s Human Resources and Social Security Network Allegedly Breached, 88 Million Citizen Records for Sale Online

China’s state security agency warns of phishing emails sent by foreign spies

CISOs brace for a surge in domain-based cyber threats

Class-action lawsuit filed against Kettering Health following major data breach

Crypto scams: trader loses $150,000 by signing a phishing transaction on Ethereum

Erie Insurance sued a second time over claims it failed to prevent data breach

FBI recovers $680K following “burn” bug hack on SafeMoon

Freedman Healthcare hacked, database software used by 27 state public health departments

Global Data Breaches and Cyber Attacks in May 2025 – More Than 1.4 Billion Records Breached

Google to scale up AI-powered fraud detection and security operations in India

Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms

Gunra Ransomware Group Allegedly Leaks 40TB of Data from American Hospital

Hacker group launches assault on insurance sector

Hacker steals 1 million Cock.li user records in webmail data breach

Hackers Access Data Of 8.4 Million Zoomcar Users

Hackers are attacking some of the most popular TP-Link routers. Are you affected?

Hackers love events. Why aren’t more CISOs paying attention?

Hard-Coded 'b' Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments

India-based car-sharing company Zoomcar suffered a data breach impacting 8.4M users

Iran: Revolutionary Guards claim strike on Mossad centre in Tel Aviv as cyber-attack hits major bank

Iran confirms cyberattack disrupted Bank Sepah services after hacker group’s claim

Iran hit by major cyberattack as Israel Defense Forces (IDF) intel chief hints at further action

Iran launches shocking cyber attack on Israel: live TV hacked, citizens sent panic alerts

Israel retaliates with cyber attack on Iran’s central Bank, ATMs disrupted nationwide

Israel-linked hacker group claims cyberattack on Iranian bank

Israeli hacker group claims destruction of Iranian state bank data in cyberattack

Israeli hacker group claims major cyberattack on Iranian bank Sepah

Joint investigation by Canada and U.K. says 23andMe failed to protect customer data

Malicious app removed from stores, still poses massive risks for users

McLean Mortgage discloses data breach exposing customers’ personal information

Microsoft Promises to Keep European Cloud Data in Europe

New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks

Novel TokenBreak Attack Method Can Bypass LLM Security Features

Optical Software Solution Provider Ocuco Reports 241K-Record Data Breach

Phishing goes prime time: Hackers use trusted sites to hijack search rankings

Phishing scam hits Green Bay, Wisconsin

Pro-Israel hackers claim breach of Iranian bank amid military escalation

RedDotPayment, Krungsri, National Telecom, and HITRUST Allegedly Breached in Major Data Leak

Scattered Spider Hackers Target Insurance Firms In A Vicious Ransomware Web

Sensitive data of nearly 50,000 individuals compromised in Renkim cyber security incident

Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT Malware

SK Telecom (SKT) reopens doors to new customers after massive data breach

Taiwan Hit by Sophisticated Phishing Campaign

Texas Department of Transportation (TxDOT) confirmed a data breach that impacted its database

Thailand: Pattaya Hotel Raid Uncovers Gambling Den, Chinese Ransomware Ring

Thailand police raid uncovers illegal gambling and ransomware in Chon Buri

Thailand’s Cyber Police Allegedly Breached Hacker Claims to Sell Admin Panel Access

The Washington Post Investigates Cyber Attack On Journalist's Email Account, Allegedly Involves Foreign Government

TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert

UK watchdog fines 23andMe for 'profoundly damaging' data breach

UK watchdog fines 23andMe over 2023 data breach

Up to $10 Million bounty placed for CyberAv3ngers-linked hacker

Water Curse Hacker Group Uses 76 GitHub Accounts to Spread Multistage Malware

Water Curse Hacker Group Weaponized 76 GitHub Accounts to Deliver Multistage Malware

YES24 announces compensation plan following ransomware attack “Gift vouchers and 30-day Crema club access for all members”

YES24 CEOs apologize, offer compensation after 5-day ransomware shutdown

Zoomcar confirms data breach affecting 8.4 million users

Zoomcar Data Breach: Millions of Users' Personal Info Exposed; Is Financial Data Safe?

