Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and 
Dentons Senior Analyst, Washington DC
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 8th September and 14th September 2025.9th September
Scammers Are Exploiting Apple Calendar to Send Phishing Emails (Again)
8th September
80% of ransomware attacks now use artificial intelligence
Account Profile Scam Targets PayPal Users
AI and Cybersecurity: A Double-Edged Sword in the Digital Age
AI moves fast, but data security must move faster
America’s second largest egg producer breached, claim hackers
Architecture Firm 10DESIGN Allegedly Breached - Database Leaked
Argo CD Security Flaw Rated 9.8 Leaves GitOps Repositories Exposed
Australian Authorities Expose Ransomware Gangs and Their Hidden Careers
Australian Authorities Uncovered Activities and Careers of Ransomware Criminal Groups
Banks strengthen defences against phishing
Canadian Education Platform Step2Education Allegedly Breached - Exposing Healthcare Client Data
Canadian investment platform Wealthsimple disclosed a data breach
Cephalus is coming! The ransomware group that attacks via DLL replacement
Chinese Group Accused of Using Fake U.S. Rep. Email to Spy on Trade Talks
Cloud Storage Full’ Phishing Scam: Tips to Stay Safe
Conti and LockBit dominate ransomware landscape with record attacks
Criminal group illegally opens 11,353 prepaid SIM cards for voice phishing
Crippling fallout from Jaguar Land Rover's cyber attack could 'go on for weeks'
Crypto Phishing Losses Surpass $12 Million, Driven by Ethereum-Focused Exploits
Crypto Phishing Scams Surge 72% - How to Keep Your Wallet Safe
Cyber Attack Disrupts Jaguar Land Rover EV Operations
Cyber defense cannot be democratized
Cybersecurity for real estate agents: Threats, tips & insurance
Data breach could set back Church of England redress
Data privacy and ransomware shape Australia and New Zealand (ANZ) cyber landscape
Ethereum phishing scams - $12M lost in August as EIP-7702 exploits surge
Fintech Firm Wealthsimple Says Supply Chain Attack Resulted in Data Breach
FortiGuard Labs Reveals High-Severity Phishing Campaign
Fortune Collective founder loses $1M worth of crypto in video phishing
GhostAction campaign steals 3325 secrets in GitHub supply chain attack
GhostAction Supply Chain Attack Compromises 3000+ Secrets
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies
Google Data Breach Achieved with Simple Technique
GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms
Hacker Drains $2.4M From Sui-Based Protocol
Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack
How the Salesforce breaches unfolded: root causes identified
Huge Birmingham school data breach after kids personal information leaked
Humanists.org Database Allegedly Breached – Data of 75,000 Members Leaked Online
iCloud Calendar-powered callback phishing scheme discovered
iCloud invitations used for PayPal phishing
Identity management was hard, AI made it harder
India: Quick Heal Exposes Phishing Sites and Fake Apps in KYC Scams
Indonesian Educational Non-Profit Onno Center Suffers Alleged Data Breach
Insider Threats Surge: What CISOs Must Know to Protect Their Organizations
Jaguar Land Rover (JLR) calls in security specialists and law enforcement to sort cyber attack
Jaguar Land Rover (JLR) cyber attack: Disruptions to continue into October
Jaguar Land Rover cyber attack could impact operations until October
Jaguar Land Rover extends shutdown after cyber attack
Jaguar Land Rover halts production after cyber-attack
Jaguar Land Rover in 'truly horrible position' following cyber attack
Jaguar Land Rover shuts production after major cyber attack
Jaguar Land Rover staff home for another day as company reels from cyber attack
Jaguar Land Rover Staff Stay Home After Cyber Attack
Kazakhstan oil giant denies cyberattack, says incident was 'planned' phishing drill
Killsec Ransomware Allegedly Breaches Nathan, Archer Health, GPS Trackit, Suiza Lab, GoTelemedicina, eMedicoERP, and MedicSolution+
