Welcome to DBD. Cybercrime is making headlines globally. Attacks on well-known brands and organizations are raising public awareness of the severity, frequency and impact of cyber attacks. Proving cybercrime is growing at an alarming rate, DBD has recorded more ransomware attacks this year than any other, and we continue to provide visibility of these in our 
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 3rd November and 9th November 2025.4th November
2025 Insider Risk Report - The Shift to Predictive Whole-Person Insider Risk Management
68,000 Australians caught up in Discord data breach
Akira Ransomware Hits General Micro Systems (GMS) and Palacios Marine Industrial (PMI)
Alleged University of Pennsylvania hackers release donor records, confidential memos following data breach
Anatomy of Tycoon 2FA Phishing: Tactics Targeting M365 and Gmail
Australian businesses are overconfident when it comes to ransomware preparedness
Beverly Hills Oncology Medical Group reports data breach exposing patient information
BlueEast Data Breach Exposes Company Source Code
Breach of Trust: Former Employees of Cybersecurity Companies Indicted for Links to ALPHV BlackCat Ransomware
China-Linked Hackers Target Cisco Firewalls in Global Campaign
Critical React Native CLI Flaw Exposed Millions of Developers to Remote Attacks
Cyber Defenders Turned Attackers: Inside the BlackCat Indictments
Cybercriminals exploit Remote Monitoring and Management (RMM) tools to steal real-world cargo
Cybercriminals have built a business on YouTube’s blind spots
Cybersecurity experts accused of carrying out their own attacks using dangerous ransomware
Data disasters and human error
DeFi Protocol Balancer Loses Over $120 Million in Cyber Heist
Department of Justice (DOJ) indicts DigitalMint and Sygnia employees for orchestrating ransomware attacks
DragonForce Cartel Emerges as Conti-Derived Ransomware Threat
European authorities dismantle €600 million crypto scam network
Family-Led Voice Phishing Gang Arrested in Cambodia
Financial services can’t shake security debt
Florida residents lost $118 million to data breach scams in 2024
Former Cyber-Security Employees Accused Of Hacks
Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware
Genea faces representative complaint over data breach impacting hundreds of IVF patients
Google's AI 'Big Sleep' Finds 5 New Vulnerabilities in Apple's Safari WebKit
Hackers caught hiding malware instructions and data in OpenAI accounts
Hackers exploit critical auth bypass flaw in JobMonster WordPress theme
HeiTech Padu Berhad Hit by Devman Ransomware Attack
How to prep your company for a passwordless future - in 5 steps
Iconic Italian newspaper accidentally exposes its own readers
Identity Is Now the Top Source of Cloud Risk
India: 28-year-old cyber offender arrested from Noida
India: Hackers steal 50,000 CCTV clips from schools, hospitals, sell on porn sites
India: Income Tax Department Warns Taxpayers Against Fake Messages and Phishing Scams
Is spyware hiding on your phone? How to find and remove it - fast
Is your business ransomware ready?
