How many cybersecurity events occurred in the week of May 26 - June 2, 2025?

During the week between May 26, 2025, midnight and June 2, 2025, midnight, there were a total of 14 advisory/vulnerability events and 20 incident/data breach events. Additionally, 5 practical knowledge items were shared.

How did this week compare to the previous week in terms of cybersecurity incidents?

Week 22 2025 showed an increase in both advisories and incidents compared to week 21 2025. Advisories increased from 13 to 14, and incidents rose from 17 to 20. However, the number of known impacted individuals significantly decreased from 184 million in week 21 to 2.44 million in week 22 2025.

How many individuals were impacted by cybersecurity incidents this week?

There were a total of 2,445,390 impacted individuals across 5 incidents. The largest breach was an E-Commerce data leak that exposed 1.6 million customer records through misconfigured cloud storage. Since not all incidents report the number of impacted individuals, the real number is likely higher.

What were the main causes of cybersecurity incidents this week?

The primary causes of incidents were: Malware, Ransomware and Related Attacks (7 incidents), Software Vulnerability and SDLC Exploits (3 incidents), Third Party Compromise (3 incidents), and System Misconfiguration Exploits (2 incidents).

Which industries were most affected by cybersecurity incidents?

The most affected industries were Retail and Healthcare, each with 4 incidents. Government had 3 incidents, while Other, Education, and IT/Software/Technology each had 2 incidents. Transport/Logistics, Insurance, and Construction/Real Estate each had 1 incident.

What types of vulnerabilities were reported this week?

Multiple critical vulnerabilities were reported, including remote code execution flaws in Apache InLong, TI WooCommerce Wishlist Plugin, and Evertz Broadcasting Infrastructure. Other critical issues included certificate validation flaws in Icinga 2, account takeover vulnerabilities in WSO2 SOAP, and XSS vulnerabilities in Argo CD that could expose Kubernetes clusters.

What were some notable data breaches this week?

Notable data breaches included: E-Commerce data leak exposing 1.6M customer records, LexisNexis risk solutions breach affecting 364K people, Bradford Health Services patient and employee data exposure, Cooper Health System breach affecting nearly 60K patients, and breaches at Tiffany & Company Korea, MathWorks (MATLAB), and Adidas through compromised third-party services.

What ransomware attacks occurred this week?

Several ransomware attacks were reported: Marlboro-Chesterfield Pathology hit by SafePay ransomware affecting 235K patients, Sri Lankan Pensions Department attack exposing 617GB of data, City of St. Cloud, Florida attack with 1.4TB stolen, Singapore Income Insurance policyholder data exposure, and Clop Ransomware targeting Greek logistics company Orphee Beinoglou.

Incident

The North Face reports credential stuffing attack

published: June 2, 2025

Learn More

Outdoor apparel retailer The North Face is reporting a credential stuffing attack that exposed customer personal information after unauthorized parties gained access to customer accounts on the company's website.

"On April 23, 2025, we discovered unusual activity involving our website, thenorthface.com, which we investigated immediately," reads the notice. "we concluded that an attacker had launched a small scale credential stuffing attack against our website on April 23, 2025."

In a credential stuffing attack threat actors attempt to gain access to user accounts by automating login attempts using username-password pairs previously exposed in data breaches from other sources. This technique exploits the common practice of password reuse across multiple online services. The compromised data includes:

Full name
Purchase history
Shipping address
Email address
Date of birth
Telephone number

The number of affected individuals has not been disclosed.

Update - VF Outdoor, which owns North Face and other brands reports that 2,861 people had their accounts accessed in this attack.

The North Face has now begun to send data breach notifications to impacted customers. The company notes that payment information was not exposed, as an external provider handles payments on the site, and The North Face doesn't retain any card data.

Two similar incidents were disclosed in November 2020 and September 2022, impacting over 200,000 customers. The most severe cybersecurity incident hitting The North Face was a December 2023 ransomware attack that was later confirmed to have impacted 35,000,000 customers.

The North Face reports credential stuffing attack

Read More
Zapier reports their code repositories breached, potentially accessed …
Hackers claim breach of North Pole Company exposing …
Tiffany & Company Korea reports data breach of …
University of Chicago Medicine reports data breach through …
Harrods latest UK retailer to be hit by …