Zoomcar Data Breach Exposes Personal Info of 8.4 Million Users

Zoomcar data breach hits 8.4 million users, names and phone numbers leaked

Zoomcar hit by massive data breach affecting 84 lakh users, US Securities and Exchange Commission (SEC) filing shows

16th June

8.4 million people affected by data breach at Indian car share company Zoomcar

147,116 Americans Hit by Massive Data Breach - Firm Says Unknown Attacker May Have Exposed Names, Addresses, Social Security Numbers and More

Advanced wiper module added to Anubis RaaS payload

AI-Powered Phishing: The Future Of Digital Fraud

Almarai, Leading Saudi Food Giant, Allegedly Hit by Massive Data Breach

An attempt to save on a crypto hardware wallet cost millions

Anubis Ransomware Adds File-Wiping Capability

Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment

Anubis Ransomware Introduces Irreversible File Destruction Feature

Anubis Ransomware Packs a Wiper to Permanently Delete Files

Anubis Ransomware With Wipe Mode That Permanently Erases File With No Recovery Option

Anubis Ransomware-as-a-Service Kit Adds Data Wiper

APTiran Allegedly Hits Israeli Critical Infrastructure with Ransomware

As grocery shortages persist, United Natural Foods (UNFI) says it’s recovering from cyberattack

Asheville Eye Associates Says 147,000 Impacted by Data Breach

ASUS Armoury Crate bug lets attackers get Windows admin privileges

BERT Ransomware Escalates Attacks on Linux Machines with Weaponized ELF Files

BERT Ransomware Upgrades to Attacks Linux Machines Using Weaponized ELF Files

Bipartisan bill aims to create CISA-HHS liaison for hospital cyberattacks

Canadian Airline WestJet Suffers Cyberattack, Halts App and Web Services

Car-sharing giant Zoomcar says hacker accessed personal data of 8.4 million users

Chinese phishing network exploits Japanese credit card data through social media recruitment

Cyber-cover and the decision to take your business offline

CYFIRMA flags intensifying ransomware risk to healthcare sector led by US for-profit firms

Dutch police identify 126 suspects on Cracked.io, one of them was an 11-year-old

Episource Ransomware Attack Affects Multiple Healthcare Customers

Erie Insurance sued over claims that customer data was exposed in 'ransomware' attack

Even paying victims lose their data with Anubis ransomware

Fog Ransomware Group Uses Unconventional Toolset, New Research Finds

French Hospital Hôpital Privé de la Miotte Allegedly Breached, Data of Over 100K Patients for Sale

GrayAlpha Hacker Group Weaponizes Browser Updates to Deploy PowerNet Loader and NetSupport RAT

GrayAlpha Hackers Group Exploits Browser Updates to Deploy PowerNet Loader and NetSupport RAT

Hackers Break Into Car Sharing App, 8.4 Million Users Affected

Hackers claim 64 million leaked T-Mobile records, but it denies breach - here's what customers need to know

Hackers claim attack on Scania, website down for maintenance

Hackers force 100-year-old German napkin manufacturer into insolvency

Hackers impersonating US government compromise email account of prominent Russia researcher

Hackers Leak Data of 10,000 VirtualMacOSX Customers in Alleged Breach

Hackers switch to targeting U.S. insurance companies

Hacktivists Strike Within Minutes of Israel Missile Attacks on Iran Nuclear Sites

Keyless Entry Vulnerability (CVE-2025-6029) Threatens KIA Vehicles in Ecuador, Researcher Reports

