{"id":9870,"date":"2025-05-23T15:09:49","date_gmt":"2025-05-23T12:09:49","guid":{"rendered":"https:\/\/cyberone.bg\/?p=9870"},"modified":"2025-05-23T15:09:49","modified_gmt":"2025-05-23T12:09:49","slug":"weekly-cybersecurity-report-week-21-2025","status":"publish","type":"post","link":"https:\/\/cyberone.bg\/en\/weekly-cybersecurity-report-week-21-2025","title":{"rendered":"Weekly Cybersecurity Report | Week 21, 2025"},"content":{"rendered":"

As your dedicated cybersecurity services provider,\u00a0Cyberone<\/a><\/strong>\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.<\/p>\n

Weekly Cybersecurity Report | Week 21, 2025<\/h2>\n

\u00a0<\/p>\n

Information security updates and events from the past we<\/u><\/strong>ek<\/u><\/strong><\/p>\n

1 Billion-dollar bank warns 7,537 customers after data breach allowed unauthorized access to accounts<\/strong><\/h3>\n

A bank ranked among the top 100 banks in the U.S. has disclosed a data breach that affected the personal and confidential information of thousands of customers. In a report to the Maine Attorney General\u2019s Office, Arkansas-based Arvest Bank is warning 7,537 people after a technical glitch allowed unauthorized access to accounts.<\/p>\n

Details of the glitch:<\/p>\n

\u2013 The technical glitch occurred during a routine system update on Thursday, April 24<\/p>\n

\u2013 The glitch allowed some customers to view other customers\u2019 accounts while using online banking<\/p>\n

\u2013 Bank staff identified and resolved the issue, temporarily disabling some online functions<\/p>\n

The sensitive information exposed included:<\/p>\n

\u2013 Customer names, account numbers, account balances, activity In the accounts<\/p>\n

https:\/\/www.maine.gov\/agviewer\/content\/ag\/985235c7-cb95-4be2-8792-a1252b4f8318\/fc5718dc-54be-4113-be02-0519ede89840.html<\/a><\/p>\n

2 Ransomware attack hits Kettering Health \u2013 scheduled medical procedures canceled<\/strong><\/h3>\n

Kettering Health, which operates 14 medical centers in Ohio, was forced to cancel scheduled medical procedures following a cyberattack that caused a widespread system outage. The attack is affecting the organization\u2019s patient care systems and customer service center.<\/p>\n

Incident details:<\/p>\n

\u2013 Kettering Health operates 14 medical centers, emergency centers and more than 120 outpatient facilities in western Ohio<\/p>\n

\u2013 The organization employs more than 15,000 people, including more than 1,800 Doctors<\/p>\n

\u2013 Elective (non-urgent) internal and external procedures have been canceled and rescheduled<\/p>\n

\u2013 Emergency rooms and clinics continue to receive patients as usual<\/p>\n

Identifying the attackers:<\/p>\n

\u2013 According to a CNN report, the Interlock ransomware group is likely behind the attack<\/p>\n

\u2013 The group is threatening to leak information stolen from Kettering Health\u2019s systems if the organization does not negotiate a ransom payment<\/p>\n

\u2013 A ransom message found on encrypted devices reads: \u201cYour network has been compromised, and we have secured your most vital files\u201d<\/p>\n

\u2013 The Interlock group is a relatively new ransomware group that emerged in September and has claimed responsibility for more than 36 victims since<\/p>\n

3 Ransomware attack on food distributor leads to severe disruptions in British supermarket chains<\/strong><\/h3>\n

Peter Green Chilled, a company specializing in the distribution of chilled and frozen food, confirmed that it was hit by a ransomware attack that occurred on May 14, 2025. The<\/p>\n

company, which serves all The UK\u2019s largest supermarket chain, the UK\u2019s largest supermarket chain, has notified its customers of the incident by email and said it had been forced to halt new orders.<\/p>\n

The impact of the attack on the supply chain:<\/p>\n

\u2013 The company said that \u201cthe business\u2019s transport operations\u201d were continuing to operate as usual<\/p>\n

