How many cybersecurity events occurred in the week of May 26 - June 2, 2025?

During the week between May 26, 2025, midnight and June 2, 2025, midnight, there were a total of 14 advisory/vulnerability events and 20 incident/data breach events. Additionally, 5 practical knowledge items were shared.

How did this week compare to the previous week in terms of cybersecurity incidents?

Week 22 2025 showed an increase in both advisories and incidents compared to week 21 2025. Advisories increased from 13 to 14, and incidents rose from 17 to 20. However, the number of known impacted individuals significantly decreased from 184 million in week 21 to 2.44 million in week 22 2025.

How many individuals were impacted by cybersecurity incidents this week?

There were a total of 2,445,390 impacted individuals across 5 incidents. The largest breach was an E-Commerce data leak that exposed 1.6 million customer records through misconfigured cloud storage. Since not all incidents report the number of impacted individuals, the real number is likely higher.

What were the main causes of cybersecurity incidents this week?

The primary causes of incidents were: Malware, Ransomware and Related Attacks (7 incidents), Software Vulnerability and SDLC Exploits (3 incidents), Third Party Compromise (3 incidents), and System Misconfiguration Exploits (2 incidents).

Which industries were most affected by cybersecurity incidents?

The most affected industries were Retail and Healthcare, each with 4 incidents. Government had 3 incidents, while Other, Education, and IT/Software/Technology each had 2 incidents. Transport/Logistics, Insurance, and Construction/Real Estate each had 1 incident.

What types of vulnerabilities were reported this week?

Multiple critical vulnerabilities were reported, including remote code execution flaws in Apache InLong, TI WooCommerce Wishlist Plugin, and Evertz Broadcasting Infrastructure. Other critical issues included certificate validation flaws in Icinga 2, account takeover vulnerabilities in WSO2 SOAP, and XSS vulnerabilities in Argo CD that could expose Kubernetes clusters.

What were some notable data breaches this week?

Notable data breaches included: E-Commerce data leak exposing 1.6M customer records, LexisNexis risk solutions breach affecting 364K people, Bradford Health Services patient and employee data exposure, Cooper Health System breach affecting nearly 60K patients, and breaches at Tiffany & Company Korea, MathWorks (MATLAB), and Adidas through compromised third-party services.

What ransomware attacks occurred this week?

Several ransomware attacks were reported: Marlboro-Chesterfield Pathology hit by SafePay ransomware affecting 235K patients, Sri Lankan Pensions Department attack exposing 617GB of data, City of St. Cloud, Florida attack with 1.4TB stolen, Singapore Income Insurance policyholder data exposure, and Clop Ransomware targeting Greek logistics company Orphee Beinoglou.

Incident

Cartier reports data breach exposing customer personal information

published: June 2, 2025

Learn More

Luxury jewelry and watch brand Cartier has disclosed a data breach that exposed customer personal information after unauthorized parties gained access to the company's systems.

"We are writing to inform you that an unauthorized-party gained temporary access to our system and obtained limited client information," Cartier stated in the data breach notification. "We contained the issue and have further enhanced the protection of our systems and data."

The exposed data includes:

Names
Email addresses
Countries of residence

The nature of the attack and the number of affected individuals has not been disclosed .

The company warns that the stolen data could be used in targeted attacks, asking customers to remain vigilant against unsolicited or suspicious communications.

Cartier says it has informed law enforcement about the incident and is working with an external cybersecurity company to remediate the breach.

This breach follows similar security incidents at other fashion brands disclosed over the past month. In May, Dior and Tiffany & Company Korea reported a data breach. Victoria's Secret took down its website and some store services because of an ongoing security incident.

Cartier reports data breach exposing customer personal information

Read More
Singapore Poh Heng Jewellery reports data breach exposing …
Thailand Poseify Group Co Ltd reports data breach
PcComponentes Blocks Credential Stuffing Attack After False Breach …
Toys "R" Us Canada reports data breach exposing …
KwikTrip systems hit by cyberattack