Friday, May 30th, 2025
Cybersecurity Week in Review (30/05/25)
Nearly 280K impacted by Nova Scotia Power ransomware hack
Nova Scotia Power, the Canadian province’s leading electric utility, had data belonging to almost 280,000 clients, or more than half of all its customers, confirmed to have been exfiltrated following a March ransomware attack which the firm previously noted could have led to the compromise of individuals’ names, birthdates, mailing and service addresses, email addresses, customer account history, Social Security numbers, and bank account numbers
Source: https://www.scworld.com/brief/nearly-280k-impacted-by-nova-scotia-power-ransomware-hack
MATLAB dev confirms ransomware attack behind service outage
MathWorks, a leading developer of mathematical computing and simulation software, has revealed that a recent ransomware attack is behind an ongoing service outage.
Adidas Falls Victim to Third-Party Data Breach
Adidas confirmed that a threat actor obtained company data through a breach of a third-party customer service provider.
The affected data includes customer contact information who interacted with the Adidas customer service help desk in the past. It does not include passwords, credit cards, or other payment or financial information.
Source: https://www.darkreading.com/vulnerabilities-threats/adidas-victim-third-party-data-breach
Victoria’s Secret takes down website after security incident
Fashion giant Victoria’s Secret has taken down its website and some store services because of an ongoing security incident.
Hackers Allegedly Claim AT&T Data Leak – 31M Records Exposed
A threat actor has allegedly leaked sensitive data belonging to telecommunications giant AT&T, claiming to possess 31 million customer records totalling 3.1GB of information available in both JSON and CSV formats.
Source: https://cybersecuritynews.com/hackers-allegedly-claim-att-data-leak/
Czechia blames China for Ministry of Foreign Affairs cyberattack
The Czech Republic says the Chinese-backed APT31 hacking group was behind cyberattacks targeting the country’s Ministry of Foreign Affairs and critical infrastructure organizations.
CISA Warns of Attacks Targeting Commvault SaaS Environment
A threat actor is targeting authentication credentials stored in Commvault’s cloud-based backup and recovery platform and using them to gain unauthorized access to customers’ Microsoft 365 accounts.
Source: https://www.darkreading.com/cloud-security/cisa-warns-attacks-commvault-saas-environment
FBI Alerts Law Firms to Luna Moth’s Stealth Phishing Campaign
The U.S. Federal Bureau of Investigation (FBI) has warned of social engineering attacks mounted by a criminal extortion actor known as Luna Moth targeting law firms over the past two years.
Source: https://thehackernews.com/2025/05/hackers-are-calling-your-office-fbi.html
Hacker steals $223 million in Cetus Protocol cryptocurrency heist
The decentralized exchange Cetus Protocol announced that hackers have stolen $223 million in cryptocurrency and is offering a deal to stop all legal action if the funds are returned.
Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers
Threat hunters have exposed a novel campaign that makes use of search engine optimization (SEO) poisoning techniques to target employee mobile devices and facilitate payroll fraud.
Source: https://thehackernews.com/2025/05/employees-searching-payroll-portals-on.html
Contact Us
The data you supply here will not be added to any mailing list or given to any third party providers without further consent. View our Privacy Policy for more information.