How many security events occurred between March 10-17, 2025?

In the week between March 10, 2025, midnight and March 17, 2025, midnight we witnessed a total of 13 advisory/vulnerability events and 12 incident/data breach events.

How do the security events of week 11 2025 compare to week 10 2025?

Advisories are up from 10 in week 10 2025 to 13 in week 11 2025. Incidents are down from 21 in week 10 2025 to 12 in week 11 2025. The number of known impacted individuals decreased from 16 million in week 10 2025 to 464 thousand in week 11 2025.

How many individuals were impacted by data breaches this week?

There were a total of 434,254 impacted individuals across 4 incidents, with the largest breach being the Sunflower Medical Group data breach exposing 220,968 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher.

What were the main causes of security incidents this week?

The main causes of security incidents were: Malware, Ransomware and Related Attacks (5 incidents), Unauthorized access (3 incidents), and System Misconfiguration Exploits (1 incident).

Which industries were most affected by security incidents this week?

The most affected industries were: Healthcare (4 incidents), Government (2 incidents), Consulting/Professional Services (2 incidents), Telecommunications (1 incident), Food and Beverage (1 incident), Education (1 incident), and Construction (1 incident).

What critical vulnerabilities were reported this week?

Critical vulnerabilities were reported in: Adobe products, Apple WebKit, Bitdefender BOX v1 Devices, Veritas Arctera InfoScale, DrayTek Routers, GitLab CE and EE, Microsoft products (six actively exploited), Optigo Networks Visual BACnet Tools, Siemens SINAMICS S200, Siemens OPC UA, Siemens SiPass access control products, Siemens SINEMA, and Sungrow iSolarCloud and WiNet Firmware.

What notable data breaches occurred this week?

Notable data breaches included: Smart ERP Solutions, Scottish Qualifications Authority (affecting 17,000 documents), Baylor Scott & White Texas Spine & Joint Hospital, ESHYFT (over 86,000 healthcare worker records leaked), Community Care Alliance, Lumen Technologies, Pam Golding Properties, and Brydens Lawyers.

What ransomware attacks were reported this week?

Ransomware attacks were reported at: Ganong Bros., Sunflower Medical Group (exposing 220K people), City of Fort St. John, and a health system network in Micronesia's Yap state.

What active exploits were reported this week?

Active exploits were reported for: Juniper routers (by UNC3886), Advantive VeraCore, Ivanti Endpoint Manager (EPM), Edimax IC-7100 IP cameras, Windows PHP, and the FreeType library.

Knowledge

State of (in)security - Week 11, 2025

published: March 17, 2025

Take action: Be very careful with end-of-life and end-of-support devices. They are vulnerable, and nobody will fix them. They are a recipe for you to be hacked.

Learn More

In the week between March 10, 2025, midnight and March 17, 2025, midnight we witnessed a total of:

13 advisory/vulnerability events
12 incident/data breach events

Week over Week comparison of week 11 2025 vs week 10 2025:

Advisories are up and incidents down from the previous week. Advisories are up from 10 in week 10 2025 to 13 in week 11 2025. Incidents are up from 21 in week 10 2025 to 12 in week 11 2025.
The number of known impacted individuals is down - from 16 million in week 10 2025 to 464 thousand in week 11 2025.

We also shared 7 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 434,254 impacted individuals across 4 incidents, with the largest breach being the Sunflower Medical Group reports data breach exposing 220K people incident exposing 220,968 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
Malware, Ransomware and Related Attacks	5
Unauthorized access	3
System Misconfiguration Exploits	1

Industry breakdown of incidents

Industry	Number of incidents
Healthcare	4
Government	2
Consulting/Professional Services	2
Telecommunications	1
Food and Beverage	1
Education	1
Construction	1

Read the Event Details of the Week

Knowledge

awareness | Blind Eagle gang targets Colombian Institutions
active exploit | China related espionage group UNC3886 exploits end-of-life Juniper routers with custom backdoors
active exploit | CISA reports active exploitation of Advantive VeraCore flaws
active exploit | CISA reports active exploitation of critical Ivanti Endpoint Manager (EPM) flaws
active exploit | Critical command injection flaw in Edimax IC-7100 IP cameras actively exploited
active exploit | Organizations attacked via Windows PHP remote code execution flaw
active exploit | Vulnerability in FreeType library under active exploitation

Vulnerabilities

critical vulnerability | Adobe releases March 2025 patches for multiple products
critical vulnerability | Apple patches critical WebKit Vulnerability exploited in "Extremely Sophisticated" attacks
critical vulnerability | Bitdefender reports critical flaws in Bitdefender BOX v1 Devices
critical vulnerability | Critical vulnerability reported in Veritas Arctera InfoScale
critical vulnerability | DrayTek Router vulnerabilities disclosed by Faraday Security research team
critical vulnerability | GitLab fixes critical security flaws in Community Edition (CE) and Enterprise Edition (EE)
critical vulnerability | Microsoft March 2025 Patch package fixes 57 flaws, six actively exploited and six critical
critical vulnerability | Multiple vulnerabilities reportd in Optigo Networks Visual BACnet Tools, one critical
critical vulnerability | Siemens reports critical flaw in SINAMICS S200
critical vulnerability | Siemens reports critical flaws in OPC UA
critical vulnerability | Siemens reports critical flaws in SiPass access control products
critical vulnerability | Siemens SINEMA reports multiple vulnerabilities, two critical
critical vulnerability | Sungrow reports multiple flaws in iSolarCloud and WiNet Firmware, two critical

Incidents

data breach | Smart ERP Solutions reports data breach affecting consumer information
data breach | Scottish Qualifications Authority investigating data breach involving 17,000 documents
data breach | Baylor Scott & White Texas Spine & Joint Hospital report data breach
data breach | Over 86,000 healthcare worker records leaked in ESHYFT's unsecured S3 Bucket
data breach | Community Care Alliance reports data breach
data breach | Lumen Technologies reports data breach affecting customer information
data breach | Pam Golding Properties reports data breach affecting South African clients
data breach | Sydney law firm Brydens Lawyers hit by cyber attack
ransomware | Ganong Bros. reports cybersecurity incident, operations disrupted
ransomware | Sunflower Medical Group reports data breach exposing 220K people
ransomware | City of Fort St. John reports ransomware attack
ransomware | Ransomware attack disrupts health system network in Micronesia's Yap state

Read More
State of (in)security - Week 7, 2026
State of (in)security - Week 10, 2026
Data source with billions of previously leaked credentials …
State of (in)security - Week 23, 2023
Step by Step Example - "Hacker" sextortion scam …