What were the cybersecurity statistics for the week of October 27 - November 3, 2025?

During the week between October 27, 2025, midnight and November 3, 2025, midnight (week 44), there were a total of 9 advisory or vulnerability events and 16 incident or data breach events. Additionally, 3 practical knowledge items were shared during this period.

How did week 44 2025 compare to the previous week in cybersecurity incidents?

Comparing week 44 2025 to week 43 2025, advisories decreased from 12 to 9, while incidents increased from 12 to 16. However, the number of known impacted individuals dropped significantly from 17.4 million in week 43 to 329,000 in week 44 2025.

How many individuals were impacted by data breaches in the week of October 27 - November 3, 2025?

There were a total of 329,831 impacted individuals across 5 incidents during week 44 2025. The largest breach was the Blue Cross Blue Shield of Texas customers affected by a third-party vendor data breach, exposing 310,000 individuals. Since not all incidents report numbers of impacted individuals, the real number is likely higher.

What were the main causes of cybersecurity incidents in week 44 2025?

The main causes of incidents during the week of October 27 - November 3, 2025, were malware, ransomware and related attacks (4 incidents), third party compromise (2 incidents), unauthorized access (2 incidents), denial-of-service attacks (1 incident), human bad security behavior (1 incident), and system misconfiguration exploits (1 incident).

Which industries were most affected by cybersecurity incidents in week 44 2025?

Healthcare was the most affected industry with 4 incidents, followed by education with 3 incidents, and finance with 2 incidents. Other affected industries included government, IT/software/technology, automotive, manufacturing, consulting/professional services, and energy, each with 1 incident.

What was the largest data breach in the week of October 27 - November 3, 2025?

The largest data breach during week 44 2025 was the Blue Cross Blue Shield of Texas incident, where customers were affected by a third-party vendor data breach exposing 310,000 individuals. This single breach accounted for the majority of all impacted individuals during that week.

What critical vulnerabilities were reported during the week of October 27 - November 3, 2025?

Critical vulnerabilities reported during week 44 2025 included an architectural flaw in Chromium Blink engine that enables browser crashes, a Wear OS vulnerability allowing silent SMS sending without user consent, cross-site scripting flaws in Checkmk Monitoring Software, vulnerabilities in WordPress King Addons for Elementor plugin, authentication bypass in Ubiquiti UniFi Access, ASP.NET Core flaws affecting QNAP applications, and path traversal vulnerabilities in Docker compose. Google also released Chrome 142 patching 20 security flaws.

What actively exploited vulnerabilities did CISA warn about in week 44 2025?

CISA issued warnings about actively exploited flaws in Dassault DELMIA Apriso manufacturing software, an actively exploited old Linux kernel vulnerability, and a critical XWiki vulnerability being exploited in crypto mining malware campaigns during the week of October 27 - November 3, 2025.

What notable ransomware attacks occurred in the week of October 27 - November 3, 2025?

Notable ransomware attacks during week 44 2025 included the Qilin ransomware gang claiming a cyberattack on Malibu Boats Australia with alleged 160 GB data theft, the Akira ransomware group claiming a breach of Apache OpenOffice, Right at Home reporting a ransomware attack exposing customer data, and Sweden's power grid operator Svenska Kraftnät confirming a ransomware attack with data breach.

What healthcare-related data breaches occurred during week 44 2025?

Healthcare-related data breaches during the week of October 27 - November 3, 2025, included Beverly Hills Oncology medical group reporting a breach exposing patient information, Northern Montana Health Care reporting a third-party data breach affecting patient data, NHS Lothian staff member being charged for unauthorized access to patient medical records, and Blue Cross Blue Shield of Texas customers affected by a third-party vendor data breach exposing 310,000 individuals.

What education sector incidents occurred in week 44 2025?

Education sector incidents during the week of October 27 - November 3, 2025, included the University of Pennsylvania email system being compromised in a cybersecurity incident, the Iranian Intelligence-Linked cybersecurity academy suffering a data breach exposing student records, and the Akira ransomware group claiming a breach of Apache OpenOffice.

What international cybersecurity incidents occurred in week 44 2025?

International cybersecurity incidents during the week of October 27 - November 3, 2025, included coordinated cyberattacks disrupting Polish payment infrastructure and travel services, Sweden's power grid operator Svenska Kraftnät confirming a ransomware attack and data breach, NHS Lothian in the UK reporting unauthorized access to patient records, and the Qilin ransomware gang claiming an attack on Malibu Boats Australia.

Were there any financial sector incidents in the week of October 27 - November 3, 2025?

Yes, financial sector incidents during week 44 2025 included hackers claiming a breach of HSBC USA, coordinated cyberattacks disrupting Polish payment infrastructure including the BLIK mobile payment system, and the GCash incident where the company claimed no breach despite a dark web listing, which prompted a National Privacy Commission investigation.

Knowledge

State of (in)security - Week 44, 2025

published: Nov. 3, 2025

Take action: All Chromium based browsers (Chrome, Edge, Vivaldi, Opera, Brave...) are vulnerable to being crashed by just visiting a web page. And there is no fix. So be extremely careful clicking unknown links, ideally use Firefox or Safari since they are not vulnerable, and keep up with updates for Chromium based browsers.

Learn More

In the week between Oct. 27, 2025, midnight and Nov. 3, 2025, midnight we witnessed a total of:

9 advisory/vulnerability events
16 incident/data breach events

Week over Week comparison of week 44 2025 vs week 43 2025:

We also shared 3 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 329,831 impacted individuals across 5 incidents, with the largest breach being the Blue Cross Blue Shield of Texas customers affected by Third-Party vendor data breach incident exposing 310,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
Malware, Ransomware and Related Attacks	4
Third Party Compromise	2
Unauthorized access	2
Denial-of-Service Attacks	1
Human bad security behaviour	1
System Misconfiguration Exploits	1

Industry breakdown of incidents

Industry	Number of incidents
Healthcare	4
Education	3
Finance	2
Government	1
IT/Software/Technology	1
Automotive	1
Manufacturing	1
Consulting/Professional Services	1
Energy	1

Read the Event Details of the Week

Knowledge

active exploit | CISA warns of actively exploited flaws in Dassault DELMIA Apriso manufacturing software
active exploit | CISA warns of actively exploited old Linux kernel vulnerability
active exploit | Critical XWiki vulnerability exploited in crypto mining malware campaigns

Vulnerabilities

critical vulnerability | Architectural flaw in Chromium Blink engine enables crashing of all Chromium based browsers just by visiting a web page
critical vulnerability | Critical ASP.NET Core flaw affects QNAP NetBak PC Agent and Enterprise web applications
critical vulnerability | Critical authentication bypass flaw reported in Ubiquiti UniFi Access
critical vulnerability | Critical cross-site scripting flaw reported in Checkmk Monitoring Software
critical vulnerability | Critical vulnerabilities reported in WordPress King Addons for Elementor plugin
critical vulnerability | Google patches Wear OS vulnerability that enables silent SMS sending without user consent
critical vulnerability | Google releases Chrome 142, patches 20 security flaws
critical vulnerability | Multiple Dell Storage Manager vulnerabilities patched, at least one critical
critical vulnerability | Path traversal vulnerability in Docker compose enables system compromise via malicious OCI artifacts

Incidents

Read More
Attack Methods on Air-Gapped or Network-Isolated ICS Systems
Multiple vulnerabilities reported in ChatGPT that enable zero-click …
State of (in)security - Week 27, 2024
State of (in)security - Week 42, 2024
State of (in)security - Week 16, 2025