As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 1, 2025
1 – Information on approximately 800,000 vehicles was leaked from Cariad, a company that provides various technological services to automotive companies.
The information was stored in a database that contained several weaknesses that provided access to unauthorized parties in various ways.
The information contained the real-time locations of hundreds of thousands of vehicles, including police vehicles, vehicles of government officials, politicians, and more.
2 – Cyberattack on the US Treasury Department
Hackers supported by China managed to break into the Treasury Department’s systems through an external cybersecurity service provider (BeyondTrust).
The attack allowed access to unclassified information and employee workstations.
The attackers used a stolen access key to bypass security mechanisms. The BeyondTrust service was disabled immediately after the hack was detected.
The attack was investigated by the FBI, CISA, and security experts Cyber, currently, there are no signs of continued access or theft of additional information, a detailed report will be published in 30 days.
A spokesman for the Chinese embassy claimed that the allegations were baseless and called on the US to refrain from speculation.
The attack is part of a wider cyber campaign, “Salt Typhoon”, in which Chinese hackers are targeting critical American networks.
3 – Cyber-attack on the websites of the Italian Foreign Ministry and airports in Milan
The cyber-attack did not disrupt airport operations, but mainly affected passengers trying to check the status of their flights.
Regarding the websites of the Italian Foreign Ministry and several other sites that were temporarily unavailable due to a DDoS attack
A Russian group called NoName57 is responsible for this attack, it also attacks Israeli sites daily, but it doesn’t really have an impact
4 – Volkswagen data breach: Data of 800,000 electric vehicle owners leaked
Volkswagen accidentally exposed the personal information of 800,000 electric vehicle owners, including their location data and contact details.
The breach, which occurred due to a misconfiguration in the systems of Cariad, Volkswagen’s software subsidiary, left sensitive data stored in the Amazon cloud publicly accessible for months.
The information exposed included precise GPS data, which allowed detailed movement profiles of the vehicles and their owners to be created.
This breach not only compromised the privacy of citizens, but also affected high-profile individuals such as politicians, business leaders, and law enforcement officers.
The breach was discovered by Chaos Computer Club (CCC), a German hacker group known for its ethical hacking methods. The CCC immediately notified Volkswagen of the vulnerability, allowing the company to address the issue before it could be exploited maliciously
5 – Cyberattack hits Japan Airlines, delays ticket sales
A cyberattack hit Japan Airlines (JAL) on Thursday, the attack began at 7:24 a.m. and affected internal and external systems.
The Associated Press reported that the attack knocked out routers, causing system failures and the suspension of ticket sales for departures on Thursday.
The cyberattack caused delays of more than 30 minutes for 24 domestic flights.
JAL’s systems are back in full operation after the attack.
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.
