Data Breaches Digest - Week 34 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 18th August and 24th August 2025.

19th August

1.1 Million Users Data Exposed in Massive Allianz Life Data Breach

$2.8 Million Crypto Seizure from Ransomware Operator That Targeted Healthcare

85% of Organizations Approach Cybersecurity Reactively

96% of Manufacturers Plan to Invest in Cybersecurity Platforms

96,000 UK Police Bodycam Videos Lost After Data Transfer Mishap

280,000 customers' emails, phone numbers exposed in cyber attack on iiNet, TPG says

Algeria’s National Postal Service Algérie Poste, Allegedly Breached – User Data Leaked Online

Allianz Life Data Breach Affected 1.1 Million Records, Attributed to ShinyHunters Salesforce Social Engineering

Allianz Life Data Breach Affects 1.1 Million Customers

Allianz Life Data Breach Exposes Personal Data of 1.1 Million Customers

Allianz Life security breach impacted 1.1 million customers

Android Malware Exploits Fake Energy Subsidy Promises in India to Steal Financial Data

Android VPN apps used by millions are covertly connected AND insecure

Attacker “Patches” Vulnerability Post Exploitation to Lock Out Competition

Australia’s 2nd largest internet provider suffers data breach

Australia’s TPG Telecom confirms cyber incident in iiNet system

Australian ISP iiNet confirms data breach impacting more than 200k customers

Australian ISP iiNet Suffers Breach of 280,000+ Records

Austrian HR Software Giant Infoniqa Allegedly Breached by Warlock Ransomware Group

Bragg Hacked But Claims No Personal Information Affected

Brokerage Clients Targeted in ‘Ramp and Dump’ Scam – Mobile Phishing Surge

Canadian Financial Regulator Hacked, Exposing Personal Data from Member Organizations

ChatGPT Impersonator – PipeMagic Malware Leverages Windows Flaw to Unleash Ransomware

Chilean Energy Giant Lipigas Targeted in Alleged Data Breach

Citizen Lab Reports Hidden VPN Networks Sharing Ownership and Security Flaws

Clinical Diagnostics Pays Ransom After Hackers Steal 300GB of Data

Consumers have never been more exposed to cyber threats: peak body responds to iiNet data breach

Criminal Hackers Exploit Cisco Safe Links for Phishing Attacks

Crypto24 ransomware blends legitimate tools with custom malware to strike manufacturing, other sectors

Cyber attack exposes details of thousands of internet provider iiNet's customers

‘Cyber gangs’ are targeting small businesses, too: How to protect yourself

Cyberattack Exposes 280,000 iiNet Customers

Data breach at Allianz Life reportedly impacts 1.1 million customers

Data Security Incident at Colt Leads to Extended Disruptions of Key Services

DaVita Ransomware Attack Puts Nearly 1 Million Patients at Risk

Department of Justice (DOJ) Seizes $2.8 Million in Crypto From Zeppelin Ransomware Operators

Department of Justice (DoJ) Seizes $2.8 Million In Crypto Tied To Zeppelin Ransomware

Do you click on text message links? Here are 4.2 million reasons not to

Drug development company Inotiv reports ransomware attack to Securities Exchange Commission (SEC)

Fake Gmail Security Alerts Prompt Users to Reset Passwords via Email and Phone

Fake "I’m not a robot" CAPTCHAs might cost you your bitcoin

FBI seizes $2.8M from suspect responsible for Zeppelin ransomware attacks

February ransomware attacks hit record high as ThreatDown reports 25% annual surge

Flaw in Too-Trusting Lenovo Chatbot Could Have Let Hackers In

Google issues red alert as new cyber attack targets Gmail users using AI with ‘indirect prompt injections’

Hack at Allianz Life impacts 1.1 million customers, breach notification site says

Hacker Claims to Sell 15.8 Million PayPal Logins in Massive Data Dump

Hackers Exploit Cisco Secure Links to Evade Link Scanners and Bypass Network Filters

Hackers steal medical data of nearly half a million people in Netherlands

Hacktivism drives surge in ransomware attacks in Q2 2025

Huge internet provider hacked: 280,000 customers exposed

iiNet data breach exposes details of 280,000 customers in cyberattack

iiNet data breach exposes information of more than 280,000 customers

iiNet Hit by Major Data Breach – Details of 280,000 Customers Allegedly Compromised

India police arrest 18 in credit card fraud tied to TP data breach

Indonesian Web Development Firm WaitWhatWeb Suffers Alleged Data Breach

Inside the Australian Dark Web: What Hackers Are Selling About Your Business Right Now

Intel data breach: AI & Cybersecurity risks can result in huge financial and reputational loss

Intel data breach: employee data could be accessed via API

Iranian Job Portal Allegedly Breached – 3.67 Million Records for Sale

Legitimate Chrome VPN Extension Turns to Browser Spyware

Lockbit Linux ESXi Ransomware Variant Evasion Techniques, File Encryption Process Uncovered

