As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 9, 2025
1 – DISA Global Solutions, a leading provider of employee screening services in the US, has announced a significant data breach affecting more than 3.3 million people.
The company, which provides drug, alcohol and background screening services to more than 55,000 organizations and a third of the Fortune 500 companies, disclosed the incident in an official report to the Maine Attorney General.
– The attackers remained in the system undetected for more than two months
– Sensitive information on millions of people who underwent background checks was stolen
The information exposed includes:
– Social Security numbers
– Financial information including credit card numbers
– Government identification documents
– Other personal information collected during employee screening processes
2 – French telecommunications provider Orange confirmed that its systems had been breached after a hacker published internal documents claiming to have stolen thousands of files containing user records and employee data. The attacker, who is affiliated with the ransomware group HellCat, published the information on the Darknet forum after a failed extortion attempt.
– According to the attacker, about 12,000 files with a volume of 6.5GB were stolen
– The information includes 380,000 unique email addresses, source code, invoices and contracts
– Most of the information belongs to the Romanian branch of the company
– The attacker claims to have had access to the company’s systems for more than a month
– The company confirmed that “the operation in Romania was the target of a cyber attack”
– The breach occurred in a non-critical office application and did not affect customer activity
– Cybersecurity and IT teams are working to assess the scope of the breach and minimize its impact
– The company undertakes to comply with all legal obligations and cooperates with the relevant authorities
3 – Crypto bank Infini hit From Cyber Attack: $49.5 Million Stolen Due to Private Key Leak
Initial investigation points to a private key leak as the cause of the attack.
– The funds were stolen from Infini’s USDC Vault wallet in two separate transactions
– First withdrawal: 11,455,666 USDC tokens
– Second withdrawal: 38,060,996 USDC tokens
– The stolen funds were converted to 17,696 Ethereum and transferred to a new wallet
4 – Cyber Attack Hits the Most Sensitive Security Center in the US
Anne Arundel County in Maryland, which hosts the most important US security centers including the NSA headquarters, is under a cyber-attack that is still ongoing.
The county authorities were forced to disable some of their online services and limit internet access to protect the systems.
– The attack is defined as an ongoing event lasting several days
– Authorities do not yet know when they will be able to return to full operation
– Emergency services are operating despite the attack
– Expert cyber teams have been mobilized to handle the incident
– National Security Agency (NSA) and US Army Cyber Command
– US Naval Academy and Federal Bureau of Investigation (FBI)
– Defense Information Systems Agency
– National Museum of Cryptology and Homeland Security Offices
The district office: “We are working proactively to ensure the security of our systems. At this point, we are still learning the full scope of the impact of the attack.”
5 – US mineral company loses half a million dollars in email fraud attack
NioCorp Developments, a company traded on Nasdaq, reported that hackers took over its Valentine email system and managed to transfer $500,000 that was originally intended for payment to a supplier to their accounts.
Details of the attack:
– Hacking into the company’s email systems
– Transfer of funds intended to provide to the attackers’ accounts
– The company discovered the hack on its own
– An immediate complaint was filed with law enforcement authorities
Signity of the damage:
– The amount stolen constitutes 4.5% of the company’s annual loss
– The company has not yet begun to generate revenue from its operations
– The investigation is ongoing to assess the full extent of the damage
– It is not yet clear whether it will be possible to recover the stolen funds
The company is working with financial institutions and law enforcement authorities to recover the funds that were transferred in error, and at the same time has begun an investigation to assess the scope of the incident and fix the breaches.
6 – The British water company Southern Water reported that a ransomware attack carried out in February 2024 cost it approximately £4.5 million (approximately $5.7 million). The company, which provides water and sewage services to millions of customers in the South England, noted that the attack did not affect the operation of systems, financial systems or customer interfaces. The Black Basta ransomware group claimed responsibility for the attack.
The company’s 2024 financial report stated that the costs associated with the attack include expenses for external cybersecurity experts, legal advice and other actions taken in response to the incident.
7 – Ransomware attack on large Siberian dairy plant, attackers used malware from the Lockbit group.
A large dairy plant in southern Siberia, Semyonishna, reports that last December they were attacked by a ransomware attack.
According to the Russian Federal Security Service (FSB), the attackers used AnyDesk software to spread the malware on the corporate network that was not even protected by antivirus.
The Semyonishna plant is a major producer of dairy products in the region, including milk, butter, cream, cheese and yogurt.
Various reports indicate that the attack occurred shortly after the company provided aid, including drones, to Russian soldiers fighting in Ukraine. Vladimir Levitsky, CEO of Sayanmoloko, said the attackers sent printouts to the company’s printers with messages denouncing the company’s contributions to the Russian military. He said the attack did not affect milk processing but disrupted the company’s ability to label products in accordance with the government’s tracking system.
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.
