As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 23, 2025
Information security updates and events from the past week
1 UK tax authority: Attackers hacked 100,000 accounts, stole £47m
The UK tax authority HMRC has told parliament that attackers stole £47m from the government by the end of 2024 after hacking into 100,000 tax accounts of citizens. The authority insists it was not a cyberattack despite the hackers using its digital systems to steal the money.
Fraud details:
– 100,000 British citizens affected by the hack, about 0.22% of the population
– Attackers used real login details stolen from phishing scams
– They filed fake IRS claims and managed to receive £47 million
2 US newspaper chain reveals: Nearly 40,000 social security numbers exposed in ransomware attack
Lee Enterprises, one of the largest owners of local newspapers in the United States, announced that nearly 40,000 people had their social security numbers exposed in a cyberattack that took place in February. The company notified regulators in Maine about the incident on Wednesday and said it discovered the sensitive information leak on May 28.
Attack Details:
– Lee Enterprises spent weeks recovering from the severe cyberattack that was discovered on February 3
– A subsequent investigation revealed that the hackers accessed sensitive information belonging to 39,779 people
– The Qilin ransomware group claimed responsibility for the attack, claiming to have stolen 350 gigabytes of data from the company
– The attack halted the printing and online operations of many newspapers across the United States
– Well-known newspapers were hit, such as the St. Louis Post-Dispatch, Arizona Daily Star, Buffalo News and Sioux City Journal
– The company owns about 350 weekly and specialty publications in 72 markets in 25 states
– Hackers stole files and installed critical software that disrupted distribution, billing and collections
– CEO Kevin Mowbray said it cost the company $2 million to recover from the attack
– Advertising revenue was hurt by the long time many newspapers were out of business
– Banks that lend money to the company have waived interest and rent payments for March and April
– The company said the incident could have a significant impact on its financial situation
3 Gunra attack group claims hack into American Hospital in Dubai – 450 million patient records exposed
The Gunra hacker group has published claims of hacking into the database of the American Hospital in Dubai and obtaining 4TB of sensitive data including personal information, credit card details, ID cards Emiratis and medical records. The breach targeted the Cerner Millennium system, an electronic medical records platform used by hospitals to manage patient information
– The group claims to have stolen “approximately 450 million patient records” from the Cerner Millennium database
– 4TB of raw data and 700GB of compressed data
– The number likely refers to individual data records rather than unique patients
– A screenshot released by the attackers shows 4,589,196 patient records
– The number could include duplicates, historical records, tourists, or data shared with related healthcare facilities
The data exposed:
– Patient demographics and personal contact information
– Patient credit card numbers and billing history and Emiratis ID cards
– Clinical history and diagnostic records
– Detailed reports on patients’ health issues and treatment plans
– Detailed report documents prepared by Hospital for Patients
4 A wave of cyberattacks hits luxury fashion brands – Cartier and North Face reveal a breach of customer data
The fashion industry is under attack, over the past month several leading fashion brands have revealed cyberattacks that compromised the personal information of their customers. Luxury jewelry brand Cartier and clothing brand North Face announced security incidents this week that exposed sensitive consumer information.
Cartier hack:
– The attackers penetrated the company’s systems and stole a limited amount of customer information
– The stolen data includes names, email addresses and countries of residence
– The company emphasized that the hack did not include passwords, credit card details or banking information
– Cartier warned that the stolen data could be used for targeted attacks
– The company reported to law enforcement and is working with an external cyber firm
North Face attack:
– The company warned customers about a “credential stuffing” attack which occurred in April
– The attack focused on the company’s website
– The North Face is a leading American brand of outdoor equipment owned by VF Corporation
– The company generates annual revenues of over $3 billion
– Online commerce accounts for about 42% of the company’s total sales
5 RansomHouse group claims hacking into Chinese company Vinda – a $2.2 billion manufacturer of hygiene products
The RansomHouse hacker group has published claims of hacking into the systems of Vinda International Holdings Limited, a leading Chinese company in the field of hygiene and health products. The company is considered one of the largest hygiene product manufacturers in Asia with extensive operations across the continent.
The company has an annual turnover of $2.6 billion and over 11,000 employees
Details of the hack:
– The RansomHouse group took responsibility for the hack into the company’s systems
– The data was encrypted on May 16, 2025
– The group issued a notice to the company’s managers and threatened to leak confidential documents
– The group claims that it waited a long time, but the company’s IT department decided to ignore the incident
– There is an option to download the evidence without a password
6 The Black Suit ransomware group claims a hack into the Kansas City Aviation Center
The Black Suit ransomware group has issued claims about a hack into the systems of the Kansas City Aviation Center (KCAC Aviation). The center specializes in providing diverse aviation services and is a well-known company in the field of general aviation in the United States.
The company has not yet responded to the Black Suit group’s claims, and it is unclear at what stage the investigation is or what steps it is taking to deal with the incident.
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.