Massive Allianz Life data breach details reportedly revealed

Massive Allianz Life data breach impacts 1.1 million people

Massive Intel data exposure: hacker harvests 270K employee data, gets a “thanks” for disclosure

Mastering AI Powered Phishing: How to Stay Ahead and Secure in 2025

Municipality of Miraflores, Peru Allegedly Breached Again

Nearly half of Americans still reuse passwords despite phishing risks

Network Access to South Korean Maritime Giant HMM Allegedly for Sale

New Android Attack Targets Indian Users with Free Electricity Subsidy to Install Malware

New Blue Locker Ransomware Attacking Oil & Gas Sector in Pakistan

New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code

New HTTP/2 DoS Vulnerability Prompts Vendor and Project Fixes

New York Business Council discloses data breach affecting 47,000 people

NoName targets Ukraine in spate of DDoS attacks before Trump-Zelensky meeting

North Korea-linked hackers target embassies in Seoul in new espionage campaign

Pharma firm Inotiv says ransomware attack impacted operations

Phishing campaign uses fake Microsoft apps to bypass Multi-Factor Authentication (MFA)

PipeMagic Malware Imitates ChatGPT App to Exploit Windows Vulnerability and Deploy Ransomware

Police Scotland urged to act after nearly 1,400 data breaches in three years

Proofpoint warns FIDO authentication can be bypassed by downgrade

Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution

Public Exploit Released for Critical SAP NetWeaver Flaw

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

Ransomware Attacks Surge 25% Year-over-Year as New Report from ThreatDown Reveals Alarming Global Expansion and Evolving Tactics

Ransomware attacks surge in South Korea, targeting YES24 and financial firms

Researcher downloaded the data of all 270,000 Intel employees from an internal business card website - massive data breach dubbed 'Intel Outside' didn't qualify for bug bounty

Russian hackers target Polish hydropower plant again

Saudi Arabian Tech Company DIGO Suffers Alleged Data Breach

Scattered Spider Adapts Tactics Tied to Ransomware Groups and Industry-Wide Cyber Attacks

Serial Hacker Behind High-Profile Website Defacements Jailed for 20 Months

Singapore issues critical alert on Dire Wolf ransomware targeting global tech and manufacturing firms

Som Mobilitat Suffers Alleged Data Breach – 4,000+ Clients Info For Sale

South Yorkshire Police Deletes 96,000 Pieces of Digital Evidence

The cybersecurity myths companies can’t seem to shake

This Clever Phishing Scheme Makes Fake Websites Look Legit

TPG Telecom Cyber Incident Exposes Thousands of Customers’ Data Through iiNet Breach in Australia

U.K. Government Drops Apple Encryption Backdoor Order After U.S. Civil Liberties Pushback

UK ‘agrees to drop’ demand over Apple iCloud encryption, US intelligence head claims

UK backs down in Apple privacy row, US says

UK Has Dropped Apple Backdoor Request, US Spy Chief Says

Unmasking the Secrets of Lockbit’s Linux ESXi Ransomware – Evasion Tactics and File Encryption Revealed

US spy chief says UK has dropped its Apple backdoor demand

WhatsApp Has Taken Out 6.8 Million Scam Accounts in 2025

Workday Confirms Data Breach After Social-Engineering Attack on Third‑Party CRM

Workday confirms data breach amid wave of Salesforce-linked cyberattacks

Workday Hit by Social Engineering Attack, Third-Party Data Exposed

Workday reports data breach, customer data safe

Workday suffers data breach

Yorkshire hacker jailed for cyberattacks on governments and businesses worldwide

18th August

25% of security leaders replaced after ransomware attack

43% of Australian ransomware victims pay criminals to recover their data

Academic Urology & Urogynecology of Arizona Data Breach Exposes Sensitive Personal Info

Accounting Firm Pays Feds $175K for HIPAA Ransomware Breach

After Ransomware Attacks, Microsoft Teams to Block Malicious Files

AI arms race fuels pharma fraud, ransomware, social scams

Air France and KLM breach tied to hacker group

Allianz Life data breach affects 1.1 million customers

Allianz Life Data Breach Exposes 1.1 Million Customers’ Personal Info

Almost 16 Million PayPal Credentials Leak Claim Sparks Security Concerns

Australian Consumer Watchdog Moves to Empower Encryption Upgrade for Card Payments

Blue Locker Ransomware Launches Targeted Attacks on the Oil and Gas Sector in Pakistan

Bragg Confirms Cyber Attack – Hackers Accessed Internal IT Systems

Bragg Gaming Group Confirms Cyberattack, Says No Customer Data Impacted

Bragg Gaming Group seeks to allay fears over data breach incident

Bridging the AI model governance gap: Key findings for CISOs

C-Suite Lessons From Joe Sullivan And The Uber Data Breach

Canada: House of Commons hit by data breach

Canada’s House of Commons Hit by Data Breach Exploiting Recent Microsoft Vulnerability

Casino gaming company Bragg says hackers accessed ‘internal computer environment’

Chinese APT Group Targets Web Hosting Services in Taiwan

ClickFix phishing links increased nearly 400% in 12 months, report says

Colt Customers Face Prolonged Outages After Major Cyber Incident

Colt forced to take services offline following apparent cyberattack

Colt in ransomware breach of Sharepoint servers

Colt struggles to get services up and running after ransomware attack

Colt Technology Services Hit by Ongoing Cyberattack, Services Disrupted

Colt Telecom investigating WarLock ransomware claims

Critical flaw plagues Lenovo AI chatbot: attackers can run malicious code and steal cookies

Cryptomining group Kinsing expands operations to Russia, researchers warn

Cybercriminals Get Smarter: Gen Digital’s Q2 2025 Threat Report Reveals Rise in AI-Driven Scams and Attacks

Cybercriminals hit Workday database, similar to attacks on Google and Cisco

Data breach alert: Workday confirms personal data stolen; hackers could access names, emails, and phone numbers

Data Breach at American National Bank & Trust Exposes Personal Information of Over 50,000 Individuals

Data Breach Exposed 3,700 Individuals, Including Afghan Troops, British Civil Servants

Department of Justice (DoJ) seized $2.8M in crypto from Ianis Antropenko, indicted in Texas and tied to the defunct Zeppelin ransomware

Department of Justice (DOJ) Seizes $2.8M Crypto from Alleged Zeppelin Ransomware Operator

Department of Justice (DOJ) Seizes $2.8M in Crypto from Zeppelin Ransomware Group

Department of Justice (DOJ) Seizes $2.8 Million, Indicts Alleged Zeppelin Ransomware Operator

Dutch lab paid off cybercriminals, but full-scale data leak looms

ERMAC Android malware source code leak exposes banking trojan infrastructure

Everything we know about the Workday data breach so far

Extremist hacker who defaced websites and stole data imprisoned

Fake ChatGPT Desktop App Delivering PipeMagic Backdoor, Microsoft

Fake Copyright Notices Drop New Noodlophile Stealer Variant

Ghana Postal Service Allegedly Breached – Database and System Access for Sale

Gmail Voicemail Phishing Scam Uses Malicious CAPTCHA on Fake Websites to Steal User Credentials

Gunra Ransomware Allegedly Breaches Seoul Guarantee Insurance and Seguros América

Hacker Offers to Sell 15.8 Million Plain-Text PayPal Credentials On Dark Web Forum

Hackers breach HR firm Workday - is it the latest Salesforce CRM attack victim?

Hacker who stole data from millions of Facebook accounts jailed for 20 months

Hackers threatening to leak more data stolen from Dutch laboratory

Hacktivists Breach North Korean Hackers Kimsuky and Expose Their Secrets Online

Health Plans Inc. Data Breach Exposes SSN in Massachusetts

How security teams are putting AI to work right now

HR Giant Workday Discloses Data Breach After Hackers Compromise Third-Party CRM

HR giant Workday discloses data breach amid Salesforce attacks

HR Giant Workday Got Hacked

HR giant Workday notifies customers of data breach after Salesforce cyberattack

HR giant Workday says hackers stole personal data in recent breach

HR Tech Giant Workday Suffers Data Breach via Third-Party Integration

Human resources firm Workday disclosed a data breach

IBM 2025 Cost of Data Breach Report Centers on Mounting AI “Security Debt”

International cyber attack is affecting hundreds of websites worldwide and in Israel

Iran 'hunting down British spies' on 'kill list' leaked to Taliban in Ministry of Defence (MoD) data breach

Israel: Identity of 'Ashkelon hacker' revealed after 8 years as extradition fight unfolds

Justice Department Seizes Over $2.8 Million in Cryptocurrency Linked to Ransomware Scheme

KawaLocker Ransomware Emerges in New Attack

Kirkpatrick Partners LLC Allegedly Suffers Data Breach – Exposing Information of 36,556 Users

Korean firms YES24, SGI, Welcome Finance endure ransomware attacks and data breaches

Lessons From a Major Cyber Attack on a City Government

Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks

Malicious URLs and phishing scams remain a constant threat for businesses - here's what can be done

Malicious URLs overtake email attachments as the biggest malware threat

Man Jailed for 20 Months After Compromising Millions of Accounts

Manpower Data Breach Hits 144K, Workday Confirms 3rd-Party CRM Hack

Manufacturing remains prime ransomware target in Q2 as new groups, state-aligned actors reshape industrial threat landscape