LinkedIn Phishing Scam: Scammers Using This New Trick To Steal Your Credentials, Here's How To Stay Safe
LinkedIn Phishing Scam Targets Finance Leaders with Fake Board Invites
Louvre Heist Exposes Significant Security Flaws, Including an Obvious Surveillance Server Password
Microsoft Detects "SesameOp" Backdoor Using OpenAI's API as a Stealth Command Channel
Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed
MIT’s study on AI ransomware shows how fast research can be misleading
More than Half (58%) of Retailers hit by Ransomware Pay the Ransom
Nation-State Hackers Breach Ribbon Communications’ Network, Company Confirms
New LinkedIn Phishing Campaign Targets Finance Leaders to Steal Microsoft Credentials
NHS National Services Scotland acquires AI anti-ransomware platform
NHS Scotland Invests £3 Million in AI Anti-ransomware Software
North Korean hackers deploy new HttpTroy malware disguised as VPN invoice in targeted South Korea attack
OpenAI Assistants API Exploited in 'SesameOp' Backdoor
Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors
Police arrest suspects linked to €600 million crypto fraud ring
Ransomware and state threats surge in Europe
Ransomware attack exposes personal and health data at Sedgebrook senior living community
Ransomware Scandal Unfolds - Cyber Experts Accused Of Hacking Firms Across Four States, Demanding Crypto Payouts
Ransomware Surge and AI-Driven Threats Reshape Europe’s Cybersecurity Landscape
Report on AI-driven ransomware gave misleading picture
Retailers trace ransomware incidents to unknown security gaps as demands and payments rise
Rhysida gang now malvertising to people on Teams, Zoom, and PuTTy
Russia: FSUE RADON Database Leaked
Russian hackers abuse Hyper-V to hide malware in Linux VMs
Scattered Spider, ShinyHunters and LAPSUS$ Form Unified Collective
Sophos Report Finds More than Half (58%) of Retailers hit by Ransomware Pay the Ransom
South Korea: State mediation panel advises SK Telecom pay $208 per complainant over data breach
Space Bears Ransomware Hits DOVERN Import and Rios Espinosa
Stolen Police Logins Raise Flock Safety Surveillance Camera Security Concerns, 35 Customer Passwords Leaked
Swedish data protection authority launches investigation into massive data breach affecting 1.5 Million people
The DragonForce Cartel: Scattered Spider at the gate
The Future of Ransomware Defense: Why AI and Prevention-First Cybersecurity Are Critical for Insurers and Cyber Policyholders
The Real Cost of Cryptojacking
Three US Security Software employees indicted for spreading BlackCat Ransomware
Toys “R” Us Canada Data Breach Leaks Customer Information on the Dark Web
U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks
U.S. Prosecutors Indict Cybersecurity Insiders in BlackCat Ransomware Attacks
UK Cyber Resilience Advice ‘Too Bland’, Says Northdoor
UK sponsor licence holders warned of phishing scams
Ukrainian Extradited to the US Over Alleged Role in Conti Ransomware
Uncovering the risks of unmanaged identities
Union to ballot Police Service of Northern Ireland (PSNI) workers for strike action over data breach
University of Pennsylvania Investigates Alleged Data Breach Affecting 1.2 Million Records
University of Pennsylvania Reports Data Breach Involving 'Highly Offensive' Emails
University of Pennsylvania says it has called FBI over data breach
US Cybersecurity Professionals Indicted in Ransomware Scheme
US prosecutors say cybersecurity pros ran cybercrime operation
Visibility is not enough
Weaponized PuTTY and Teams Ads Deliver Malware Allowing Hackers to Access Network
3rd November
10.5 million people are affected by a massive data breach on the Internet
A new way to think about zero trust for workloads
AI ransomware panic - exposing the inflated “80%” claim
