{"id":9917,"date":"2025-06-09T08:56:50","date_gmt":"2025-06-09T05:56:50","guid":{"rendered":"https:\/\/cyberone.bg\/?p=9917"},"modified":"2025-06-09T08:56:50","modified_gmt":"2025-06-09T05:56:50","slug":"weekly-cybersecurity-report-week-23-2025","status":"publish","type":"post","link":"https:\/\/cyberone.bg\/en\/weekly-cybersecurity-report-week-23-2025","title":{"rendered":"Weekly Cybersecurity Report | Week 23, 2025"},"content":{"rendered":"

As your dedicated cybersecurity services provider,\u00a0Cyberone<\/a><\/strong>\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.<\/p>\n

Weekly Cybersecurity Report | Week 23, 2025<\/h2>\n

\u00a0<\/p>\n

Information security updates and events from the past we<\/u><\/strong>ek<\/u><\/strong><\/p>\n

1 UK tax authority: Attackers hacked 100,000 accounts, stole \u00a347m<\/strong><\/h3>\n

The UK tax authority HMRC has told parliament that attackers stole \u00a347m from the government by the end of 2024 after hacking into 100,000 tax accounts of citizens. The authority insists it was not a cyberattack despite the hackers using its digital systems to steal the money.<\/p>\n

Fraud details:<\/p>\n

\u2013 100,000 British citizens affected by the hack, about 0.22% of the population<\/p>\n

\u2013 Attackers used real login details stolen from phishing scams<\/p>\n

\u2013 They filed fake IRS claims and managed to receive \u00a347 million<\/p>\n

2 US newspaper chain reveals: Nearly 40,000 social security numbers exposed in ransomware attack<\/strong><\/h3>\n

Lee Enterprises, one of the largest owners of local newspapers in the United States, announced that nearly 40,000 people had their social security numbers exposed in a cyberattack that took place in February. The company notified regulators in Maine about the incident on Wednesday and said it discovered the sensitive information leak on May 28.<\/p>\n

Attack Details:<\/p>\n

\u2013 Lee Enterprises spent weeks recovering from the severe cyberattack that was discovered on February 3<\/p>\n

\u2013 A subsequent investigation revealed that the hackers accessed sensitive information belonging to 39,779 people<\/p>\n

\u2013 The Qilin ransomware group claimed responsibility for the attack, claiming to have stolen 350 gigabytes of data from the company<\/p>\n

\u2013 The attack halted the printing and online operations of many newspapers across the United States<\/p>\n

\u2013 Well-known newspapers were hit, such as the St. Louis Post-Dispatch, Arizona Daily Star, Buffalo News and Sioux City Journal<\/p>\n

\u2013 The company owns about 350 weekly and specialty publications in 72 markets in 25 states<\/p>\n

\u2013 Hackers stole files and installed critical software that disrupted distribution, billing and collections<\/p>\n

\u2013 CEO Kevin Mowbray said it cost the company $2 million to recover from the attack<\/p>\n

\u2013 Advertising revenue was hurt by the long time many newspapers were out of business<\/p>\n

\u2013 Banks that lend money to the company have waived interest and rent payments for March and April<\/p>\n

\u2013 The company said the incident could have a significant impact on its financial situation<\/p>\n

3 Gunra attack group claims hack into American Hospital in Dubai \u2013 450 million patient records exposed<\/strong><\/h3>\n

The Gunra hacker group has published claims of hacking into the database of the American Hospital in Dubai and obtaining 4TB of sensitive data including personal information, credit card details, ID cards Emiratis and medical records. The breach targeted the Cerner Millennium system, an electronic medical records platform used by hospitals to manage patient information<\/p>\n

\u2013 The group claims to have stolen \u201capproximately 450 million patient records\u201d from the Cerner Millennium database<\/p>\n

\u2013 4TB of raw data and 700GB of compressed data<\/p>\n

\u2013 The number likely refers to individual data records rather than unique patients<\/p>\n

\u2013 A screenshot released by the attackers shows 4,589,196 patient records<\/p>\n

\u2013 The number could include duplicates, historical records, tourists, or data shared with related healthcare facilities<\/p>\n

