State of (in)security - Week 7, 2025
Take action: Never store credentials of your customers, and if you do, make sure you store them heavily encrypted, and enforce strict data retention and deletion.
Learn More
In the week between Feb. 10, 2025, midnight and Feb. 17, 2025, midnight we witnessed a total of:
- 14 advisory/vulnerability events
- 20 incident/data breach events
Week over Week comparison of week 7 2025 vs week 6 2025:
- Advisories are up and incidents are down from the previous week. Advisories are up from 10 in week 6 2025 to 14 in week 7 2025. Incidents are down from 26 in week 6 2025 to 20 in week 7 2025.
- The number of known impacted individuals is down - from almost 25 million in week 6 2025 to 12 million in week 7 2025.
We also shared 2 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 12,194,417 impacted individuals across 5 incidents, with the largest breach being the Zacks Investment Research user data breached, hacker leaks info of 12 million users incident exposing 12,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 5 |
| Third Party Compromise | 3 |
| Unauthorized access | 3 |
| Social Engineering and Phishing | 1 |
| System Misconfiguration Exploits | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Finance | 3 |
| Healthcare | 3 |
| IT/Software/Technology | 2 |
| Manufacturing | 2 |
| Government | 2 |
| Consulting/Professional Services | 2 |
| Utilities | 1 |
| Education | 1 |
| Entertainment/Leisure | 1 |
| Hospitality/Events | 1 |
| Other | 1 |
| Pharmaceuticals | 1 |
Read the Event Details of the Week
Knowledge
- active attack | Increased active exploitation of years-old ThinkPHP, ownCloud flaws
- active attack | Researchers report active attacks on SonicWall SSLVPN flaw, patch now
Vulnerabilities
- critical vulnerability | Adobe releases February 2025 patches for multiple products
- data breach | Apple releases emergency update iOS 18.3.1 and iPadOS 18.3.1 to fix actively exploited flaw
- critical vulnerability | Critical security vulnerability reported in Dingtian DT-R0 devices
- critical vulnerability | Ivanti patches another round of critical flaws in Connect Secure and Policy Secure
- critical vulnerability | Lexmark fixes multiple flaws in printer software and firmware, at least two critical
- critical vulnerability | Microsoft releases February 2025 patch, fixes 4 zero-days, 3 critical and a total of 57 flaws
- critical vulnerability | Mozilla releases patches for Mozilla Firefox & Thunderbird, at least three critical
- critical vulnerability | mySCADA reports multiple flaws in myPRO, at least two critical
- critical vulnerability | One more locally exploitable unauthenticated flaw reported in Palo Alto Networks PAN-OS
- critical vulnerability | ORing Industrial Networking confirmes multiple critical flaws in IAP-420 product
- critical vulnerability | PostgreSQL vulnerability discovered that was used in BeyondTrust attack
- critical vulnerability | Solarwinds releases new version of Self-Hosted Platform, patches multiple flaws
- critical vulnerability | WordPress Security Plugin exposes critical flaw
- critical vulnerability | Zimbra fixes flaws in Zimbra Collaboration, at least one critical
Incidents
- data breach | Zacks Investment Research user data breached, hacker leaks info of 12 million users
- data breach | Chinese IoT manufacturer Mars Hydro leaks 2.7 billion records via unsecured database
- data breach | Kraken ransomware gang claims breach of Cisco, the company says it's old data
- data breach | Hacker claims data breach of OmniGPT, offers data for sale on the dark web
- data breach | Watergate Hotel reports data breach
- data breach | Heartland Bank reports data breach caused by email account compromise
- data breach | Doxbin platform breached, hackers leak 136K user accounts and blacklisted users
- data breach | Handala hacking group claims breach of Israeli Police breach, theft of 350,000 files
- data breach | CPS Energy reports third party data breach
- data breach | VectraRx Mail Pharmacy Services reports data breach
- data breach | Zenith American Solutions reports data breach
- data breach | Star Solution Services reports data breach
- data breach | Fillmore County Hospital reports data breach
- data breach | ArdyssLife reports third party data breach
- data breach | Australian National University investigating claims of ransomware attack
- data breach | KeyBank reports third party data breach
- ransomware | SimonMed Imaging radiology practice hit by ransomware attack
- ransomware | Virginia attorney general's office hit by cyberattack, shuts down systems
- ransomware | PCB manufacturer Unimicron hit by ransomware attack claimed by Sarcoma gang
- ransomware | Ransomware attack on Sault Tribe operations shut down gaming at Kewadin Casinos
