Editor's Message

Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and PRiSM celebrated it's 2nd anniversary. Little did I know when I started both of these ventures just how much an impact they would have on my life and I'd like to thank each and everyone of you who have supported me over the years, with a special thanks to those individuals who have kindly shared their knowledge with me, and continue to do so. Thanks again for your support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC

Monday, 1 September 2025

Data Breaches Digest - Week 36 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 1st September and 7th September 2025.


2nd September

76% of CISOs Expect ‘Material Cyber-attack’ in the Next Year

80% of top World Liberty Financial (WLFI) holders cash out within hours as phishing threats loom

Absolute Dental Confirmed Data Breach Affecting Over 1.2 Million Individuals

Akira Ransomware Group Allegedly Breaches Automated Business Solutions and Genmark Automation

Another big name cyber attack victim as Jaguar Land Rover’s Halewood workers sent home following strike

Anthropic Reports Surge in Claude AI Misuse for Phishing and Ransomware

Atomic and Exodus Crypto Wallets at Risk from Deceptive npm Package

Australian AI use & phishing risks surge as data leaks climb

Austria’s Interior Ministry Hit by Sophisticated State-Level Cyberattack Affecting Emails

Azure AD Credentials Exposed in Public App Settings File

Brands face threat of new wave of data breach payouts

Can AI agents catch what your SOC misses?

Cloudflare blocks largest recorded DDoS attack peaking at 11.5 Tbps

Complexity and AI put identity protection to the test

Disruptions persist at ransomware-hit Pennsylvania Attorney General’s Office

Distraction is the New Zero-Day: The Human Risk We Keep Ignoring

Don’t worry, your Gmail accounts might be secure after all

Doncaster Council blasts "disappointing" data breach as Disclosure and Barring Service (DBS) data is hacked

DragonForce ransomware claims hack of Toowoomba Friendlies Society Dispensary

Google: Gmail is well protected, claims of security vulnerabilities are baseless

Google Addresses Misinformation About Alleged Gmail Data Breach Affecting 2.5 Billion Users

Google faces risk of data breach as hackers demand firing of two employees, Austin Larsen and Charles Carmakal: Who are they?

Google issues global security warning after Salesforce database hack

Google says Gmail security is ‘strong and effective’ following mass data breach rumors

Guard Your Crypto Assets: Phishing Scams and Solutions

Hackers Are Sophisticated & Impatient - That Can Be Good

Hackers are using the ‘classic EIP-7702’ exploit to snatch World Liberty Financial (WLFI)

Hackers demand Google's action: Scattered LapSus Hunters threaten information leak

Hackers threaten Google with data leak unless company fires two threat intelligence employees

Hackers Threaten Google with Ultimatum Following Data Breach Warning

Holders of Trump’s Crypto Token Targeted by Hackers in Phishing Exploit

How AI has changed ransomware negotiations

How to Secure Your Email Via Encryption and Password Management

“Invincible” hackers threaten Google, FBI over Salesforce attack investigations

Jaguar Cyber Incident "Severely Disrupts" Sales and Operations

Jaguar Land Rover cyber attack: was customer data stolen?

Jaguar Land Rover Cyber-attack Disrupting Production and Sales

Jaguar Land Rover hit by cyber attack

Jaguar Land Rover hit by cyber attack forcing production shutdown at UK plant

Jaguar Land Rover (JLR) hit by cyber attack hitting registration of new cars on new 75 plate day

Jaguar Land Rover hit by cyber-attack amid busy UK car sales

Jaguar Land Rover Hit by Major IT Security Incident, Adding to Growing Cyber Threats in Auto Industry

Jaguar Land Rover is hit by crippling cyber attack: Workers told to stay at home as production grinds to a halt

Jaguar Land Rover operations disrupted by cyber incident

Jaguar Land Rover production and retail hit by cyber attack

Jaguar Land Rover (JLR) production and sales 'severely disrupted' by cyber attack

