Editor's Message

Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and PRiSM celebrated it's 2nd anniversary. Little did I know when I started both of these ventures just how much an impact they would have on my life and I'd like to thank each and everyone of you who have supported me over the years, with a special thanks to those individuals who have kindly shared their knowledge with me, and continue to do so. Thanks again for your support. Stay safe. :)


“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC



Monday, 30 June 2025

Data Breaches Digest - Week 27 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 30th June and 6th July 2025.


1st July

International Criminal Court hit by cyber attack

‘Sophisticated’ cyber attack contained, says International Criminal Court

Swiss government confirms cyber attack on health foundation

30th June

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Aflac Suffers an Apparent Scattered Spider Cyber Attack, Exposing Extensive Sensitive Information

Ahold Delhaize Confirms Data Breach of 2.2M amid INC Ransomware Claims

Ahold Delhaize data breach affected over 2.2 Million individuals

Ahold Delhaize Data Breach Affects Over 2 Million People

Ahold Delhaize Data Breach Exposes Personal Information of 2.2 Million Shoppers

Ahold Delhaize Data Breach Impacts 2.2 Million People

Ahold Delhaize USA Confirms Data Breach Affected 2.2 Million People

AI is aiding sextortion schemes

Alleged Verizon data breach sees 61M customer records offered for sale

Android 16 will flag fake cell towers and warn users of potential spying threats

Apple ID, credit card details targeted by CapCut phishing

Are we securing AI like the rest of the cloud?

Austrian Crypto Giant Bitpanda Allegedly Breached – 5.4 Million User Data for Sale

Authorities crush cryptocurrency investment fraud ring

Bajaj Finserv Allegedly Breached – Sensitive Customer and Employee Data For Sale Online

Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks

BreachForums revival rumored as French police nab ShinyHunters

Canada Bans Chinese CCTV Vendor Hikvision Over National Security Concerns

Canada suspends Hikvision operations over national security concerns

Cartel hacker used an FBI agent’s phone to hunt informants

Chaos Ransomware Hits Optima Tax Relief, Leaks 69GB of Sensitive Data

CitrixBleed 2 might be actively exploited (CVE-2025-5777)

ClickFix fake error surges, spreads ransomware and other malware

Colombian Cybercrime Group Blind Eagle May be Connected to Russian Hosting Service Proton66

Cybercriminals steal health data posing as fraud investigators

Data breach at healthcare services firm Episource affects 5.4M

Data Breach May Have Exposed Health Records of 200,000 Ontarians, Investigation Underway

December data breach at Nth degree affects 40,000 people

'Disgruntled' British IT worker jailed for hacking employer after being suspended

Disgruntled employee takes revenge with cyberattack

Department of Justice (DOJ) raids 29 ‘laptop farms’ in crackdown on North Korean IT worker scheme

DragonForce Ransomware Empowers Affiliates with Modular Toolkit to Create Custom Ransomware Payloads

DragonForce Ransomware Equips Affiliates with Modular Toolkit for Crafting Custom Payloads

European Construction Giant Eiffage Allegedly Hit by Major Data Breach

Europol Dismantles $540 Million Cryptocurrency Fraud Network, Arrests Five Suspects

Europol helps disrupt $540 million crypto investment fraud ring

FBI Data Security Breach in Mexico Led to Murders of Drug Informants

FBI warns about fraudsters posing as health insurers

FBI warns infamous cybercriminal group 'Scattered Spider' is targeting US airlines

FBI; CMS Issue Warning About Fraud and Phishing Attempts on Healthcare Orgs

Food Retailer Ahold Delhaize Discloses Data Breach Impacting 2.2 Million

Fraudsters behind €460 million crypto scam arrested in Spain

Germany asks Google, Apple to remove DeepSeek AI from app stores

Glasgow City Council Warns of Parking Fine Scam

Glasgow City Issues Alert Over Parking Fine Scam During Ongoing Cyber Attack

Got a Brother printer? It could have a critical security flaw - how to check and what to do next

Hacked Iranian crypto exchange Nobitex returns, exploit linked to spying

Hacker for El Chapo helped boss hunt and kill FBI informants

Hacker group targeting US airlines, FBI says

Hacker pleads guilty to breaching company networks to pitch his own services

Healthcare Hacker Facing Extradition to US and Up to 50 Years in Jail

Hikvision Canada ordered to cease operations over security risks

How 2 Ransomware Attacks on 2 Hospitals Led to 2 Deaths in Europe

Hungryroot Allegedly Breached – Over 1.1 Million User Data for Sale

India: Government strengthens cybercrime crackdown as cases surge nationwide

International Criminal Court contains ’sophisticated’ cyber attack

International Criminal Court hit with "sophisticated" cyberattack

International Taskforce Dismantles €460m Crypto Fraud Network

Iran-linked hackers may target US firms and critical infrastructure, US government warns

