As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 6, 2025
1 – The Wirral University Teaching Hospitals (WUTH) in England reports a delay in providing treatments following a cyber-attack that began two and a half months ago.
The attack began on November 24, but a document published this week states that the attack is still affecting the care that patients receive and that the impact will continue for months to come.
According to the report, patients are supposed to receive initial treatment within 62 days of the diagnosis of the disease, but following the attack, initial treatment is extended to 100 days or more, with more than 170 patients waiting in line. A record number at the hospital.
The document also shows that so far, the hospital has invested approximately $3.7 million in dealing with the attack, but this is an amount that is likely to increase over time.
2 – The food delivery company GrubHub reports a data leak following a hack of a third-party provider with which the company works.
The company reports that the attackers managed to steal user details, including names, email addresses, 4-digit credit card numbers and more.
3 – Yazoo Valley, a Mississippi, USA, electricity provider, reports a leak of customer information.
The incident occurred in August last year, but at the time the company defined the incident as a technical glitch.
Now the company is updating it in a letter that it is publishing that the technical glitch was actually a ransomware attack in which the Akira group stole information from about 20,000 customers.
4 – Casio UK reports that attackers managed to plant malicious code in the company’s online store that steals customers’ credit information.
The malicious script was on the site for ten days (January 14-24), so any customer who made a purchase on the company’s site between these dates should assume that their personal information and the credit card information they entered on the site were stolen by the attacker.
https://www.securityweek.com/casio-confirms-data-breach-as-ransomware-group-leaks-files/
5 – Mizuno USA, a sportswear company, reports that sensitive information was stolen from its network.
The company reports that an attacker was on the company’s network for over two months, without being detected, while stealing a lot of information.
The Bianlian Group took responsibility for the attack, posting Mizuno USA as a victim on the leak site.
If two months on the network is not embarrassing enough, then I remind you that in February 2022 the company was attacked by a ransomware attack that affected its ongoing operations, so this is a second ransomware attack
6 – TATA Technologies Group, which employs thousands of employees around the world, reports that it was attacked by a ransomware attack.
The group publishes a report to the Indian Stock Exchange and states that some of the company’s systems were briefly disabled but there is no impact on customers.
The company does not specify whether it paid a ransom and how it quickly returned to normal. At the same time, none of the ransomware groups claimed responsibility for the attack, which could indicate that a ransom was paid.
7 – Operation Heart Blocker – Law enforcement agencies from the US and the Netherlands have shut down a Pakistani attack network that was used by various groups for phishing attacks, etc.
The joint operation took down and seized 39 domains and servers that took part in a network called HeartSender and assisted in phishing attacks that resulted in millions of dollars being stolen.
8 – Globe Life Insurance Company Notifies 850,000 People of Data Breach
Globe Life Insurance Company is notifying 850,000 people of a data breach that may have involved their personal, health and insurance information.
The data breach, Globe Life told the Securities and Exchange Commission in October 2024, was discovered after a threat actor attempted to blackmail the company, demanding a ransom payment in exchange for not publishing the stolen information.
The compromised data, the company says, belongs to leading customers, and was apparently taken from its subsidiary American Income Life Insurance Company.
According to Globe Life, the information compromised included names, addresses, dates of birth, social security numbers, email addresses, phone numbers, health information and insurance policy information.
The insurer said at the time that about 5,000 people may have been affected, and that credit card data, banking information and other financial information were not compromised.
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.