Jaguar Land Rover (JLR) production and sales systems hit by cyber-attack

Jaguar Land Rover production severely hit by cyber-attack

Jaguar Land Rover (JLR) retail network ‘severely disrupted’ after cyber attack

Jaguar Land Rover says cyberattack ‘severely disrupted’ production

Jaguar Land Rover says production ‘severely disrupted’ by cyber attack

Jaguar Land Rover ‘severely disrupted’ by cybersecurity incident

Jaguar Land Rover (JLR) unable to register new cars due to cyber attack

Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE

Leaked ChatGPT Chats: Users Treat AI as Therapist, Lawyer, Confidant

Major automaker hit by cyberattack, says incident 'severely disrupted' operations

Major Dutch Flower Exporter D. Visser & Zonen BV Allegedly Breached – 28GB of Data for Sale

Malicious npm Package Masquerades as Popular Email Library

Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

Massive AT&T data breach claimed anew

Moscow reportedly hires hackers who breached city’s school system

Nevada Ransomware Attack Disrupts State Services for 8 Days, Sparks Federal Aid

New ScarCruft phishing campaign sets sights on academics

No, Google did not warn 2.5 billion Gmail users to reset passwords

Omani Email Server Exploited by Iran-Linked Hackers in Global Government Spy Campaign

OneDrive Exploited in Sophisticated Phishing Campaign Targeting Executives’ Corporate Credentials

OneDrive Phishing Attack Targets Corporate Executives for Credential Theft

Orange Belgium adds an additional check to number transfer process to prevent SIM swapping

Palo Alto Networks also targeted during Salesforce data heist

Palo Alto Networks Confirms Data Breach: Customer Data Stolen via Salesforce Instances

Palo Alto Networks Confirms Data Breach - Hackers Stole Customer Data from Salesforce Instances

Palo Alto Networks Confirms Data Breach via Compromised Salesforce Instances

Palo Alto Networks data breach exposes customer info, support cases

Palo Alto Networks disclose a data breach linked to Salesloft Drift incident

Palo Alto Networks, Zscaler and PagerDuty Hit in Salesforce Linked Data Breaches

Pennsylvania Attorney General Office says ransomware attack behind recent outage

Pennsylvania Attorney General says recovery continues after office refused to pay ransomware gang

Pennsylvania Attorney General’s Office Hit by Ransomware, Refused to Pay Hackers

Philippine Gaming Regulator PAGCOR Allegedly Breached – Database of Restricted Government Personnel Leaked

Prolific Russian ransomware operator living in California enjoys rare leniency awaiting trial

Ransomware surge and rising cyber threats put Asia, India on high alert

Researchers Warn of MystRodX Backdoor Using DNS and ICMP Triggers for Stealthy Control

SafePay Ransomware Allegedly Breaches M.D. Neal Engineering, Scott Schiff & Associates, Wilson At Law, USAI, The K Club, Oiwky, Waterford Surgical Center, Umweltprofis, and BTH CPA

Santa Fe County hack likely full of hot air

Silver Fox APT Exploits Signed Windows Driver to Deliver ValleyRAT

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

SK Telecom Fined US$96.9 million after Data Breach Hits 23 million Users

South Korean Banks Rely on AI to Fight Voice Phishing

Taiwan’s National Chung Shan Institute of Science and Technology (NCSIST) flags internal data breach

Tea Dating App Data Breach: 72,000 Images and Over 1 Million Private Messages

The AI Vulnerability Crisis is Coming - Can Defenders Catch Up?

The Salesloft Drift victim list keeps growing: Zscaler is the latest to confirm a breach, warning customers to remain wary of follow-up phishing attacks

“This is personal now:” Man fired after cyberattack wants Lapsus$ hackers to pay

Threat Actor Allegedly Sells Administrative Access to Crypto Exchange for $5,000

TransUnion data breach hits millions, but Gmail security reports are false

UK National Cyber Security Centre (NCSC) Supports Public Disclosure for AI Safeguard Bypass Threats

Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices

U.S. Immigration and Customs Enforcement (ICE) reactivates contract with spyware maker Paragon

US: CISA 2015 Safe Harbor at Risk as September 2025 Deadline Nears

US Immigration and Customs Enforcement (ICE) Reinstates Contract with Spyware Vendor Paragon