Iranian Cyber Threats Persist Despite Ceasefire, US Intelligence Warns

IT Worker Jailed After Revenge Attack on Employer

Leveraging Credentials As Unique Identifiers: A Pragmatic Approach To Non-Human Identity (NHI) Inventories

Lockton flags rising ransomware risks for Australian businesses

Los Angeles LGBT Center Allegedly Hit by Data Breach

Major Ukrainian Investment Firm Dragon Capital Allegedly Breached

Marketing Firm Tenacious Marketing USA Allegedly Breached – 414,000 Records for Sale

Massive data breach at Hannaford parent company affects over 95,000 Mainers

Median Ransom Now $1M, But 53% Paid Less Than Asked

Mexican cartel hackers used FBI agent’s phone and public cameras to track down and kill informants

Mexican drug cartel hacker spied on FBI official’s phone to track and kill informants, report says

Microsoft Defender for Office 365 now blocks email bombing attacks

Millions of Android, iPhone Users Could Be Sending Data to China

More than 25% of UK businesses hit by cyber-attack in last year, report finds

Myrtue Medical Center investigates major cyberattack linked to "Worldleaks" threat group

New Iranian phishing attacks take aim at Israeli tech experts

New Report Reveals Exploited Vulnerabilities as Leading Cause of Ransomware Attacks on Organizations

New Report Unveils Most of The Ransomware Attacks Targeting Organizations Via Exploited Vulnerabilities

New statutory instrument for Legal Aid Agency following cyber attack

Nigeria ranks 3rd in Africa for ransomware threats

Nigeria ranks third in Africa for ransomware threat detections in 2024

Nordic’s largest Apple Premium partner breached, hackers claim

Norwegian Dam Valve Forced Open for Hours in Cyberattack

Notorious cartel hired hacker to use surveillance cameras, phone data to track and kill FBI informants, U.S. says

Notorious Hacker “IntelBroker” Charged in $25 Million Global Cybercrime Spree

Over 1,200 Citrix servers unpatched against critical auth bypass flaw

Owner Of Several Iowa Newspapers To Settle Lawsuit Over Data Breach

Pakistan’s National Citizen Database Allegedly Breached – 602 Million Records Leaked Online

Peoples Bank Data Breach Affects Personal and Financial Information

Popular TikTok video editor used in phishing scam – here’s how to stay safe

RansomHub Ransomware Attacking RDP Servers Using Mimikatz and Advanced IP Scanner Tools

RansomHub Ransomware Deployment Linked to Remote Desktop Protocol Password Spray Attack

Ransomware payment ban and businesses

Ransomware pressures and higher stakes for public sector risk management

Ransomware victims still paying, Sophos finds

Remcos RAT spread via hijacked school, small business accounts

Scattered Spider Actively Targeting Airlines, FBI Warns

Scattered Spider Attacking Tech Companies Using Phishing Frameworks Like Evilginx and Social Engineering Methods

Scattered Spider Targets Tech Companies with Phishing Frameworks like Evilginx and Social Engineering Tactics

Southwood Financial Data Breach Affects Borrowers

SquareX Reveals that Employees are No Longer the Weakest Link, Browser AI Agents Are

Supermarket giant admits 2.2 million people could be hit by worrying data breach - what to do if you're affected

Swiss nonprofit health organization breached by Sarcoma ransomware group

Switzerland says government data stolen in ransomware attack

Syrian IPTV Provider Allegedly Breached

Teen hacking group behind Marks & Spencer (M&S) cyber attack finds new target

The Scattered Spider hacker group has a new industry in its crosshairs

Third-party breaches double, creating ripple effects across industries

U.S. Agencies Warn of Rising Iranian Cyberattacks on Defense, Operational Technology (OT) Networks, and Critical Infrastructure

Unibail-Rodamco-Westfield Corporate Database Allegedly Leaked

US defense firms must ‘remain vigilant’ against Iranian cyber activity, agencies warn

US government takes down major North Korean ‘remote IT workers’ operation

Verizon users should be on their guard after post from hacker

Why 95% of phishing attacks go unreported in healthcare

Zurich non-profit hit by ransomware, Swiss federal data at risk