Hospital El Cruce
January 24, 2025
•[ ransomware, malware, healthcare ]
The Hospital El Cruce is hit with a Medusa ransomware attack.
Centric.eu
January 24, 2025
•[ ransomware, technology ]
Ransomwaregroepering Clop claimt data van Centric in handen te hebben
Phemex
January 23, 2025
•[ financial, hack, finance ]
Singapore-based cryptocurrency platform Phemex is forced to pause some of its operations after a suspected cyberattack led to the theft of more than $85 million in digital coins.
Conduent
January 22, 2025
•[ hack, government ]
American business services and government contractor Conduent confirms that a recent outage resulted from what it described as a "cyber security incident."
ipany (VPN software developed by a South Korean company)
January 22, 2025
•[ espionage, technology ]
Researchers from ESET link a previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon to a supply chain attack targeting ipany a South Korean virtual private network (VPN) provider.
~100 UTEP Students
January 22, 2025
•[ social, phishing, education ]
The University of Texas at El Paso (UTEP) is urging students to remain vigilant following a phishing attack that compromised several accounts.
Blessing Corporate Services Inc. (Blessing Health System)
January 22, 2025
•[ ransomware, data leak ]
Blessing Corporate Services reported a ransomware attack on January 22 2025 that stole and encrypted patient information for approximately 15,000 individuals. The breach disrupted some clinical operations before containment and was publicly disclosed in April 2025. No actor attribution has been made.
Alabama Ophthalmology Associates
January 22, 2025
•[ ransomware, data leak ]
Unauthorized access occurred Jan 2230, 2025; AOA later confirmed patient data was acquired. BianLian claimed responsibility; notifications began in April 2025.
Union Health System
January 22, 2025
•[ data leak, supply chain attack ]
Union Health reported that an unknown party accessed Oracle Health/Cerners data migration environment sometime after January 22, 2025; Union Health systems werent breached but patient data held by the vendor was exposed; notifications issued in May 2025.
Oracle Corporation (legacy cloud environment)
January 22, 2025
•[ data leak, extortion ]
Threat actor rose87168 exploited Oracles legacy Gen 1 Cloud infrastructure, stealing credentials and configuration data from ~140,000 tenants (6 million+ records) and attempting extortion; Oracle privately confirmed breach to customers.
Munson Healthcare (via Cerner legacy systems)
January 22, 2025
•[ data leak, third party breach, healthcare data ]
Munson Healthcare confirmed that an unauthorized third party gained access to and obtained data maintained by its electronic health record vendor, Cerner, on legacy Cerner systems used by Munson. The investigation indicated access occurred at least as early as January 22, 2025, and could have exposed patient identifiers and clinical information, including Social Security numbers and medical record data. Munson and Cerner reported taking steps to secure the affected systems and notified impacted individuals with options for identity-protection services.
Unnamed internet service provider (ISP) from Eastern Asia
January 21, 2025
•[ hack, ddos, technology ]
Cloudflare says it detected and blocked a 5.6 Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, the largest ever attack to be reported to date.
Rostelecom
January 21, 2025
•[ leak, technology ]
A major Russian telecommunications provider, Rostelecom, says that it is investigating a suspected cyberattack on one of its contractors after threat actors from Silent Crow claim to have leaked the company's data.
Embassies, lawyers, government-backed banks, and think tanks in Kyrgyzstan
January 21, 2025
•[ espionage, government ]
Researchers at Seqrite discover a previously undocumented threat actor dubbed Silent Lynx, linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan.
Zürcher Kantonalbank (ZKB)
January 21, 2025
•[ hack, ddos, finance ]
Erneut hat die Hackergruppe NoName aus Russland eine Reihe von Schweizer Websites mit DDoS-Attacken lahmgelegt. Der Zeitpunkt der Angriffe hat wohl vor allem mit der Durchfhrung des WEF zu tun.
Stadt Schaffhausen
January 21, 2025
•[ hack, ddos, government ]
Two cantonal banks and various public websites were unavailable on Tuesday morning. A hacker group with ties to Russia is "testing" the resilience of Switzerland's internet infrastructure, as they call it. Today, Ukrainian President Volodomir Zelensky will speak at the WEF in Davos.
Ville de Sierre / Stadt Siders
January 21, 2025
•[ hack, ddos, government ]
In the morning, Schaffhausen energy supplier SH Power also displayed an error message. However, its site was back online before midday. Meanwhile, the websites for the cities of Sierre and Geneva remained inaccessible.
Cycle & Carriage Singapore
January 21, 2025
•[ hack, leak, retail ]
Cycle & Carriage Singapore disclosed a data breach in which attackers accessed an application server and exfiltrated ~147,000 customer records. No encryption or disruption of operations was reported.
Ascension
January 21, 2025
•[ data leak, vulnerability ]
Ascension disclosed a data breach linked to a former business partners software vulnerability; filings indicate 437,329 impacted individuals.
Zürcher Kantonalbank (ZKB)
January 21, 2025
•[ DDoS attack, NoName, WEF ]
Erneut hat die Hackergruppe NoName aus Russland eine Reihe von Schweizer Websites mit DDoS-Attacken lahmgelegt. Der Zeitpunkt der Angriffe hat wohl vor allem mit der Durchfhrung des WEF zu tun.
