{"id":9870,"date":"2025-05-23T15:09:49","date_gmt":"2025-05-23T12:09:49","guid":{"rendered":"https:\/\/cyberone.bg\/?p=9870"},"modified":"2025-05-23T15:09:49","modified_gmt":"2025-05-23T12:09:49","slug":"weekly-cybersecurity-report-week-21-2025","status":"publish","type":"post","link":"https:\/\/cyberone.bg\/en\/weekly-cybersecurity-report-week-21-2025","title":{"rendered":"Weekly Cybersecurity Report | Week 21, 2025"},"content":{"rendered":"

As your dedicated cybersecurity services provider,\u00a0Cyberone<\/a><\/strong>\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.<\/p>\n

Weekly Cybersecurity Report | Week 21, 2025<\/h2>\n

 <\/p>\n

Information security updates and events from the past we<\/u><\/strong>ek<\/u><\/strong><\/p>\n

1 Billion-dollar bank warns 7,537 customers after data breach allowed unauthorized access to accounts<\/strong><\/h3>\n

A bank ranked among the top 100 banks in the U.S. has disclosed a data breach that affected the personal and confidential information of thousands of customers. In a report to the Maine Attorney General’s Office, Arkansas-based Arvest Bank is warning 7,537 people after a technical glitch allowed unauthorized access to accounts.<\/p>\n

Details of the glitch:<\/p>\n

– The technical glitch occurred during a routine system update on Thursday, April 24<\/p>\n

– The glitch allowed some customers to view other customers’ accounts while using online banking<\/p>\n

– Bank staff identified and resolved the issue, temporarily disabling some online functions<\/p>\n

The sensitive information exposed included:<\/p>\n

– Customer names, account numbers, account balances, activity In the accounts<\/p>\n

https:\/\/www.maine.gov\/agviewer\/content\/ag\/985235c7-cb95-4be2-8792-a1252b4f8318\/fc5718dc-54be-4113-be02-0519ede89840.html<\/a><\/p>\n

2 Ransomware attack hits Kettering Health – scheduled medical procedures canceled<\/strong><\/h3>\n

Kettering Health, which operates 14 medical centers in Ohio, was forced to cancel scheduled medical procedures following a cyberattack that caused a widespread system outage. The attack is affecting the organization’s patient care systems and customer service center.<\/p>\n

Incident details:<\/p>\n

– Kettering Health operates 14 medical centers, emergency centers and more than 120 outpatient facilities in western Ohio<\/p>\n

– The organization employs more than 15,000 people, including more than 1,800 Doctors<\/p>\n

– Elective (non-urgent) internal and external procedures have been canceled and rescheduled<\/p>\n

– Emergency rooms and clinics continue to receive patients as usual<\/p>\n

Identifying the attackers:<\/p>\n

– According to a CNN report, the Interlock ransomware group is likely behind the attack<\/p>\n

– The group is threatening to leak information stolen from Kettering Health’s systems if the organization does not negotiate a ransom payment<\/p>\n

– A ransom message found on encrypted devices reads: “Your network has been compromised, and we have secured your most vital files”<\/p>\n

– The Interlock group is a relatively new ransomware group that emerged in September and has claimed responsibility for more than 36 victims since<\/p>\n

3 Ransomware attack on food distributor leads to severe disruptions in British supermarket chains<\/strong><\/h3>\n

Peter Green Chilled, a company specializing in the distribution of chilled and frozen food, confirmed that it was hit by a ransomware attack that occurred on May 14, 2025. The<\/p>\n

company, which serves all The UK’s largest supermarket chain, the UK’s largest supermarket chain, has notified its customers of the incident by email and said it had been forced to halt new orders.<\/p>\n

The impact of the attack on the supply chain:<\/p>\n

– The company said that “the business’s transport operations” were continuing to operate as usual<\/p>\n

– However, new orders were suspended on May 15<\/p>\n

– The company’s phone number listed on its website appears to be blocking incoming calls<\/p>\n

– The general enquiries email address does not accept messages from outside the organisation, as evidenced by an Office 365 bounce message<\/p>\n

The attack adds to the difficulties for UK supermarket chains, particularly M&S and the Co-op, which are already dealing with their own cyber issues. The company serves all of the UK’s major chains, including Asda, Morrison’s, Sainsbury’s, Tesco and Waitrose.<\/p>\n

4 Japanese gaming company Arc System Works reveals it was under attack that resulted in a large-scale data leak<\/strong><\/h3>\n

Japanese video game company Arc System Works revealed on 14 In May 2025, a major leak revealed source code and three versions of the game “Guilty Gear Strive”, unreleased characters from the fourth and fifth seasons, details of a new project called “Watari” for the Nintendo Switch 2, as well as technical specifications of the new console.<\/p>\n

Scope of the breach and information revealed:<\/p>\n

– Source code and three versions of the successful game “Guilty Gear Strive”<\/p>\n

– Unannounced fighting characters from the fourth and fifth seasons of the game<\/p>\n

– Full details of a project called “Watari” being developed for the Nintendo Switch 2<\/p>\n

– Detailed technical specifications of the Nintendo Switch 2 console that has not yet been officially announced<\/p>\n

– Open information that could harm the company’s competitiveness and reputation<\/p>\n

5 Danish dairy company Arla Foods confirmed that it had experienced a cyberattack that hit its production facility in Uppland, Germany.<\/strong><\/h3>\n

The incident affected the local IT network and caused a temporary shutdown of production. As a result, delays or cancellations in product deliveries are expected.<\/p>\n

Arla reports that its other production facilities were not affected and is working to restore full operations at the affected site by the end of the week.<\/p>\n

The company, which employs 23,000 people in 39 countries, sells its products in more than 140 countries under brands such as Arla, Lurpak, Puck and Castello.<\/p>\n

6 Coinbase announced a cyber incident on the company’s systems through an external provider.<\/strong><\/h3>\n

As a result, personal information of about 1 million users was leaked.<\/p>\n

The leaked information includes full names, physical addresses, phone numbers, email addresses, the last 4 digits of social security numbers, partial bank account details, ID<\/p>\n

photos, transaction history and internal account details. No passwords, cryptographic keys or funds were stolen from the platform.<\/p>\n

According to Coinbase, the attackers were able to gain access to the systems by bribing The external vendor’s employees were held accountable for the breach and a $20 million ransom was demanded.<\/p>\n

The company refused to pay and instead offered a reward of the same amount to anyone who could help identify and capture the attackers.<\/p>\n

The expected economic damage is estimated to be between $180 million and $400 million, and Coinbase’s stock fell more than 7%, just days before the company entered the S&P 500 index.<\/p>\n

 <\/p>\n

The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services<\/a>.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

As your dedicated cybersecurity services provider,\u00a0Cyberone\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape. Weekly Cybersecurity Report | Week 21, 2025   Information security updates and events from the past week 1 Billion-dollar bank warns 7,537 customers […]<\/p>\n","protected":false},"author":6,"featured_media":8597,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[],"class_list":["post-9870","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weekly-cyber-updates"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9870","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/comments?post=9870"}],"version-history":[{"count":1,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9870\/revisions"}],"predecessor-version":[{"id":9871,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9870\/revisions\/9871"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media\/8597"}],"wp:attachment":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media?parent=9870"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/categories?post=9870"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/tags?post=9870"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}