The data exposed:<\/p>\n

\u2013 Patient demographics and personal contact information<\/p>\n

\u2013 Patient credit card numbers and billing history and Emiratis ID cards<\/p>\n

\u2013 Clinical history and diagnostic records<\/p>\n

\u2013 Detailed reports on patients\u2019 health issues and treatment plans<\/p>\n

\u2013 Detailed report documents prepared by Hospital for Patients<\/p>\n

4 A wave of cyberattacks hits luxury fashion brands \u2013 Cartier and North Face reveal a breach of customer data<\/strong><\/h3>\n

The fashion industry is under attack, over the past month several leading fashion brands have revealed cyberattacks that compromised the personal information of their customers. Luxury jewelry brand Cartier and clothing brand North Face announced security incidents this week that exposed sensitive consumer information.<\/p>\n

Cartier hack:<\/p>\n

\u2013 The attackers penetrated the company\u2019s systems and stole a limited amount of customer information<\/p>\n

\u2013 The stolen data includes names, email addresses and countries of residence<\/p>\n

\u2013 The company emphasized that the hack did not include passwords, credit card details or banking information<\/p>\n

\u2013 Cartier warned that the stolen data could be used for targeted attacks<\/p>\n

\u2013 The company reported to law enforcement and is working with an external cyber firm<\/p>\n

North Face attack:<\/p>\n

\u2013 The company warned customers about a \u201ccredential stuffing\u201d attack which occurred in April<\/p>\n

\u2013 The attack focused on the company\u2019s website<\/p>\n

\u2013 The North Face is a leading American brand of outdoor equipment owned by VF Corporation<\/p>\n

\u2013 The company generates annual revenues of over $3 billion<\/p>\n

\u2013 Online commerce accounts for about 42% of the company\u2019s total sales<\/p>\n

5 RansomHouse group claims hacking into Chinese company Vinda \u2013 a $2.2 billion manufacturer of hygiene products<\/strong><\/h3>\n

The RansomHouse hacker group has published claims of hacking into the systems of Vinda International Holdings Limited, a leading Chinese company in the field of hygiene and health products. The company is considered one of the largest hygiene product manufacturers in Asia with extensive operations across the continent.<\/p>\n

The company has an annual turnover of $2.6 billion and over 11,000 employees<\/p>\n

Details of the hack:<\/p>\n

\u2013 The RansomHouse group took responsibility for the hack into the company\u2019s systems<\/p>\n

\u2013 The data was encrypted on May 16, 2025<\/p>\n

\u2013 The group issued a notice to the company\u2019s managers and threatened to leak confidential documents<\/p>\n

\u2013 The group claims that it waited a long time, but the company\u2019s IT department decided to ignore the incident<\/p>\n

\u2013 There is an option to download the evidence without a password<\/p>\n

6 The Black Suit ransomware group claims a hack into the Kansas City Aviation Center<\/strong><\/h3>\n

The Black Suit ransomware group has issued claims about a hack into the systems of the Kansas City Aviation Center (KCAC Aviation). The center specializes in providing diverse aviation services and is a well-known company in the field of general aviation in the United States.<\/p>\n

The company has not yet responded to the Black Suit group\u2019s claims, and it is unclear at what stage the investigation is or what steps it is taking to deal with the incident.<\/p>\n

\u00a0<\/p>\n

The cybersecurity attacks highlighted in this report aren\u2019t just incidents, they\u2019re blueprints of the adversary\u2019s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services<\/a>.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

As your dedicated cybersecurity services provider,\u00a0Cyberone\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape. Weekly Cybersecurity Report | Week 23, 2025 \u00a0 Information security updates and events from the past week 1 UK tax authority: Attackers hacked […]<\/p>\n","protected":false},"author":6,"featured_media":8603,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[],"class_list":["post-9917","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weekly-cyber-updates"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9917","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/comments?post=9917"}],"version-history":[{"count":1,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9917\/revisions"}],"predecessor-version":[{"id":9918,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9917\/revisions\/9918"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media\/8603"}],"wp:attachment":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media?parent=9917"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/categories?post=9917"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/tags?post=9917"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}