How many cybersecurity events occurred in the week of September 15-22, 2025?

During the week of September 15-22, 2025, there were a total of 33 cybersecurity events: 14 advisory/vulnerability events and 19 incident/data breach events.

How did cybersecurity incidents change compared to the previous week?

Comparing week 38 to week 37 of 2025: Advisories increased from 13 to 14 (up by 1), while incidents decreased from 26 to 19 (down by 7). However, the number of impacted individuals increased significantly from 520,000 to 9.145 million.

What was the largest data breach of the week and how many people were affected?

The largest breach was the Shiny Hunters ransomware gang's claimed breach of Kering's Luxury Brands, which exposed data of 7,400,000 individuals. Overall, 9,145,640 individuals were impacted across 7 incidents during the week.

What were the most common causes of cybersecurity incidents this week?

The top causes of incidents were: Malware, Ransomware and Related Attacks (5 incidents), Unauthorized access (3 incidents), followed by Third Party Compromise, Social Engineering and Phishing, and Human bad security behavior (2 incidents each).

Which industry was most affected by cybersecurity incidents?

Healthcare was the most affected industry with 7 incidents, followed by IT/Software/Technology and Finance with 2 incidents each. Other affected industries included Food and Beverage, Government, Insurance, Automotive, Retail, Aviation, and Consulting/Professional Services with 1 incident each.

What types of critical vulnerabilities were reported this week?

Critical vulnerabilities were reported in various systems including Apple iOS/macOS updates, WordPress plugins, Apache HTTP Server, Nokia management platforms, FlowiseAI, Kubernetes tools, Google Chrome (with one actively exploited), and multiple enterprise systems like WatchGuard Firebox and Fortra's GoAnywhere MFT.

What major ransomware attacks occurred during this week?

Major ransomware attacks included: Shiny Hunters gang's breach of Kering's Luxury Brands (7.4M affected), Goshen Medical Center attack (456,385 patients affected), Medical Associates of Brevard hit by BianLian ransomware (246,711 patients), Everest gang's claimed breach of BMW, and attacks on Family & Community Services and SonicWall MySonicWall platform.

Were there any notable breaches in the financial or technology sectors?

Yes, notable breaches included: Former FinWise Bank employee breaching data of 689,000 customers, Google confirming a breach of their Law Enforcement Request System with a fraudulent account created, and an arrested hacker claiming Scattered Spider gang breached Crypto.com (though this incident was not officially reported).

What was the most critical vulnerability discovered recently in Microsoft's cloud services?

Microsoft reclassified a critical vulnerability in Entra ID (CVE-2025-55241) with a maximum CVSS score of 10.0 that could have compromised virtually every tenant globally. Discovered by Dutch researcher Dirk-jan Mollema in July 2025, the flaw involved undocumented 'Actor tokens' and a validation issue in the Azure AD Graph API. Attackers could bypass MFA, Conditional Access, and logging while achieving full tenant compromise. Microsoft fixed the issue within 3 days of reporting (July 14-17, 2025) with no evidence of exploitation in the wild.

What recent ransomware attack affected a government entity and what sensitive data was compromised?

The Lorain County Board of Commissioners in Ohio reported a ransomware attack discovered on May 23, 2025, claimed by the Global ransomware gang. The attack compromised sensitive financial information including Social Security numbers, bank account numbers, and routing numbers of county employees and vendors. The breach primarily impacted files in the County Auditor's Office, though other departments also reported issues. The ransomware group threatened to release stolen data unless ransom demands were met, claiming possession of 'lots of private information, bank accounts and more.'

Incident

Lorain County auditor's office hit by ransomware attack exposing employee and vendor data

published: Sept. 22, 2025

Learn More

The Lorain County Board of Commissioners in Ohio is reporting a data security incident that compromised sensitive financial information belonging to county employees and vendors.

The breach was discovered on May 23, 2025, and was caused by a ransomware attack.

The attack was claimed by the Global ransomware gang, which threatened to release stolen data unless ransom demands were met. The ransomware group alleged to be in possession of "lots of private information. Bank accounts and more.

According to the release from Lorain County Board of Commissioners, "a limited number of files containing personal information relating to our employees and vendors were potentially impacted". The exposed data includes:

Social Security numbers
Bank account numbers
Routing numbers

The number of affected individuals is not disclosed.

County officials stated that "to the best of our knowledge, this incident impacted information ONLY contained in the Lorain County Auditor's Office. It's unclear if the breach extended further than the auditor's office, since other departments within Lorain County also started to report issues at the end of May, and several departments were closed.

Lorain County auditor's office hit by ransomware attack exposing employee and vendor data

Read More
St. Landry Parish school impacted by ransomware
RansomedVC claim theft of voter data from DC …
8Base hacker group claims data theft from Kansas …
Travel booking platform Sabre listed as compromised by …
Bangladesh based Popular Life Insurance hit by ransomware