Alphalocker Hits Indian Auto Dealer AMPL & Austrian Bakery Unterkofler
Android users urged to delete hundreds of apps immediately in cyber attack warning
Android warning as hundreds of apps should be deleted after cyber attack
Beverly Hills Oncology Medical Group Data Breach Under Investigation
Beware - ransomware gang is tricking victims with fake Microsoft Teams ads
Beware of New Phishing Attack that Abuses Cloudflare and ZenDesk Pages to Steal Logins
Cargo theft gets a boost from hackers using remote monitoring tools
CEVA Logistics Hit by Coinbase Cartel Data Breach
CISA Alerts on CVE-2024-1086 Linux Kernel Exploit by Ransomware
CISA and NSA Outline Best Practices to Secure Exchange Servers
Conduent Confirms Massive Data Breach Exposing Personal Data of Over 15 Million
Conti Group Member Responsible for Deploying Ransomware Extradited to USA
Conti Ransomware Operator Extradited to the United States
Conti Suspect in Court After Extradition From Ireland
CrowdStrike report shows ransomware surging across Europe
Cyber scare: How India became top target for AI phishing scams
Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military
Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks
Cybercriminals Use Cloudflare and ZenDesk Pages in Sophisticated Phishing Attack
Cybersecurity reinsurers feel the strain of ransomware's rise
Cyble Detects Advanced Backdoor Targeting Defense Systems via Belarus Military Lure
Data breach claims hit HMRC after benefit suspensions
Data breach costs lead to 90% drop in operating profit at South Korean telecom giant
Department of Justice (DOJ) accuses US ransomware negotiators of launching their own ransomware attacks
Emerging Cyber Risks That Could Rival Ransomware In Impact
Employees keep finding new ways around company access controls
Enterprises are not prepared for a world of malicious AI agents
Europe’s phone networks are drowning in fake calls
Europe’s Ransomware Attacks Surge to Record Highs in 2024
European diplomats attacked via Windows zero-day vulnerability
Fake Solidity VSCode extension on Open VSX backdoors developers
Fallen Defenders: Ex-Cybersecurity Experts Charged in $10M Ransomware Scheme
Firms at risk as Japan struggles to keep up with cybercrime amid rise of ransomware
First test cases against Police Service of Northern Ireland (PSNI) over data breach to get under way
G. Hauswirth Architects Hit by DragonForce Data Breach
Gateworks Corporation Data Breach Exposes Partner Documents
Gerson & Schwartz Law Firm Hit by Pear Ransomware Attack
Global law enforcement plays catch-up with crypto criminals as gaps remain
Gmail update as account holders told to 'reset password' after huge data breach
Hacker claiming responsibility for scam University of Pennsylvania emails stole data from 1.2 million people
Hacker steals over $120 million from Balancer DeFi crypto protocol
Hackers are attacking Britain’s drinking water suppliers
Hackers Exploiting LinkedIn DMs in Major Phishing Campaign
Hackers Help Organized Crime Groups in Cargo Freight Heists, Researchers Find
Hackers leak alleged US gas station memos threatening staff
Hackers use Remote Monitoring and Management (RMM) tools to breach freighters and steal cargo shipments
Hacktivist Attacks on Critical Infrastructure Soar
Healthcare Data Breach Targets Medline Europe and Treasure Coast Cardiology
How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia
How Ransomware Attacks Leverage Cyber Insurance Policies
How Safe is AI for your Company? India’s Ransomware Reality
How this millionaire crypto hacker continues to freely cash out a year later
Hungary: Yet Another TISZA Party Data Breach Scandal - Blame the Russians and Orbán
Hypervisor Ransomware: The Hidden Board-Level Attack Vector
Is Not Paying a Ransom in Ransomware Attacks Self-Harm to Companies?
