As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 40, 2025
Information security updates and events from the past week
1. Union County, Ohio Ransomware (US Local Government)
A ransomware attack on Union County, Ohio, compromised sensitive data belonging to over 45,000 residents and employees—including Social Security numbers, financial, and medical information. The attack disrupted county operations, but so far, no group has claimed responsibility and there’s no indication the data has been leaked or sold. Authorities are reportedly working to restore services and assess the scope of the breach.
2. Kido International Data Breach (UK)
Radiant Ransomware, a known cybercrime group, breached the network of Kido International, which runs 18 nurseries in Greater London. The attackers stole and published names, photos, home addresses, and family contact information for at least 10 children, alongside threats to leak additional data of 30 more children and 100 employees. The group claimed to have been present inside Kido’s network for weeks and asserted (unverified) Russian origins.
3. Salesforce/Wide SaaS Provider Data Leak
A criminal group claimed responsibility for stealing nearly 1 billion records from customers of Salesforce—targeting British retailers and other companies using Salesforce’s cloud applications. The intrusion affected databases containing sensitive customer and transactional data, highlighting the dangers of supply chain and third-party risk in SaaS environments. The attackers reportedly sought ransom payments from targeted organizations.
4. Data Carry & Miljödata Attack (Sweden, EU Municipal IT)
Volvo Group North America notified current and former employees of a breach tied to third-party supplier Miljödata, with stolen data reportedly including personnel information and illustrating the persistent exposure from vendor ecosystems.
The case adds to a steady cadence of workforce data compromises where HR and payroll-adjacent providers serve as high-value targets for criminal groups.
5. Asahi Group Ransomware (Japan)
Japanese beverage and consumer goods giant Asahi Group disclosed major system disruptions due to a cyberattack detected on September 29. The company suffered outages across Japan and Asia, with reports indicating data theft alongside impaired business operations. Asahi has been restoring core systems and has not confirmed the attackers’ identity, but ransomware is suspected.
6. Harrods Ransomware Incident (UK)
Luxury retail brand Harrods faced operational disruption and service outages after a sophisticated ransomware attack. Hackers targeted retail back-end systems, reportedly causing interruptions to the department store’s customer-facing operations and online services. The company is working closely with cybersecurity specialists to recover and strengthen defenses.
7. Global Trends: Surge in Ransomware and Supply Chain Attacks
Industry briefings reported a 36% year-on-year ransomware attack increase for 2025 (5,186 attacks tracked), with businesses and manufacturing especially hard-hit, while attacks on healthcare and government fell. Notable attacks on third-party tech vendors, like Collins Aerospace (aviation), and critical SaaS/infrastructure providers illustrated intensifying adversary focus on disrupting business continuity and propagating supply-chain compromise.
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.