Vehicle production and retail operations impacted as Jaguar Land Rover (JLR) hit by cyber attack

Venus Protocol Paused After User Loses Over $13M in Phishing Scam, Crypto Scams Continue Surge

Venus Protocol pauses after user loses funds in suspected phishing attack

Venus Protocol suspends platform after phishing scam drains $27 million, XVS falls 6%

Venus Protocol Suspends Services After User’s $13.5M Phishing Loss

Venus Protocol Wallet Likely Hacked in $27M Phishing Attack

WhatsApp finds new hacking campaign targeting fewer than 200 people

WhatsApp, Apple warn of highly targeted attacks with zero-day vulnerability

World Liberty Financial (WLFI) Token Holders Lose Millions in New Ethereum Phishing Attack

Zscaler Confirms Data Breach – Hackers Compromised Salesforce Instance

Zscaler confirms Salesforce data breach linked to Salesloft Drift supply-chain attack

Zscaler Customer Data Allegedly Exposed via Salesloft Supply-Chain Attack

Zscaler Customer Info Taken in Salesloft Breach

Zscaler Data Breach: Lessons Learned About the Evolution of SaaS Threats

Zscaler Data Breach Exposes Customer Info in Supply-Chain Attack

Zscaler Discloses Data Breach Following Salesforce Instance Compromise

Zscaler says it suffered data breach following Salesloft Drift compromise

Zscaler Suffers Data Breach: Supply Chain Attack Via Salesloft Drift

Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft breach

1st September

Adversary-in-the-middle phishing attacks surge globally in 2025

Alleged Sale of Chinese Government Network Access Surfaces Online

Amazon disrupts Russian APT29 hackers targeting Microsoft 365

Amazon Disrupts Russian APT29 Watering Hole Targeting Microsoft Authentication

Amazon Stops Russian APT29 Watering Hole Attack Exploiting Microsoft Auth

American Association of Critical-Care Nurses (AACN) Data Breach Impacts its Payment System: 57,526 Individuals Affected

Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans

AT&T Allegedly Breached - Threat Actor Claims Live Access to Core Infrastructure of 24 Million Subscribers

Authenticated Attackers Could Exploit IBM Watsonx Vulnerability to Access Sensitive Data

Beware Of Efimer Trojans Targeting Organizations With Phishing Emails

Boards are being told to rethink their role in cybersecurity

Bridgestone Americas confirms cyber attack at some facilities

Credit Bureau TransUnion Hit With Data Breach Affecting 4.4 Million People

Critical TP-Link Zero-Day Vulnerability Exposes Millions of Routers to Full System Takeover

Cunningham Group Data Breach Exposes Social Security Numbers

Cybercriminals Exploit Online Ads to Breach Hotel Property Management Systems in Sophisticated Phishing Campaign

Cybercriminals Eye 2026 FIFA World Cup – Malicious Domains Registered for Impending Attack

Cybercriminals Turn Trusted Email Platforms Into Phishing Weapons

Cybersecurity signals: Connecting controls and incident outcomes

Cyble Report Warns of Rising Ransomware Threats in India, Asia

Data Breach at American Association of Critical-Care Nurses Exposes Information of Nearly 60,000 Customers

Data breach at Clinical Diagnostics bigger than anticipated, 850K patients affected

ESET discovers PromptLock, the first AI-powered ransomware

Fake DocuSign emails spoof Apple Pay charges

Fresh AT&T data breach could impact 24M users, hackers claim

From MFA Adoption to Phishing Resilience: Your Hybrid Work Security Metrics Playbook

Global Hotels on Alert: Hackers Hijack Google Ads to Steal Hotel Logins in New Cyberattack

Google Confirms Gmail Data Breach Warning Is Fake News

Google debunks claims of major Gmail security alert

Google Sends Out Urgent Warning: 2.5 Billion Gmail Users Exposed

Google Urges 2.5 billion Gmail Users to Act Now After Salesforce-Related Data Breach

GPS jamming attack hits President of the European Commission Ursula von der Leyen’s plane, Russia suspected