Jabber Zeus Developer ‘MrICQ’ in US Custody After Extradition from Italy
Japanese retailer Askul confirms data leak after cyberattack claimed by Russia-linked group
Kaspersky Flags Coinbase Phishing Scam Targeting Windows Users
Lawmakers ask Federal Trade Commission (FTC) to probe Flock Safety’s cybersecurity practices
Lawmakers say stolen police logins are exposing Flock surveillance cameras to hackers
Lawyers seek compensation for patients impacted by Genea fertility clinic data breach
Leak Site Ransomware Victims Spike 13% in a Year
LinkedIn Users Hit by Phishing Scam Offering Fake Executive Roles
Major Data Breach Affects Over 10 Million People Using Conduent Services
Malibu Boats Australia suffers ransomware data breach
Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive
Manufacturing production increases after Jaguar Land Rover (JLR) factory restart following cyber attack
Marks & Spencer (M&S) to share update on cyber attack recovery
Microsoft: Patch for WSUS flaw disabled Windows Server hotpatching
MIT Sloan quietly shelves AI ransomware study after researcher criticism
More than $100 million stolen in exploit of Balancer DeFi protocol
Nation-State Attacks Surging Across Europe, Warns CrowdStrike
Nearly half of Indian firms faced ransomware in 2024
New Dante Spyware Linked to Rebranded Hacking Team, Now Memento Labs
New Graphics Device Interface (GDI) Flaws Could Enable Remote Code Execution in Windows
New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea
NHS Scotland buys £3 million AI-powered anti-ransomware system
North Korean Hackers Caught on Video Using AI Filters in Fake Job Interviews
North Korean Kimsuky Deploys HttpTroy Backdoor in VPN Phishing Attacks
Nova Ransomware Group Lists University of Gävle and Castilla as Victims
OB-GYN Associates Confirms Data Breach Affecting Over 60,000 People
Oglethorpe, Inc. Data Breach Affects 92,332 Individuals
Ongoing Ransomware Attacks Exploit Critical Linux Kernel Vulnerability (CVE-2024-1086)
Philippine National Police (PNP) Strengthens Cybersecurity Ahead of Possible DDoS Attacks
Poland hit by major cyberattack as hackers steal loan customers' data
Poland probes major data breach targeting clients of online loan platform SuperGrosz
Police Service of Northern Ireland (PSNI) data breach cases begin at Belfast High Court
Police Service of Northern Ireland (PSNI) data breach cases to begin at Belfast High Court
Prepared for a cyber attack? The three questions that businesses must ask themselves
Proton Data Breach Exposes 300 Million Credentials on Dark Web Markets
Proton Warns of 300 Million Stolen Login Details Circulating on Dark Web
Purported hacker behind University of Pennsylvania’s fraudulent email claims to have grabbed donor data in attack
Ransomware attacks are hitting European enterprises at record pace
Ransomware Attacks Rise for the First Time in Six Months
Ransomware gang cracks the whip on US horse gear giant
Ransomware intrusions with old Linux kernel bug reemerge
Ransomware Negotiation Firm Rocked by Insider Cybercrime Scandal
Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data
Rhysida ransomware exploits Microsoft certificate to slip malware past defenses
Rogue ransomware negotiators accused of extortion attacks
Securing real-time payments without slowing them down
SEO Poisoning: How Microsoft’s Reputation is Under Attack from Rhysida Ransomware
SesameOp malware abuses OpenAI Assistants API in attacks
SIM farms expose weaknesses in telecom and authentication ecosystems
South Korea: Gangwon Police Arrest 114 in Cambodia Voice Phishing Gang
Study finds smarter way to train employees to thwart phishing scams
The cost of complacency: How India’s ransomware payments are funding the next attack
The Evolution of SOC Operations: How Continuous Exposure Management Transforms Security Operations
Think tank finds infrastructure ‘inadequately protected against sabotage and cyber threats’
Thousands fall victim to ransomware as European attacks reach record highs - here's why they're so at risk
U.S. Cybersecurity Professionals Charged With Running Ransomware Extortion Scheme
U.S.-based Sling TV to Pay $530,000 Settlement for Violating California Privacy Law
University of Pennsylvania says it has called FBI over data breach
US Appeals Court lowers burden of proof for data breach lawsuits
US cybersecurity experts indicted for BlackCat (ALPHV) ransomware attacks
US government warns Linux flaw is now being exploited for ransomware attacks
US Traces Ransomware Attacks to 2 People Working for Cybersecurity Firms
Vexels Data Breach Exposes 820K Users
Vibra Hospital of Southeastern Massachusetts Data Breach: SSNs Exposed
Victorian Chemical Hit by RansomHouse Ransomware Attack
Warning As Google And Microsoft Calendar Hack Surge Confirmed
Western Australia law firm confirms cyber attack following ransomware claims
Windows Graphics Device Interface (GDI) Flaws Expose Systems to Critical Threats, Including RCE and Data Leaks
YouTube ‘Ghost Network’ Spreads Infostealer via 3,000 Fake Videos
