State of (in)security - Week 34, 2025
Take action: Never trust messages in Microsoft Teams that are from unknown sources. Consider blocking external Teams access in your admin settings to avoid fake "help desk" accounts. Advise that teams should check back with their IT via a well known channel and never run commands or programs sent via Teams messages from an unknown person, even if they claim to be from IT support.
Learn More
In the week between Aug. 18, 2025, midnight and Aug. 25, 2025, midnight we witnessed a total of:
- 9 advisory/vulnerability events
- 23 incident/data breach events
Week over Week comparison of week 34 2025 vs week 33 2025:
- Advisories and incidents are down from the previous week. Advisories are down from 15 in week 33 to 9 in week 34. Incidents are down from 24 in week 33 2025 to 23 in week 34 2025.
- The number of known impacted individuals is up - from 740 thousand in week 33 to 2.037 million in week 34 2025.
We also shared 2 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 2,037,066 impacted individuals across 12 incidents, with the largest breach being the Orange Belgium hit by cyberattack, exposing personal data of 850K customers incident exposing 850,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 5 |
| Social Engineering and Phishing | 3 |
| System Misconfiguration Exploits | 2 |
| Unauthorized access | 2 |
| Third Party Compromise | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 6 |
| Telecommunications | 3 |
| Government | 2 |
| IT/Software/Technology | 2 |
| Entertainment/Leisure | 1 |
| Insurance | 1 |
| Non-profit/Charity | 1 |
| Other | 1 |
| Pharmaceuticals | 1 |
| Automotive | 1 |
| Transport/Logistics | 1 |
| Aviation | 1 |
| Construction/Realestate | 1 |
| Consulting/Professional Services | 1 |
Read the Event Details of the Week
Knowledge
- active exploit | FBI and Cisco warn of hackers exploiting seven-year-old Cisco vulnerability
- active phishing | How hacker gangs abuse Microsoft Teams for social engineering attacks to target companies
Vulnerabilities
- critical vulnerability | Apple releases updates for actively exploited zero-day vulnerability in ImageIO framework
- data breach | Caining Commvault vulnerabilities enables pre-authentication remote code execution
- critical vulnerability | CodeRabbit patches remote code execution flaw exposing repositories
- critical vulnerability | Critical Docker Desktop flaw allows container escape and host system access
- critical vulnerability | Google releases new Chrome update updating a high severity flaw
- critical vulnerability | Microsoft patches a critical flaw in PC Manager
- critical vulnerability | Mozilla patches multiple Vulnerabilities in Firefox, Thunderbird
- critical vulnerability | Remote code execution flaw reported in Rockwell Automation ControlLogix ethernet modules
- critical vulnerability | Vulnerabilities reported Workhorse Software Services municipal accounting software
Incidents
- data breach | Integrated Orthopedics of Arizona reports data breach exposeing nearly 3,000 patient records
- data breach | Equilibria Mental Health Services reports phishing attack, data breach
- data breach | APCS criminal background check provider suffers data breach through third-party attack
- data breach | Brightpoint social services agency reports data breach
- data breach | Aspire Rural Health System hit byransomware attack exposing 138,000 patient records
- data breach | Farmers Insurance reports data breach caused by third-party vendor attack
- data breach | Canada's investment regulator CIRO suffers cybersecurity incident exposing member firm and employee data
- data breach | New York Business Council reports data breach exposing 47,000 members' data
- data breach | Orange Belgium hit by cyberattack, exposing personal data of 850K customers
- data breach | UK medical cannabis clinic CB1 Medical reports data breach exposing over 4,000 patient records
- data breach | Hacker claims data breach of Uzbekistan Airways, company denies
- data breach | Nueces County Texas suffers $58,000 loss in email phishing attack
- data breach | Iranian maritime communications system hit by cyberattack, disrupts dozens of ships
- data breach | Hacker group "Promised Revenge" claims cyberattack on Israeli internet provider Rimon
- data breach | HR ciant Workday reports data breach caused by Salesforce social engineering attack
- data breach | Casino technology provider Bragg Gaming Group reports cybersecurity incident
- data breach | CEI Vision Partners reports data breach affecting patient information
- data breach | Australian telecomgGiant TPG's iiNet subsidiary hit by data breach affecting 280,000 customers
- data breach | Medical marijuana provider Ohio Medical Alliance leaks one million patient records
- ransomware | Data I/O hit by ransomware attack disrupting global operations
- ransomware | Qilin ransomware group claims breach of Nissan Design Studio
- ransomware | Sansone Group hit by ransomeare attack
- ransomware | Pharmaceutical research firm Inotiv hit by ransomware attack, drug development data compromised
