Multiple organizations in the Crypto Space
January 15, 2025
•[ espionage, financial, finance ]
Researchers at SecurityScorecard uncovered Operation 99, a campaign by the Lazarus Group, North Koreas state-sponsored hacking unit, targeting software developers looking for freelance Web3 and cryptocurrency work.
International AIDS Vaccine Initiative (IAVI)
January 15, 2025
•[ ransomware, malware, healthcare ]
The International AIDS Vaccine Initiative (IAVI) discloses a ransomware attack. The INC Ransom group claims responsibility.
The Idols NFT
January 15, 2025
•[ financial, hack, finance ]
The Idols NFT contract on Ethereum suffers an exploit resulting in a loss of approximately $340K.
SURF Network
January 15, 2025
•[ ddos, technology ]
DDoS-aanval: De getroffen instellingen hebben last van een trage of zelfs helemaal geen verbinding. Door de grote hoeveelheid verkeer kunnen ook instellingen die buiten Brabant en Limburg op hun netwerk zitten hinder ondervinden.
Individual in Cento, Italy
January 15, 2025
•[ financial ]
Denunciato il responsabile e recuperato il denaro
45 schools in Rhineland-Palatinate served by IT provider Topackt
January 15, 2025
•[ hack, education ]
Die Server der betroffenen Schulen in der Pfalz sind weitgehend wiederhergestellt. Das Backup-System des Betreibers hat offensichtlich funktioniert.
Electronic School (ГИС "Электронная школа"), Novosibirsk
January 15, 2025
•[ hack, ddos, education ]
On January 15, 2025, a powerful DDoS attack targeted Novosibirsks Electronic School digital diary platform. The attack, described as one of the most massive in the region, caused several hours of disruption before service was restored.
Steel Warehouse Co. LLC (South Bend Steel Processor)
January 15, 2025
•[ hack, manufacturing ]
South Bend-based Steel Warehouse Co. LLC disclosed a data breach after a cybercriminal gang accessed systems in late 2024; breach notifications were issued in Jan 2025 and lawsuits filed Aug 2025 alleging mishandling of sensitive employee and contractor data.
DecisionFi
January 15, 2025
•[ data leak ]
Unauthorized party accessed files via a web application; NH AG filing and notification letters dated 21-02-2025.
Select Medical Holdings Corporation
January 15, 2025
•[ data leak ]
Select Medical, a healthcare management company headquartered in Pennsylvania, disclosed unauthorized access to its internal network first detected in January 2025. Approximately 40,000 individuals PHI was exfiltrated, including names, Social Security numbers, and medical information. No ransomware or operational disruption was reported.
Hue Central Hospital – On-Demand and International Treatment Center
January 15, 2025
•[ ransomware ]
In January 2025 the hospital information system of Hue Central Hospitals On-Demand and International Treatment Center was compromised, with around 500 GB of data encrypted and a ransom demanded for decryption; no public evidence of data exfiltration has been reported.
Electronic School (ÓØá "ÃÂûõúтрþýýðѠшúþûð"), Novosibirsk
January 15, 2025
•[ DDoS attack, service disruption, cyber attack ]
On January 15, 2025, a powerful DDoS attack targeted Novosibirsks Electronic School digital diary platform. The attack, described as one of the most massive in the region, caused several hours of disruption before service was restored.
Hue Central Hospital – On-Demand and International Treatment Center
January 15, 2025
•[ ransomware, encryption, healthcare ]
In January 2025 the hospital information system of Hue Central Hospitals On-Demand and International Treatment Center was compromised, with around 500 GB of data encrypted and a ransom demanded for decryption; no public evidence of data exfiltration has been reported.
FortiGate devices
January 14, 2025
•[ leak, misconfiguration, technology ]
A new group dubbed "Belsen Group" leaks the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices on the dark web in a 1.6 GB archive, allegedly obtained exploiting CVE-2022-40684.
DigiD
January 14, 2025
•[ hack, ddos, government ]
The DigiD outage, which prevented people from logging in for most of yesterday afternoon , was caused by a large-scale DDoS attack. The DigiD server was experiencing so much traffic that the website couldn't handle it, according to Logius, the government agency that manages DigiD.
Forum Communications Company
January 14, 2025
•[ data leak ]
Forum Communications reported January access to files; 28,830 notified March 19.
Stealer Logs, Jan 2025
January 13, 2025
•[ leak, malware ]
In January 2025, stealer logs with 71M email addresses were added to HIBP. Consisting of email address, password and the website the credentials were entered against, this breach marks the launch of a new HIBP feature enabling the retrieval of the specific websites the logs were collected against. The incident also resulted in 106M more passwords being added to the Pwned Passwords service.
Infobis
January 13, 2025
•[ hack, technology ]
Ukrainian threat group Cyber Anarchy Squad takes responsibility for an attack against Russian agricultural tech firm Infobis, which purportedly leads to the theft of 3 TB of data in addition to infrastructure damage.
Grinding Gear Games (developer of Path 2 Exile 2)
January 13, 2025
•[ hack, technology ]
Path of Exile 2 developers confirm that a hacked admin account allowed a threat actor to change the password and access at least 66 accounts, finally explaining how PoE 2 accounts have been breached since November.
Government bodies in Kazakhstan
January 13, 2025
•[ espionage, government ]
Researchers at Sekoia attribute the Russia-linked threat actors from APT28 to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin's efforts to gather economic and political intelligence in Central Asia.
