Water Treatment Plant at Madyty
January 28, 2025
•[ unauthorized access, ICS/SCADA, critical infrastructure ]
CyberDefence24 reported that a pro-Russian Telegram group posted videos between Jan 2830, 2025 showing unauthorized access to interfaces for three Polish water treatment plants (SUW) in Tolkmicko, Madyty, and Sierakowo. The recordings showed attackers setting multiple parameters to maximum values, disabling selected device functions, and changing device PINs (including 1488). The article stated none of the plants reported problems at the time and noted the activity appeared propaganda-oriented, with no confirmed impact on critical infrastructure operations.
DeepSeek
January 27, 2025
•[ hack, ddos, technology ]
Chinese AI platform DeepSeek disables registrations on its DeepSeek-V3 chat platform due to an ongoing "large-scale" cyberattack targeting its services.
More than 570 computers linked to Mexico's government
January 27, 2025
•[ hack, malware, government ]
Threat actors infect more than 570 computers linked to Mexico's government domain gob.mx with infostealer malware, exposing sensitive data and login credentials.
Frederick Health Medical Group
January 27, 2025
•[ ransomware, malware, healthcare ]
Frederick Health Medical Group warns that there will be delays in service as it is hit by a ransomware attack.
South African Weather Service (SAWS)
January 27, 2025
•[ hack, government ]
A cyberattack forces the government-run South African Weather Service (SAWS) offline, limiting access to a critical service used by the countrys airlines, farmers and allies.
Conad
January 27, 2025
•[ ransomware, malware, retail ]
Conad, an important wholesale chain in Italy, is hit with a Lynx ransomware attack.
Let's Secure Insurance Brokers
January 27, 2025
•[ ransomware, finance ]
Let's Secure Insurance Brokers is hit with a ransomware attack.
Individual
January 27, 2025
•[ social, phishing, finance ]
Police began investigating when a 90-year-old man told authorities he gave $49,900 to a courier purportedly acting on behalf of PayPal. Victim was deceived via fake PayPal email & link leading to remote access of computer/password theft
Episource
January 27, 2025
•[ data leak ]
Episource detected unauthorized access between January 27 and February 6 2025 affecting approximately 5.4 million individuals; attackers exfiltrated protected health information including SSNs, medical data, and insurance identifiers; no actor identified or ransom claim confirmed.
New York Blood Center (NYBC)
January 26, 2025
•[ ransomware, malware, healthcare ]
The New York Blood Center (NYBC), one of the world's largest independent blood collection and distribution organizations, says a Sunday ransomware attack forced it to reschedule some appointments.
Maagar-Tec
January 26, 2025
•[ hack, technology ]
The pro-Palestinian group called Handala reportedly breaches emergency systems used in Israeli schools, after compromising Maagar-Tec, and broadcasts rocket sirens and Arabic songs that Israels cyber agency called supportive of terrorism.
Individual in Austria
January 26, 2025
•[ financial, phishing, finance ]
Eine Sdoststeirerin hat sich im Jnner an die Polizei gewandt, nachdem sie vermutet hatte, Opfer eines Phishing-Betrugs geworden zu sein. Sie fiel einem Link in einer SMS zum Opfer, eine Betrgerbande behob daraufhin Geld von ihrem Konto. Die Polizei verffentlichte nun Fotos der mutmalichen Betrger aus Wien.
The House of Dior
January 26, 2025
•[ data leak, personally identifiable information, supply chain attack ]
Dior disclosed that a database was accessed on Jan 26, 2025 exposing data that includes names, contact details, address, DOB, and in some cases passport/ID or SSN. Believed to be related to broader LVMH/ShinyHunters vendor breach cluster.
Jan Nygaard AS, a major BMW & MINI dealership in Denmark
January 25, 2025
•[ ransomware, hack, malware ]
Den store BMW- og Mini-forhandler Jan Nygaard, der omstter for mere end to milliarder kroner, advarer efter Computerworlds afslring tirsdag morgen sine kunder om, at deres data kan vre blevet stjlet af ransomware-gruppe under hackerangreb for mere end tre uger siden.
Grubhub
January 25, 2025
•[ data leak, third-party breach ]
Grubhub disclosed that a third-party vendor account was compromised, allowing limited access to contact and partial payment information for customers, drivers, and merchants. Full card, bank, and SSN data were not accessed. No attribution to a specific threat group. Incident contained.
Marlboro-Chesterfield Pathology
January 25, 2025
•[ ransomware, data leak ]
SafePay ransomware actors stole personal and health information from MCP systems; entity reported to HHS that 235,911 individuals were affected.
Doxbin Scrape
January 24, 2025
•[ leak, misconfiguration, technology ]
In January 2025, 435k email addresses were scraped from the "doxing" service Doxbin. Posts to the service are usually intended to disclose the personal information of non-consensually third parties. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
Matagorda County
January 24, 2025
•[ hack, malware, government ]
Matagorda County discloses a cyber attack involving a virus that has affected several internal systems.
HCF Management
January 24, 2025
•[ ransomware, malware, healthcare ]
HCF Management healthcare facilities confirm a ransomware attack from the RansomHun group, with more than 70,000 patients affected.