Kraken: Your worst crypto nightmare isn’t a hacker, it’s you

Locked Out and Held for Ransom: A City's Battle Against Cybercrime

Major Israeli Energy Companies Delkol and Delek Allegedly Breached by Handala Hacker Group

Massive data breach at Adecco sparks major fraud trial in France involving 72,000 victims

Moreno Valley, California, Schools Report Data Breach

Moser Engineering and SPG Construction Allegedly Targeted by Qilin Ransomware

‘Multiple Intrusions’ In US Likely Linked To Infamous Hacker Group

Names, phone numbers and...: Zoomcar says hacker accessed personal data of 8.4 million users

Nasdaq-traded Zoomcar discloses data breach affecting 8.4M users in India

New Anubis ransomware can encrypt and destroy data, making file recovery impossible

North Korean APT Hackers Target Ukrainian Government Agencies to Steal Login Credentials

Over a Third of Grafana Instances Exposed to XSS Flaw

Phishing In Crypto: How To Stay Secure While Trading Online

Phishing Test For Companies: Why Every Business Needs Realistic Simulations To Combat Social Engineering

Proofpoint pitches human-centric cyber defence against AI-generated phishing

PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments

Radford City, Virginia, Schools Hit by Cyber Attack

Ransomware group uses virtual machine as invisibility cloak

Records From 2024 AT&T Data Breach Are Once Again For Sale On The Dark Web

Report Links Los Pollos and RichAds to Malware Traffic Operations

Scattered Spider has moved from retail to insurance

Sensata Technologies discloses data breach due to ransomware

SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles

SK Telecom restarts eSIM subscriptions after data breach

SK Telecom to resume eSIM subscriptions after data breach pause

SK Telecom to resume new eSIM-based subscriptions starting Monday following data breach

T-Mobile Denies Massive Data Breach Affecting 64 Million Customers

TBN Israel Allegedly Hacked by Handala Hacking Group

Tenable Fixes Three High-Severity Flaws in Vulnerability Scanner Nessus

Texas Department of Transportation (TxDOT) Data Breach Exposes Nearly 300,000 Crash Reports

The data sovereignty challenge in Europe

The Growing Cyber Risks from AI - and How Organizations Can Fight Back

'The Washington Post' Suffers Cyber Attack Targeting Journalists

These Crypto-Phishing Apps on Google Play Store Will Steal Your Earnings

This New Ransomware Can Irrevocably Destroy Your Files - Backup Now

This new ransomware could be deadly for your most precious files - here's how to stay protected

Threat Actors Target Victims with HijackLoader and DeerStealer

U.S. Seizes $7.74M in Crypto Tied to North Korea's Global Fake IT Worker Network

US offering $10 million for info on Iranian hackers behind IOControl malware

Victoria’s Secret critical systems restored following cyber attack

Victoria’s Secret recovers from cyber attack, restores all critical systems

Virtual kidnapping scams prey on our worst fears

Washington Post Hacked - Multiple Journalists’ Email Accounts Compromised

Washington Post hit with cyberattack

Washington Post investigating cyber attack on journalists, report says

Washington Post Journalists’ Microsoft Email Accounts Hacked

Washington Post's email system hacked, journalists' accounts compromised

WestJet Investigates Cyber-Attack Impacting Customers

WestJet probes cybersecurity incident affecting internal systems and mobile app

What Australia’s new ransomware payment reporting regime means for partners

Whole Foods supplier making progress on restoration after cyberattack left shelves empty

Why banks’ tech-first approach leaves governance gaps

YES24 apologizes for ransomware attack and plans customer compensation

YES24 co-CEOs apologize, pledge compensation over ransomware attack

YES24 faces security incident causing website and app outage

YES24 restores core services and announces compensation plan after ransomware attack

Zoomcar Data Breach Exposes Sensitive Details of 8.4 Million Users

Zoomcar discloses security breach impacting 8.4 million users

Zoomcar reveals major data breach exposing personal data of 8.4 million users

Posted by at
Labels: