Editor's Message

Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and PRiSM celebrated it's 2nd anniversary. Little did I know when I started both of these ventures just how much an impact they would have on my life and I'd like to thank each and everyone of you who have supported me over the years, with a special thanks to those individuals who have kindly shared their knowledge with me, and continue to do so. Thanks again for your support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC

Monday, 25 August 2025

Data Breaches Digest - Week 35 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 25th August and 31st August 2025.


25th August

20 Year Old Hacker Gets 10 Years in Prison & $13 Million Fine

91% of Teens Use Generative AI

1,369 indigenous firms face Nigeria Data Protection Commission (NDPC) probe over data breach

Agentic AI Browsers Exploited by “PromptFix” Trick Technique

AI meets zero trust: Security's power duo

AI Phishing is here! ChatGPT, click here now to avoid losing access!

Akira Ransomware Group Allegedly Breaches Canadian Distributor Colabor

Android malware disguised as an antivirus targets Russia

Another Data Breach Exposes Over One Million Customers – Here is How to Protect Yourself

Apple sues former employee for stealing company secrets

Aspire Rural Health System Data Breach Impacts Nearly 140,000

At least $3 Million lost in crypto phishing attacks over the weekend

Chinese Developer Jailed for Deploying Malicious Code at US Company

Chinese Hacker Jailed for Deploying Kill Switch on Ohio-based Key Company’s Global Network

Chinese hacker reportedly admits to charges in 38 Billion KRW fraud involving BTS' Jungkook's identity theft during military service

Chinese Hacker Sentenced for Kill Switch Attack on Ohio Firm’s Global Network

Chinese Hacker Sentenced for Planting Kill Switch in U.S. Company’s Global Network

Chip Programming Firm Data I/O Hit by Ransomware

CISA Issues Software Bill of Materials Draft, Encourages Public Comments

CISA Seeks Biden Era's Software Bill of Materials (SBOM) Minimum Requirements Guideline Change

ClickFix is Compromising Thousands of Devices Daily – Red Flags to Watch

“Coinbase Hacker” Crypto Wallet Buys $8 Million of Solana

Colt Acknowledges Cyber Attack Leading to Customer Data Exposure

Coordinated Action Takes Down Multiple African Cyber-Attack Operations

Credential harvesting campaign targets ScreenConnect cloud administrators

Critical Docker Desktop flaw lets attackers hijack Windows hosts

Crypto wallet labeled ‘Coinbase hacker’ buys $8 Million of Solana

Crypto wallet labeled ‘Coinbase hacker’ buys Solana worth $8 Million

Cybercriminals Exploit Cheap Virtual Private Servers (VPS) to Launch SaaS Hijacking Attacks

Cybercriminals Exploit SendGrid to Steal User Credentials in Latest Campaign

Data breach: Nigeria Data Protection Commission (NDPC) issues 21-day ultimatum to banks, others

Data Breach Turns Dating App Into Nightmare For 33,000 Women, Locations Exposed On Google Maps

Data I/O reports business disruptions in wake of ransomware attack

DaVita Confirms Data Breach Impacting 2.4 Million Patients

DaVita Data Breach Exposes Sensitive Information of Over 2.6 Million Patients

Electricity Authority of Cyprus (EAC) warns consumers over phishing emails about unpaid bills

Electronics manufacturer Data I/O took offline operational systems following a ransomware attack

ESXi Root and Domain Admin Access to Vietnamese Private Company Allegedly for Sale

Fake macOS help sites push Shamos infostealer via ClickFix technique

Fake macOS Help Sites Seek to Spread Infostealer in Targeted Campaign

Farmers Insurance Data Breach Impacts Over 1 Million People

Federal Trade Commission (FTC) warns US tech companies: “Be aware of weakening data security by foreign powers”

Finnish Technology Giant Exel Composites Allegedly Breached by World Leaks Ransomware Group

Georgia-Based Cleaning Service Spiffy Bin Allegedly Breached, Customer Data Leaked

Germany is prime target for dark web and ransomware attacks

Global Dialysis Provider Loses Millions of Details in Ransomware Hit

Global phishing campaign lures victims to release UpCryptor malware

Gmail Hidden Prompts Suggest Attackers Attempt AI Prompt Injection in Email Phishing Campaign

Google Breach Exposes 2.5 Billion Gmail Accounts to Phishing Attacks

Google Classroom Targeted in Ongoing Global Phishing Campaign

Google confirms one of the biggest data breaches for Gmail users — protect your account NOW

Google issues warning against China-linked hacker group that targeted diplomats

Hacker Behind Playboi Carti & Ariana Grande Music Leaks Sentenced to Prison

Hacker in BTS's Jungkook identity theft partially admits charges, police confirm

Hackers are looking to steal Microsoft logins using some devious new tricks - here's how to stay safe

Hackers Exploit Microsoft ADFS in Advanced Phishing for Credential Theft

Hackers Exploit SendGrid to Steal User Login Credentials in Latest Attack

Hackers launch cyber attack targeting Iranian fleet

Hackers Leverage Google Classroom for 115,000+ Phishing Emails Targeting 13,500+ Organizations

Hackers Leverage SendGrid in Recent Attack to Harvest Login Credentials

Hackers Use AI-Generated Summaries to Deliver Ransomware Payloads

How the U.S. Mail became a Data Breach

Indo-U.S. Agencies Dismantle Cybercrime Network Targeting U.S. Nationals

Iran’s IRGC Surveillance Database Allegedly Leaked – Exposing Monitoring of Activists

July 2025 Healthcare Data Breach Report

Malicious Android apps with 19 Million installs removed from Google Play

Maryland investigating cyberattack impacting transit service for disabled people

Massive Cyberattack Hits Italian Hotels: Tens of Thousands of Passports Stolen and Sold on the Dark Web

Millions of gaming accounts exposed in 2024 data leaks

NASCAR announces data breach after cyberattack exposes sensitive information

National Public Data Relaunches Despite 2.9 Billion SSNs Breach

New crypto-targeting spear-phishing campaign detailed

Novel BQTLOCK Ransomware-as-a-Service (RaaS) operation examined

Off-the-shelf tools make life easier for phishing attackers

Pakistani E-Commerce Site Clicknget.pk Allegedly Breached – Over 36,000 Customer Records Leaked

PayPal Data Breach Exposes Information of Over 16 Million Users

Perplexity's AI-powered Comet browser leaves users vulnerable to phishing scams and malicious code injection - Brave and Guardio's security audits call out paid AI browser

Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads

Phishing gangs use split and nested QR codes to evade detection in new wave of ‘Quishing’ attacks

Phishing in the Classroom: 115,000 Emails Exploit Google Classroom to Target 13,500 Organizations

Phishing Links and Fake Officers: Army Jawans Lose Money in ‘Ayushman Bharat’ Scam - Cyber Threats Intensify

Phishing training is losing its lustre: why effectiveness is lower than the market promises

Qilin Claims ‘Moniz Silva International’ Data Breach, Accuses Company of Disregarding Customer Health

Ransomware attack confirmed by Data I/O

Ransomware Attack Hits Drug Research Firm Inotiv, Disrupts Operations, and Leaks Data

Ransomware attack on DaVita exposes data from 2.7 Million

Ransomware attack on healthcare giant DaVita

Ransomware attack volumes up nearly three times on 2024

Ransomware hack hit Orange Telecom, data published on dark web

Ransomware Hack Hits Orange Telecom, Data Published on Dark Web

Ransomware Surges as AI Drives New Cyber Threats

Report Surfaces Increased Number of API Security Issues Involving AI

ScreenConnect admins targeted with spoofed login alerts

Senator Ron Wyden calls for probe of federal judiciary data breaches, accusing it of ‘negligence’

Smart manufacturing demands workers with AI and cybersecurity skills

Southeast Asia A Hotspot For Illicit Services Peddling Phishing Kits, Ransomware, And Deepfakes

South Korea arrests suspected Chinese hacker accused of targeting BTS singer and other celebrities

Steps to Rebuild Identity After Cybercrime or Data Breach

Supermarket chain Auchan hit with cyberattack, again

The Quantum Countdown: Preparing Today for Tomorrow’s Encryption Crisis

Threat Actor Allegedly Sells Full Access to Major EU/US Online Training Platform

Threat Actors Use AI-Generated Summaries to Deliver Ransomware Payloads

Threat Actors Weaponizes AI Generated Summaries With Malicious Payload to Execute Ransomware

Transparent Tribe Targets Indian Government With Weaponized Desktop Shortcuts via Phishing

Uruguay’s Office of Planning and Budget and CERTuy Targeted in Alleged 170GB Data Leak

Wallet Linked To Coinbase Hacker Buys $8 Million Worth Of Solana

Why satellite cybersecurity threats matter to everyone

Why SIEM Rules Fail and How to Fix Them: Insights from 160 Million Attack Simulations

Wyong Rugby League Club listed by Qilin ransomware gang

Posted by at
Labels: