{"id":9690,"date":"2025-03-31T10:01:01","date_gmt":"2025-03-31T07:01:01","guid":{"rendered":"https:\/\/cyberone.bg\/?p=9690"},"modified":"2025-03-31T10:01:01","modified_gmt":"2025-03-31T07:01:01","slug":"weekly-cybersecurity-report-week-13-2025","status":"publish","type":"post","link":"https:\/\/cyberone.bg\/en\/weekly-cybersecurity-report-week-13-2025","title":{"rendered":"Weekly Cybersecurity Report | Week 13, 2025"},"content":{"rendered":"<p>As your dedicated cybersecurity services provider,<strong>\u00a0<a href=\"https:\/\/cyberone.bg\/\">Cyberone<\/a><\/strong>\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.<\/p>\n<h2>Weekly Cybersecurity Report | Week 13, 2025<\/h2>\n<p>\u00a0<\/p>\n<p><strong><u>Information security updates and events from the past we<\/u><\/strong><strong><u>ek<\/u><\/strong><\/p>\n<h3><strong>1 \u2013 Sydney Tools: Personal details of Australian chain\u2019s customers and employees exposed<\/strong><\/h3>\n<p>Australia\u2019s largest tool chain, Sydney Tools, has accidentally exposed a database containing sensitive information on more than 34 million customer orders and thousands of employee records.<\/p>\n<p>Scope of the leak:<\/p>\n<p>\u2013 34 million records of online customer orders<\/p>\n<p>\u2013 About 5,000 records of company employees (probably including former employees)<\/p>\n<p>\u2013 The leak was discovered in early February 2025 but remained open despite attempts to warn<\/p>\n<p>The information exposed about customers:<\/p>\n<p>\u2013 Full names of buyers, private email addresses, exact residential addresses, personal phone numbers, details of products purchased<\/p>\n<p>The information exposed about employees:<\/p>\n<p>\u2013 Full names, exact branches of the transaction, salaries, personal sales targets<\/p>\n<p>\u201cThe information leaked from the company could be used by attackers to commit tool theft, which is a surprisingly common crime, as well as for well-known cybercrimes such as identity theft, phishing scams or targeted spam,\u201d explained the researchers who discovered the leak.<\/p>\n<p>The most significant danger is that attackers could exploit the information to create Targeted scams, for example, by sending messages that mention specific tools that customers have recently purchased, thereby increasing the chances of phishing attacks succeeding.<\/p>\n<p>\u00a0<\/p>\n<h3><strong>2 \u2013 NYU website hack: Personal information of 1 million students exposed<\/strong><\/h3>\n<p>A hacker took over the New York University (NYU) website over the weekend, exposing personal information of more than 1 million students and applicants.<\/p>\n<p>Incident details:<\/p>\n<p>\u2013 On Saturday, the hacker replaced NYU\u2019s homepage with charts and links to large databases<\/p>\n<p>\u2013 The information included classified test scores<\/p>\n<p>\u2013 The hacker claimed that personal identifiable information had been removed, but security experts found that the information was not properly secured<\/p>\n<p>\u2013 The leak exposed personal information of more than 1 million people<\/p>\n<p>The information exposed:<\/p>\n<p>\u2013 Full names, addresses, phone numbers, GPA, email addresses, scholarship information and financial status.<\/p>\n<p>\u2013 The university newspaper reported the exposure of information on 3 million applicants, including test scores, subjects and zip codes, with information going back to 1989<\/p>\n<h3><strong>3 \u2013 Huge hack at Spanish electricity company: Information on millions of customers exposed<\/strong><\/h3>\n<p>A hacker calling himself \u201cAgencyInt\u201d claims to have broken into the databases of Spanish electricity and gas company Endesa, one of the largest energy companies in Europe, and stolen sensitive information on tens of millions of customers.<\/p>\n<p>Scope of the hack:<\/p>\n<p>\u2013 30.6 million electricity customers affected<\/p>\n<p>\u2013 8.6 million gas customers affected<\/p>\n<p>Types of information exposed:<\/p>\n<p>\u2013 Full names of customers, ID numbers, telephone numbers, email addresses, residential addresses, bank account numbers, delivery point codes (CUPS), consumption data, billing details and debts<\/p>\n<h3><strong>4 \u2013 Malaysia\u2019s KLIA International Airport suffers from a ransomware attack.<\/strong><\/h3>\n<p>The attackers are demanding a $10 million ransom.<\/p>\n<p>The Malaysian prime minister has announced that they are refusing to pay the ransom.<\/p>\n<p>\u201cThere is no way the country will be safe if we give in to criminals\u2019 ultimatums\u2026\u201d<\/p>\n<p>An investigation by an aviation news channel director shows no disruption to airport operations following the attack<\/p>\n<h3><strong>5 \u2013 Union County, Pennsylvania, reports that it has suffered a ransomware attack that has hit Semper Systems.<\/strong><\/h3>\n<p>An initial investigation indicates that personal information, including Social Security numbers and driver\u2019s licenses, was stolen, primarily from law enforcement, legal affairs and businesses in the county.<\/p>\n<p>The county reported the incident to federal authorities and hired cyber experts to restore the systems.<\/p>\n<p>No ransomware group has claimed responsibility for the attack at this time.<\/p>\n<h3><strong>6 \u2013 Ukraine\u2019s national railway company, Ukrzaliznytsia, reports a widespread cyberattack that began on March 23.<\/strong><\/h3>\n<p>The attack disrupted the company\u2019s online ticketing systems, including the app for purchasing tickets. At this stage, trains continue to operate as usual, but tickets are purchased only at stations.<\/p>\n<p>The company said that this was a complex attack, and various teams are working to restore the systems in cooperation with the Ukrainian Security Service (SBU).<\/p>\n<p>Ukrzaliznytsia stressed that train traffic was not affected.<\/p>\n<h3><strong>7 \u2013 Astral Foods, one of the largest poultry producers in South Africa, reports a cyberattack that occurred on March 16 and disabled the company\u2019s processing and distribution systems.<\/strong><\/h3>\n<p>The attack caused significant operational damage, and the company estimates that it suffered losses of about 20 million rand (about $1.1 million) due to production interruptions and recovery costs.<\/p>\n<p><strong>8 \u2013 The University of Notre Dame in Australia reports widespread disruptions following a ransomware attack that began in January.<\/strong><\/p>\n<p>The attack affected extensive services at the university, and students are complaining that there are no internet services, printing services, access to the student portal, and more.<\/p>\n<p>There have been claims online that lecturers are not even receiving their salaries due to the attack, but the university denies this and claims that salaries are paid on time.<\/p>\n<p>The Fog ransomware group claimed responsibility for the attack, claiming to have stolen 62.2 gigabytes of data.<\/p>\n<p>\u00a0<\/p>\n<p><strong><em>The cybersecurity attacks highlighted in this report aren\u2019t just incidents, they\u2019re blueprints of the adversary\u2019s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our <a href=\"https:\/\/cyberone.bg\/en\/services\">services<\/a>.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As your dedicated cybersecurity services provider,\u00a0Cyberone\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape. Weekly Cybersecurity Report | Week 13, 2025 \u00a0 Information security updates and events from the past week 1 \u2013 Sydney Tools: Personal details [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":8609,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[],"class_list":["post-9690","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weekly-cyber-updates"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9690","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/comments?post=9690"}],"version-history":[{"count":1,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9690\/revisions"}],"predecessor-version":[{"id":9691,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9690\/revisions\/9691"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media\/8609"}],"wp:attachment":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media?parent=9690"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/categories?post=9690"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/tags?post=9690"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}