Medusa Ransomware Group Allegedly Breaches Florarte and Expert E-commerce GmbH

Microsoft launches investigation to see whether Israel is using Azure cloud service for mass surveillance

Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware

Millions of dollars in cryptocurrency has been confiscated as the Department of Justice (DoJ) cracks down on an infamous ransomware operator

Ministry of Defence (MoD) contractor data breach exposes thousands more Afghan nationals

Modular ‘PipeMagic’ backdoor used to deploy ransomware

Morocco’s Social Security Fund (CNSS) Allegedly Breached Again

Mower County, Minnesota, Notifies Residents After Cyber Attack

NATO Allegedly Breached – 15 Million Sensitive Military and Strategic Records Leaked Online

Nebraska man gets 1 year in prison for $3.5M cryptojacking scheme

Noodlophile infostealer is hiding behind fake copyright and PI infringement notices

Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures

Noodlophile Stealer Hides Behind Bogus Copyright Complaints

Orange Cyberattack Claimed by Warlock Hacking Group, Data Sample Leaked

Otter’s sneaky tool allegedly listens to users' meetings to train its AI models

Over $2.8M nabbed from suspected Zeppelin ransomware operator

Over 800 N-able servers left unpatched against critical flaws

Panera agrees to $2.5M settlement in data breach class action

PayPal breach exposed nearly 16 Million login credentials, hackers claim

Personal Info Leaked in South Carolina School Data Breach

Popular npm Package Compromised in Phishing Attack

Qilin dominates ransomware landscape amid rising attacks

Ransomware gang masking PipeMagic backdoor as ChatGPT desktop app

Ransomware is on the rise: Global cybercrime hits new highs

Rotherham hacker who stole millions of people's data jailed

Russian Furniture Retailer Mvvdemebel.ru Allegedly Breached – Full Customer Database Leaked Online

Safepay Ransomware Allegedly Breaches Godby Hearth & Home, Bateman Groundworks, TransElectric, Listgrove, and Alberta Industrial Controls

Serial hacker who defaced official websites is sentenced

Singapore Police Warn of YouTrip Phishing Scams Following S$16,000 in Losses

SMEs Need Robust Security Infrastructure to Support the National Ransomware Payment Ban

Someone's poking the bear with infostealers targeting Russian crypto developers

Spain’s Seguros Bilbao Allegedly Breached – 842,000 Citizens’ Data Leaked

Stop Blaming the User: One Weak Password Shouldn’t Kill a Company

Survey Reveals Top Challenges of Implementing Identity Security

Thailand police arrest SMS blasting scammers allegedly hired by Chinese boss

'Their Goal Is to Trick Employees': One of the Largest Job Application Software Companies in the U.S. Was Hacked, Exposing Personal Data

Thousands of Hotel Guests in Italy Targeted in Major Data Theft, Officials Confirm

Threat Actor Claims to Sell 15.8 Million Plain-Text PayPal Credentials

U.S. Law Enforcement Seizes INR 232 Crore in Cryptocurrency from Ransomware Suspect

UK sentences “serial hacker” of 3,000 sites to 20 months in prison

UK telco Colt suffers major ransomware attack claimed by Warlock gang

UK telecoms firm takes systems offline after cyber attack

US Seizes $2.8 Million From Zeppelin Ransomware Operator

USB Malware Campaign Spreads Cryptominer Worldwide

WarLock claims responsibility for Colt cyberattack, 1M documents for sale

WarLock Ransomware Attack Cripples Colt Services, Data for Sale

WarLock Ransomware group Claims Breach at Colt Telecom and Hitachi

Weak alerting and slipping prevention raise risk levels for CISOs

Welcome Financial Group lending unit suffers ransomware attack, internal documents exposed

Welcome Financial Group unit hit by ransomware attack

Workday Breached as Ransomware Group Seeks Salesforce Data

Workday Confirms Data Breach After Hackers Pose as Company Staff in Phone Calls to Steal Customer Contact Information

Workday Confirms Data Breach Following Social Engineering Attack

Workday Confirms Data Breach Tied to Salesforce Attacks

Workday Confirms Data Breach via CRM

Workday confirms data breach, contact info exposed by third party

Workday Confirms Third-Party Data Breach Exposing User Information

Workday CRM platform hit by hackers, suspected link to Salesforce attackers

Workday Data Breach: HR Giant Hit by Social Engineering Attack

Workday Data Breach Bears Signs of Widespread Salesforce Hack

Workday Data Breach Exposes HR Records via Third-Party CRM Hack

Workday hit by social engineering data breach targeting its CRM platform

Workday Latest Company Hit by Third-Party CRM Platform Breach

Workday Reveals CRM Breach

Workday Staff Fall to Social Engineering; Hackers Access Third-Party CRM Platform

XenoRAT malware campaign hits multiple embassies in South Korea