Lazarus Group Deploys Malware With ClickFix Scam in Fake Job Interviews
LoveSac Discloses Data Breach After RansomHub Ransomware Attack
LunaLock Ransomware Attacking Artists to Steal and Encrypt Data
Luxembourg National Lottery suffers sports betting data breach
Lynx Ransomware Group Allegedly Targets Major US Egg Producer Rose Acre Farms
MostereRAT Phishing Campaign Leverages AnyDesk/TightVNC Targeting Windows Systems
MostereRAT Targets Windows Users With Stealth Tactics
MostereRAT Targets Windows, Uses AnyDesk and TightVNC for Full Access
Navigating the Digital Age: Cybersecurity Challenges in Family Law Practice
Nemo Protocol drained of millions in exploit
Nevada’s Division of Insurance (DOI) and Department of Motor Vehicles (DMV) continue to be impacted by a statewide ransomware attack
Northern Ireland: Businesses Warned Over Rise In Phishing Attacks
Novel PromptLock ransomware developed by New York University (NYU) researchers
npm Packages With 2 Billion Weekly Downloads Hacked in Major Attack
Nueces County provides update on cyber attack: Nearly $2M in losses, recovery efforts underway
Over 31K hit by South Carolina school district hack
Pakistan Launches Probe After Massive SIM Data Leak Hits Millions
Philippine Statistics Authority (PSA) warns public against phishing scams targeting National ID holders
Philippines’ Top Science Academy (NAST DOST) Allegedly Breached
Phishing scams surge with record losses in August
Ransomware in Revenue Cycle Management (RCM): Why Your Billing System Is an Overlooked Cybersecurity Risk
Qualys Confirms Data Breach – Hackers Accessed Salesforce Data in Supply Chain Attack
Qualys, Tenable Latest Victims of Salesloft Drift Hack
Qantas Airways Slashes CEO Bonus After Cyberattack Exposes 5.7 Million Customers
Qantas CEO pays the price for cyberattack
Qantas trims executive bonuses over data breach
Remote Access Abuse Biggest Pre-Ransomware Indicator
SafePay ransomware activity gains steam
Salesloft: March GitHub repo breach led to Salesforce data theft attacks
Salesloft Drift data breach: Investigation reveals how attackers got in
Salesloft Drift Incident Expands: Tenable Confirms Customer Data Breach
Salesloft says Drift customer data thefts linked to March GitHub account hack
SAP S/4HANA Users Urged to Patch Critical Exploited Bug
Seasonal phishing campaigns continue to target MSPs
South Korea: Cops bust crime ring that activated 11,000 SIM cards with foreigners' stolen identities
Tenable Confirms Data Breach – Hackers Accessed Customers’ Contact Details
Tenable Confirms Data Breach in Widespread Salesloft Supply-Chain Attack
Tenable Confirms Data Breach; Salesloft and Drift Compromise Contained, Salesforce Integration Restored
Tenable Data Breach Confirmed - Customer Contact Details Compromised
The Cyberthreats No One Talks About but Everyone Faces
These iCloud Calendar invites look legitimate but are tricky phishing attacks – here’s how to tell
Third-party data breach confirmed by Wealthsimple
UC San Diego study questions phishing training impact
University of Southeastern Philippines (USeP) upgrades cybersecurity after breach
US Probes Malware Targeting US-China Trade Negotiations via Email Impersonating Lawmaker
Venus Protocol Recovers $11 Million In Record Time
Venus Protocol returns $11 million in crypto to phishing victim
Venus Protocol Returns $11M to User Who Lost Funds in Phishing Scam
We’re inextricably tied to our tech, and cyberstalkers know it
Wealthsimple Confirms Data Breach After Supply Chain Attack
Wealthsimple Data Breach - User Information Leaked Online
Wealthsimple Data Breach Exposes 30,000 Users’ Social Insurance Numbers (SINs) and DOBs
Wealthsimple reveals data breach - users of financial firm warned to be on alert
WinRAR Zero-Day RCE Vulnerability Allegedly for Sale for $65,000
You Didn't Get Phished - You Onboarded the Attacker
Young hackers claim responsibility for Jaguar Land Rover cyber attack
Zero-Day in Sitecore Exploited to Deploy WEEPSTEEL Malware
