As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 13, 2025
Information security updates and events from the past week
1 – Sydney Tools: Personal details of Australian chain’s customers and employees exposed
Australia’s largest tool chain, Sydney Tools, has accidentally exposed a database containing sensitive information on more than 34 million customer orders and thousands of employee records.
Scope of the leak:
– 34 million records of online customer orders
– About 5,000 records of company employees (probably including former employees)
– The leak was discovered in early February 2025 but remained open despite attempts to warn
The information exposed about customers:
– Full names of buyers, private email addresses, exact residential addresses, personal phone numbers, details of products purchased
The information exposed about employees:
– Full names, exact branches of the transaction, salaries, personal sales targets
“The information leaked from the company could be used by attackers to commit tool theft, which is a surprisingly common crime, as well as for well-known cybercrimes such as identity theft, phishing scams or targeted spam,” explained the researchers who discovered the leak.
The most significant danger is that attackers could exploit the information to create Targeted scams, for example, by sending messages that mention specific tools that customers have recently purchased, thereby increasing the chances of phishing attacks succeeding.
2 – NYU website hack: Personal information of 1 million students exposed
A hacker took over the New York University (NYU) website over the weekend, exposing personal information of more than 1 million students and applicants.
Incident details:
– On Saturday, the hacker replaced NYU’s homepage with charts and links to large databases
– The information included classified test scores
– The hacker claimed that personal identifiable information had been removed, but security experts found that the information was not properly secured
– The leak exposed personal information of more than 1 million people
The information exposed:
– Full names, addresses, phone numbers, GPA, email addresses, scholarship information and financial status.
– The university newspaper reported the exposure of information on 3 million applicants, including test scores, subjects and zip codes, with information going back to 1989
3 – Huge hack at Spanish electricity company: Information on millions of customers exposed
A hacker calling himself “AgencyInt” claims to have broken into the databases of Spanish electricity and gas company Endesa, one of the largest energy companies in Europe, and stolen sensitive information on tens of millions of customers.
Scope of the hack:
– 30.6 million electricity customers affected
– 8.6 million gas customers affected
Types of information exposed:
– Full names of customers, ID numbers, telephone numbers, email addresses, residential addresses, bank account numbers, delivery point codes (CUPS), consumption data, billing details and debts
4 – Malaysia’s KLIA International Airport suffers from a ransomware attack.
The attackers are demanding a $10 million ransom.
The Malaysian prime minister has announced that they are refusing to pay the ransom.
“There is no way the country will be safe if we give in to criminals’ ultimatums…”
An investigation by an aviation news channel director shows no disruption to airport operations following the attack
5 – Union County, Pennsylvania, reports that it has suffered a ransomware attack that has hit Semper Systems.
An initial investigation indicates that personal information, including Social Security numbers and driver’s licenses, was stolen, primarily from law enforcement, legal affairs and businesses in the county.
The county reported the incident to federal authorities and hired cyber experts to restore the systems.
No ransomware group has claimed responsibility for the attack at this time.
6 – Ukraine’s national railway company, Ukrzaliznytsia, reports a widespread cyberattack that began on March 23.
The attack disrupted the company’s online ticketing systems, including the app for purchasing tickets. At this stage, trains continue to operate as usual, but tickets are purchased only at stations.
The company said that this was a complex attack, and various teams are working to restore the systems in cooperation with the Ukrainian Security Service (SBU).
Ukrzaliznytsia stressed that train traffic was not affected.
7 – Astral Foods, one of the largest poultry producers in South Africa, reports a cyberattack that occurred on March 16 and disabled the company’s processing and distribution systems.
The attack caused significant operational damage, and the company estimates that it suffered losses of about 20 million rand (about $1.1 million) due to production interruptions and recovery costs.
8 – The University of Notre Dame in Australia reports widespread disruptions following a ransomware attack that began in January.
The attack affected extensive services at the university, and students are complaining that there are no internet services, printing services, access to the student portal, and more.
There have been claims online that lecturers are not even receiving their salaries due to the attack, but the university denies this and claims that salaries are paid on time.
The Fog ransomware group claimed responsibility for the attack, claiming to have stolen 62.2 gigabytes of data.
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.