Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and 
Dentons Senior Analyst, Washington DC
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 17th March and 23rd March 2025.18th March
Ascom affected by cyber attack
17th March
£1 Million Lost as UK Social Media and Email Account Hacks Skyrocket
AI Module Security Flaws in Drupal: MyCERT Urges Immediate Patching
AI-supported spear phishing threatens APAC e-commerce
All your Alexa recordings will go to the cloud soon, as Amazon sunsets Echo privacy
Alleged LockBit developer extradited to the US
Amazon’s Controversial Change to Echo’s Privacy Settings Takes Effect Soon
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
As Medusa Ransomware Attack Surges, FBI Issues Critical Warning to Gmail & Outlook Users
Automated brute forcing tool leveraged in Black Basta ransomware intrusions
BlackLock Ransomware Hacked 40+ Organizations Within Two Months
BlackLock Ransomware Strikes Over 40 Organizations in Just Two Months
Brydens Lawyers investigating cyber incident that compromised client data
Bumble heightens safety measures with new ID verification feature
Chinese threat actor resided in US electric grid for almost one year
Coinbase users received mass-phishing emails from scammers over the weekend
Critical RCE flaw in Apache Tomcat actively exploited in attacks
Customers of “China‘s Amazon” had their passwords stolen, hackers say
Cyber ransomware: A growing threat in the digital age
Cyberattacks on Major Consumer Brands in 2024: Key Takeaways
Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions
Cybersecurity Officials Warn Against Potentially Costly Medusa Ransomware Attacks
DeepSeek can develop malware, cyber experts are sharing the risks
Department of Government Efficiency (DOGE) staffer violated Treasury rules by emailing unencrypted personal data
Do you use Gmail or Outlook? FBI, CISA issue warning about Medusa ransomware
Don’t Take the Bait: Coinbase & Gemini Exchange Users Targeted by Phishing Attack
FBI and CISA warn of a new wave of ransomware attacks
FBI has a ‘hacker’ warning for Gmail, Microsoft Outlook users
FBI issues national security warning to Gmail, Outlook email users
FBI Issues urgent warning: Secure your Gmail against rising ransomware & hacking threats
FBI Issues Warning: Scammers Target Gmail and Outlook Users with Deceptive Ransom Demands
FBI issues warning to Gmail, Outlook users about recent ransomware attacks
FBI Sounds Alarm on Medusa Ransomware Cyberattack: Here's How Organizations Can Protect Themselves
FBI Warning Issued for Medusa Threat: Everything You Need to Know
FBI warns Gmail, Outlook, and VPN users as Medusa ransomware attacks escalate
FBI, CISA Issue Warning To Gmail, Outlook And VPN Users About Medusa Ransomware Scheme
FBI, CISA Sound Alarm on Medusa Ransomware Surge
February 2025 reports record spike in ransomware attacks
Fog ransomware group claims a major data theft from radiology firm UDMI's systems
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
GitHub project maintainers targeted with fake security alert
Gmail Users Get Urgent Warning From FBI As Hackers Spread Ransomware Attack
Google may also have received a Technical Capabilities Notice (TCN) from the UK government
Hackers are exploiting Fortinet firewall bugs to plant ransomware
Hackers claim major Chinese online shopping platform Taobao
Hackers claim they’ve breached Orange and have “very detailed” information
Hackers exploit fake audio issues to spread malware in virtual meetings
Here’s how to win the ransomware battle
How Economic Headwinds Influence the Ransomware Ecosystem
Identities of 12 million people in France potentially leaked in cyberattack: how to protect yourself
Indian CERT Flags Severe Vulnerabilities in Rising Technosoft Software
Infosys agrees to pay US$17.5 Million in data breach settlement
Investigation launched into Fakenham council's data breach
Jaguar Land Rover Breached by HELLCAT Ransomware Group using Jira Credentials
Jaguar Land Rover Hit by HELLCAT Ransomware Using Stolen Jira Credentials
Lehigh Valley Health Network Agrees to Pay $65 Million Class Action Settlement to Patients after Ransomware Attack
LockBit ransomware developer extradited to the US
LockBit ransomware developer extradited to the USA
Malicious Code Hits ‘tj-actions/changed-files’ in 23,000 GitHub Repos
Mandatory Cyber Extortion Reporting: Why We Need It Now
Medusa Ransomware Hits Critical Infrastructure
Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory
Merkur Information Leak Raises Concern Over Data Protection
Microsoft 365 accounts are under attack from new malware spoofing popular work apps
Microsoft 365 environments exploited in business email attacks
'Mora_001' ransomware gang exploiting Fortinet bug spotlighted by CISA in January
New Akira Ransomware Decryptor Leans on Nvidia GPU Power
New decryptor targets Akira ransomware with GPU technology for Linux systems
New Phishing Scam Targets Coinbase, Gemini Users, Urging Transition to Self-Custody Wallets
New RAT malware used for crypto theft, reconnaissance
OKX Suspends DEX Aggregator After Lazarus Hack Attempt
OKX suspends DEX aggregator after Lazarus hackers try to launder funds
One of the most powerful ransomware hacks around has been cracked using some serious GPU power
OpenAI's AI Agent Exploitable in Phishing
Over 120,000 patients impacted in Florida hospital data breach
Phishing and data leaks: the biggest digital threats
Phishing campaign attacks 12,000 GitHub users with rogue OAuth app
Phishing campaign targets 12,000 GitHub repositories with fake security alerts
Ransomware hits record high, Australia among top targets
Researcher releases free GPU-Based decryptor for Linux Akira ransomware
Researchers Confirm BlackLock as Eldorado Rebrand
Rise in Phishing Attacks Fuels Growth in Passwordless Security
Scammers Impersonate Cl0p Ransomware in Fake Extortion Schemes
Scammers Pose as Cl0p Ransomware to Send Fake Extortion Letters
Secret-printing code, phishing attempts flagged on GitHub
Security Database Aims to Empower Non-Profits
SingCERT Alerts Public on Fraudulent Emails Impersonating Cyber Security Agency of Singapore (CSA) and Singapore Police Force (SPF)
SocGholish Exploits Compromised Websites to Deliver RansomHub Ransomware
SocGholish Leveraging Compromised Websites To Deploy RansomHub Ransomware
Sperm bank California Cryobank confirms data breach
Supply chain attack on popular GitHub Action exposes CI/CD secrets
Temu’s sister company allegedly hit by ransomware, 700 Million users at risk
Texas man faces prison for activating ‘kill switch’ on former employer’s network
TFE hotels group suffers severe operational disruption following a cyber attack
Threat actors rapidly exploit new Apache Tomcat flaw following PoC release
TikTok rolls out a ‘Security Checkup’ tool to help users secure their accounts
Tj-actions Supply Chain Attack Exposes 23,000 Organizations
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
Upstate school district remains offline after data breach
US extradites alleged LockBit developer
US Legislators Demand Transparency in Apple's UK Backdoor Court Fight
Warning! FBI Alerts Gmail, Outlook Users of Sneaky New Hacker Trick
Weirdest Threat Group Names: The Funny, Scary and Just Plain Weird
Why SharpRhino Malware is Leaving Victims Thunderstruck
Widespread Coinbase phishing attack uncovered
Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 3rd March and 9th March 2025, kindly assisted by our partners.
