{"id":9782,"date":"2025-04-28T08:54:27","date_gmt":"2025-04-28T05:54:27","guid":{"rendered":"https:\/\/cyberone.bg\/?p=9782"},"modified":"2025-04-28T09:01:48","modified_gmt":"2025-04-28T06:01:48","slug":"weekly-cybersecurity-report-week-17-2025","status":"publish","type":"post","link":"https:\/\/cyberone.bg\/en\/weekly-cybersecurity-report-week-17-2025","title":{"rendered":"Weekly Cybersecurity Report | Week 17, 2025"},"content":{"rendered":"

As your dedicated cybersecurity services provider,\u00a0Cyberone<\/a><\/strong>\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.<\/p>\n

Weekly Cybersecurity Report | Week 17, 2025<\/h2>\n

\u00a0<\/p>\n

Information security updates and events from the past we<\/u><\/strong>ek<\/u><\/strong><\/p>\n

1 \u2013 Marks & Spencer chain deals with cyber incident affecting order collection service<\/strong><\/h3>\n

British retail giant Marks & Spencer (M&S) has informed the London Stock Exchange that it has been dealing with a cyber incident over the past few days, without providing specific details about the nature of the incident or its exact date.<\/p>\n

Incident details:<\/p>\n

\u2013 A message to customers said that the Click & Collect service (online ordering and in-store collection) had been affected<\/p>\n

\u2013 CEO Stuart Machine stressed: \u201cOur stores remain open, and the website and app are operating as normal\u201d<\/p>\n

\u2013 The retailer reported that \u201cminor and temporary changes\u201d were made to store operations to protect customers and the business<\/p>\n

\u2013 The company notified the National Cyber \u200b\u200bSecurity Centre (NCSC) and the Information Commissioner\u2019s Office (ICO)<\/p>\n

\u2013 External experts were brought in to help manage the incident<\/p>\n

Public reactions:<\/p>\n

\u2013 Users on social media have been reporting problems since Saturday<\/p>\n

\u2013 The problems included product returns not being available<\/p>\n

\u2013 Customers reported instances where Click & Collect orders arrived at the store, but staff were unable to deliver them due to technical difficulties<\/p>\n

Marks & Spencer did not provide information on the nature of the incident, or the security measures taken.<\/p>\n

https:\/\/www.londonstockexchange.com\/news-article\/MKS\/cyber-incident-update\/16999905<\/a><\/p>\n

<\/h3>\n

2 \u2013 Entertainment services giant Legends International reveals data leak<\/strong><\/h3>\n

Entertainment website management company Legends International announced that it suffered a data breach in November 2024, which affected employees and people who visited the websites it manages.<\/p>\n

Incident details:<\/p>\n

\u2013 The company detected unauthorized activity on its IT systems on November 9, 2024<\/p>\n

\u2013 The investigation, conducted with the assistance of external cybersecurity experts, confirmed that the hackers extracted personal information files<\/p>\n

\u2013 In the notification letter it shared with the authorities, the company did not specify the types of information that was given.<\/p>\n

\u2013 The company is offering victims 24 months of coverage for identity theft detection services through Experian<\/p>\n

\u2013 Victims can sign up for the service until July 31, 2025<\/p>\n

About Legends International:<\/p>\n

\u2013 Sports and entertainment services company Global provider of website design, sales, partnerships, hosting, products and technology solutions<\/p>\n

\u2013 Annual revenue of over $1.1 billion<\/p>\n

\u2013 Manages over 350 sites on five continents, including SoFi Stadium in Los Angeles, One World Observatory in New York, AT&T Stadium in Texas, Santiago Bernabeu and Camp Nou stadiums in Spain, and Anfield and OVO Arena Wembley in the UK<\/p>\n

\u2013 Recently expanded its operations with the acquisition of ASM Global, a leading website management company with a global presence<\/p>\n

Response measures:<\/p>\n

\u2013 The company states that security measures were already in place before the incident<\/p>\n

\u2013 Additional measures were implemented when the systems were restored from the cyberattack<\/p>\n

\u2013 No specific details were given about existing or new security measures<\/p>\n

\u2013 The company states that there is no evidence of misuse of personal information because of the incident, but advises victims to remain vigilant<\/p>\n

The extent of the data breach and the number of people exposed are not yet known. It is known but given the size of the company\u2019s operations and the amount of sensitive information it manages, there is reason for concern. As for this writing, no ransomware group has claimed responsibility for the attack.<\/p>\n

\u00a0<\/p>\n

3 \u2013 Health insurance company Blue Shield of California reports the exposure of information from 4.7 million policyholders, following an incorrect configuration of Google Analytics on the company\u2019s websites.<\/strong><\/h3>\n

\u00a0<\/p>\n

The incident occurred between April 2021 and January 2024, during which details such as the insured\u2019s name, type and date of medical service, geographic location, gender, information about doctor searches, and more were exposed.<\/p>\n

The company emphasizes that no ID numbers, bank details, or credit cards were exposed.<\/p>\n

\u00a0<\/p>\n

4 \u2013 The website of Taiwanese shipping company Wan Hai was unexpectedly shut down over the weekend \u2013 because of a cyber-attack on its information systems.<\/strong><\/h3>\n

The company reported on the Taiwan Stock Exchange, but did not disclose who was behind the attack or what information was stolen.<\/p>\n

\u00a0<\/p>\n

5 \u2013 Massachusetts healthcare provider Onsite Mammography notifies more than 350,000 people that their personal and health information was compromised in a data breach.<\/strong><\/h3>\n

The incident was discovered in October 2024 and involved unauthorized access to an employee\u2019s email account, the company said in a notification letter sent to affected individuals.<\/p>\n

Some of the emails in the compromised account\u2019s inbox, onsite said, exposed personally identifiable information (PII) and protected health information (PHI).<\/p>\n

A review of the exposed information completed in February 2025 determined that names, Social Security numbers, dates of birth, driver\u2019s license numbers, credit card numbers and medical information such as mental and physical health or condition, and treatment information received were compromised.<\/p>\n

\u00a0<\/p>\n

6 \u2013 Two healthcare organizations hit by ransomware, confirm data breaches impacting more than 100,000 customers<\/strong><\/h3>\n

One of them is Milwaukee, Bell Ambulance, which provides ambulance services. The company disclosed last week in a security advisory that it detected a breach on February 13, 2025.<\/p>\n

An investigation showed that hackers gained access to files containing information such as name, date of birth, SSN, driver\u2019s license number, financial information, medical and health insurance information.<\/p>\n

Bell did not say in its public statement how many people were affected, but a review of the data breaches by the Department of Health and Human Services (HHS) revealed on Monday that 114,000 people were affected.<\/p>\n

The Medusa ransomware group announced the Bell Ambulance hack in early March, claiming to have stolen more than 200 gigabytes of data from its systems.<\/p>\n

The second healthcare organization to confirm a data breach affecting more than 100,000 people is Birmingham-based eye clinic Alabama Ophthalmology Associates.<\/p>\n

Alabama Ophthalmology Associates disclosed on April 10 that the personal and protected health information (PHI) of current and former patients was compromised. This includes names, addresses, dates of birth, driver\u2019s license information, SSNs, medical information, and health insurance information.<\/p>\n

The organization identified a network breach on January 30th and an investigation showed that hackers had had access to its systems since January 22nd.<\/p>\n

\u00a0<\/p>\n

The cybersecurity attacks highlighted in this report aren\u2019t just incidents, they\u2019re blueprints of the adversary\u2019s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services<\/a>.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

As your dedicated cybersecurity services provider,\u00a0Cyberone\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape. Weekly Cybersecurity Report | Week 17, 2025 \u00a0 Information security updates and events from the past week 1 \u2013 Marks & Spencer chain […]<\/p>\n","protected":false},"author":6,"featured_media":8621,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[],"class_list":["post-9782","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weekly-cyber-updates"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9782","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/comments?post=9782"}],"version-history":[{"count":2,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9782\/revisions"}],"predecessor-version":[{"id":9784,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9782\/revisions\/9784"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media\/8621"}],"wp:attachment":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media?parent=9782"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/categories?post=9782"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/tags?post=9782"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}