Jan Nygaard AS, a major BMW & MINI dealership in Denmark
January 25, 2025
•[ ransomware, hack, malware ]
Den store BMW- og Mini-forhandler Jan Nygaard, der omstter for mere end to milliarder kroner, advarer efter Computerworlds afslring tirsdag morgen sine kunder om, at deres data kan vre blevet stjlet af ransomware-gruppe under hackerangreb for mere end tre uger siden.
Grubhub
January 25, 2025
•[ data leak, third-party breach ]
Grubhub disclosed that a third-party vendor account was compromised, allowing limited access to contact and partial payment information for customers, drivers, and merchants. Full card, bank, and SSN data were not accessed. No attribution to a specific threat group. Incident contained.
Marlboro-Chesterfield Pathology
January 25, 2025
•[ ransomware, data leak ]
SafePay ransomware actors stole personal and health information from MCP systems; entity reported to HHS that 235,911 individuals were affected.
Doxbin Scrape
January 24, 2025
•[ leak, misconfiguration, technology ]
In January 2025, 435k email addresses were scraped from the "doxing" service Doxbin. Posts to the service are usually intended to disclose the personal information of non-consensually third parties. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
Matagorda County
January 24, 2025
•[ hack, malware, government ]
Matagorda County discloses a cyber attack involving a virus that has affected several internal systems.
HCF Management
January 24, 2025
•[ ransomware, malware, healthcare ]
HCF Management healthcare facilities confirm a ransomware attack from the RansomHun group, with more than 70,000 patients affected.
Hospital El Cruce
January 24, 2025
•[ ransomware, malware, healthcare ]
The Hospital El Cruce is hit with a Medusa ransomware attack.
Centric.eu
January 24, 2025
•[ ransomware, technology ]
Ransomwaregroepering Clop claimt data van Centric in handen te hebben
Phemex
January 23, 2025
•[ financial, hack, finance ]
Singapore-based cryptocurrency platform Phemex is forced to pause some of its operations after a suspected cyberattack led to the theft of more than $85 million in digital coins.
Conduent
January 22, 2025
•[ hack, government ]
American business services and government contractor Conduent confirms that a recent outage resulted from what it described as a "cyber security incident."
ipany (VPN software developed by a South Korean company)
January 22, 2025
•[ espionage, technology ]
Researchers from ESET link a previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon to a supply chain attack targeting ipany a South Korean virtual private network (VPN) provider.
~100 UTEP Students
January 22, 2025
•[ social, phishing, education ]
The University of Texas at El Paso (UTEP) is urging students to remain vigilant following a phishing attack that compromised several accounts.
Blessing Corporate Services Inc. (Blessing Health System)
January 22, 2025
•[ ransomware, data leak ]
Blessing Corporate Services reported a ransomware attack on January 22 2025 that stole and encrypted patient information for approximately 15,000 individuals. The breach disrupted some clinical operations before containment and was publicly disclosed in April 2025. No actor attribution has been made.
Alabama Ophthalmology Associates
January 22, 2025
•[ ransomware, data leak ]
Unauthorized access occurred Jan 2230, 2025; AOA later confirmed patient data was acquired. BianLian claimed responsibility; notifications began in April 2025.
Union Health System
January 22, 2025
•[ data leak, supply chain attack ]
Union Health reported that an unknown party accessed Oracle Health/Cerners data migration environment sometime after January 22, 2025; Union Health systems werent breached but patient data held by the vendor was exposed; notifications issued in May 2025.
Oracle Corporation (legacy cloud environment)
January 22, 2025
•[ data leak, extortion ]
Threat actor rose87168 exploited Oracles legacy Gen 1 Cloud infrastructure, stealing credentials and configuration data from ~140,000 tenants (6 million+ records) and attempting extortion; Oracle privately confirmed breach to customers.
Munson Healthcare (via Cerner legacy systems)
January 22, 2025
•[ data leak, third party breach, healthcare data ]
Munson Healthcare confirmed that an unauthorized third party gained access to and obtained data maintained by its electronic health record vendor, Cerner, on legacy Cerner systems used by Munson. The investigation indicated access occurred at least as early as January 22, 2025, and could have exposed patient identifiers and clinical information, including Social Security numbers and medical record data. Munson and Cerner reported taking steps to secure the affected systems and notified impacted individuals with options for identity-protection services.
Unnamed internet service provider (ISP) from Eastern Asia
January 21, 2025
•[ hack, ddos, technology ]
Cloudflare says it detected and blocked a 5.6 Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, the largest ever attack to be reported to date.
Rostelecom
January 21, 2025
•[ leak, technology ]
A major Russian telecommunications provider, Rostelecom, says that it is investigating a suspected cyberattack on one of its contractors after threat actors from Silent Crow claim to have leaked the company's data.
Embassies, lawyers, government-backed banks, and think tanks in Kyrgyzstan
January 21, 2025
•[ espionage, government ]
Researchers at Seqrite discover a previously undocumented threat actor dubbed Silent Lynx, linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan.