\u2013 However, new orders were suspended on May 15<\/p>\n

\u2013 The company\u2019s phone number listed on its website appears to be blocking incoming calls<\/p>\n

\u2013 The general enquiries email address does not accept messages from outside the organisation, as evidenced by an Office 365 bounce message<\/p>\n

The attack adds to the difficulties for UK supermarket chains, particularly M&S and the Co-op, which are already dealing with their own cyber issues. The company serves all of the UK\u2019s major chains, including Asda, Morrison\u2019s, Sainsbury\u2019s, Tesco and Waitrose.<\/p>\n

4 Japanese gaming company Arc System Works reveals it was under attack that resulted in a large-scale data leak<\/strong><\/h3>\n

Japanese video game company Arc System Works revealed on 14 In May 2025, a major leak revealed source code and three versions of the game \u201cGuilty Gear Strive\u201d, unreleased characters from the fourth and fifth seasons, details of a new project called \u201cWatari\u201d for the Nintendo Switch 2, as well as technical specifications of the new console.<\/p>\n

Scope of the breach and information revealed:<\/p>\n

\u2013 Source code and three versions of the successful game \u201cGuilty Gear Strive\u201d<\/p>\n

\u2013 Unannounced fighting characters from the fourth and fifth seasons of the game<\/p>\n

\u2013 Full details of a project called \u201cWatari\u201d being developed for the Nintendo Switch 2<\/p>\n

\u2013 Detailed technical specifications of the Nintendo Switch 2 console that has not yet been officially announced<\/p>\n

\u2013 Open information that could harm the company\u2019s competitiveness and reputation<\/p>\n

5 Danish dairy company Arla Foods confirmed that it had experienced a cyberattack that hit its production facility in Uppland, Germany.<\/strong><\/h3>\n

The incident affected the local IT network and caused a temporary shutdown of production. As a result, delays or cancellations in product deliveries are expected.<\/p>\n

Arla reports that its other production facilities were not affected and is working to restore full operations at the affected site by the end of the week.<\/p>\n

The company, which employs 23,000 people in 39 countries, sells its products in more than 140 countries under brands such as Arla, Lurpak, Puck and Castello.<\/p>\n

6 Coinbase announced a cyber incident on the company\u2019s systems through an external provider.<\/strong><\/h3>\n

As a result, personal information of about 1 million users was leaked.<\/p>\n

The leaked information includes full names, physical addresses, phone numbers, email addresses, the last 4 digits of social security numbers, partial bank account details, ID<\/p>\n

photos, transaction history and internal account details. No passwords, cryptographic keys or funds were stolen from the platform.<\/p>\n

According to Coinbase, the attackers were able to gain access to the systems by bribing The external vendor\u2019s employees were held accountable for the breach and a $20 million ransom was demanded.<\/p>\n

The company refused to pay and instead offered a reward of the same amount to anyone who could help identify and capture the attackers.<\/p>\n

The expected economic damage is estimated to be between $180 million and $400 million, and Coinbase\u2019s stock fell more than 7%, just days before the company entered the S&P 500 index.<\/p>\n

\u00a0<\/p>\n

The cybersecurity attacks highlighted in this report aren\u2019t just incidents, they\u2019re blueprints of the adversary\u2019s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services<\/a>.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

As your dedicated cybersecurity services provider,\u00a0Cyberone\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape. Weekly Cybersecurity Report | Week 21, 2025 \u00a0 Information security updates and events from the past week 1 Billion-dollar bank warns 7,537 customers […]<\/p>\n","protected":false},"author":6,"featured_media":8597,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[],"class_list":["post-9870","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weekly-cyber-updates"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9870","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/comments?post=9870"}],"version-history":[{"count":1,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9870\/revisions"}],"predecessor-version":[{"id":9871,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9870\/revisions\/9871"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media\/8597"}],"wp:attachment":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media?parent=9870"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/categories?post=9870"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/tags?post=9870"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}