Hacker suspected of trying to cheat his way into university is arrested in Spain

Hackers Abuse Legitimate Email Marketing Platforms to Disguise Malicious Links

Hackers are also going back to school - major campaign hijacks Google Classroom to hit targets

Hackers Are Now Exploiting Google Classroom in a Major Phishing Campaign

Hackers are using fake Zoom or Microsoft Teams invites to spy on all your workplace activity

Hackers Exploit Email Marketing Platforms to Deliver Hidden Malware

Hackers Exploit Google Classroom in Global Phishing Attack on 13,500 Organizations

Hackers Target Google Classroom in Major Campaign

Hidden Commands in Images Exploit AI Chatbots and Steal Data

High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users

Hiller Companies Data Breach Exposes Social Security Numbers

Homeland Security Purges Federal Emergency Management Agency (FEMA) IT Department Over Cybersecurity Breach

How AI is Shaping the Future of Cybersecurity for Business in 2025

How Construction Firms Avoid Ransomware Shutdowns

India Remains Among Top Targets Of Global Ransomware Groups

Kaspersky warns of phishing through fake university login pages targeting academia

Lotte Card confirms hacking attempt but denies data breach or ransomware infection

Major data breach at US credit card giant leaves millions of Americans at risk

Morocco Warns Gmail Users After Major Data Leak

National Cyber Security Centre (NCSC) stumbles upon new malware campaign involving PDF editors and manual finders

Nearly 70,000 people impacted in Carter Credit Union data breach

Nevada’s two-day shutdown shows how fragile state cyber defenses still are

New Large-Scale Phishing Attacks Targets Hotelier Via Ads to Gain Access to Property Management Tools

North Korea’s APT37 deploys RokRAT in new phishing campaign against academics

North Korea’s ScarCruft Targets Academics With RokRAT Malware

Orange adds SMS safeguards after Belgian data breach

Phishing Campaign Exploits Ads to Breach Hotel Property Management Systems

Play Ransomware Allegedly Breaches All States Materials Group, Vanderpool Construction, Juggernaut, and Arboris

Qilin Ransomware Allegedly Breaches Biotechnology Firm PathoQuest, Leaks 147GB of Data

Ransomware attack on IT supplier disrupts hundreds of Swedish municipalities

Ransomware Attack on Pennsylvania’s Attorney General Office Disrupts Court Cases

Ransomware attack targeting Pennsylvania attorney general leads to case delays, takes down some critical internal systems

Ransomware attacks surge across Asia: Cyble warns India’s critical sectors at risk

Report Details How Cybercriminals Are Exploiting AI for Extortion, Fraud, and Ransomware

Russia 'sabotages European leader's plane in cyber attack'

Russian cyber attack forces down EU chief's plane

Safepay Ransomware Gang Targets U.S. Department of Defense (DoD) Contractor Hardwick Tactical

Salesloft Attacks Target Google Workspace

Santa Fe County Government Website Source Code Allegedly Leaked Online

Scammer Spoofs a City Supplier, Steals $1.5 Million From Baltimore

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

Silver Fox Exploits Signed Drivers to Deploy ValleyRAT Backdoor

South Korea: Banks ramp up AI defenses as government moves to make them liable for voice phishing losses

South Korea to tackle phishing crimes as annual losses reach $575 million

South Korean banks enhance AI defenses to combat voice phishing

Supply-chain attack hits Zscaler via Salesloft Drift, leaking customer info

Sweden sees mass ransomware attack on major IT systems supplier

The UK Government under pressure over secret data breach review

Threat actor profile: Interlock ransomware

UK Government Leads Global Fight Against Ransomware with Public Sector Payment Ban

Unsecured Database Exposes 589,000 Telecom Customer Records in Mauritius

Western Sydney University provides update after 10,000 hacked in cyber incidents

What a hacker attack! President of the European Commission Ursula von der Leyen’s plane was the victim of an Electronic Warfare (EW) attack

WhatsApp Patches Zero-Day, Zero-Click Flaw

WhatsApp urges all iPhone users to download 'critical' update to avoid cyber attack

When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider

Zscaler data breach exposes customer info after Salesloft Drift compromise

Posted by at
Labels: