Please fill in the form below to subscribe to our blog

Categories

Tags

BullPhish ID cybersecurity Dark Web ID Email security Graphus incident response phishing ransomware Rocketcyber user protection Week In Breach

The Week in Breach News: 05/14/25 – 05/20/25    

May 21, 2025

This week: Hackers go shopping at Christian Dior; Coinbase gets hit by a malicious insider; bad actors stall steel production; and 11 newly translated phishing training kits arrive in BullPhish ID.

See the evolution of the MSP business in our infographic 7 Key Stats From the 2025 MSP Benchmark Survey. DOWNLOAD IT>>

Nucor

https://www.securityweek.com/production-at-steelmaker-nucor-disrupted-by-cyberattack

Exploit: Hacking

Industry:

amy

American steel giant Nucor Corporation revealed May 14 that production has been disrupted due to a cyberattack that involved unauthorized third-party access to certain information technology systems. In response to the incident, the company took some systems offline, halting production, and implemented other unspecified remediation and recovery measures. The Charlotte, N.C.-based manufacturer said it is in the process of restarting the affected operations as it investigates the incident along with external cybersecurity experts.

How It Could Affect Your Customers’ Business: Cyberattacks can halt production of critical resources, highlighting the need for strong defenses and swift incident response.

Kaseya to the Rescue: Learn how Tailored Threat Response with RocketCyber Dynamic Remediation speeds up incident response with automation to minimize damage. GET THE FEATURE SHEET>>

Coinbase

https://apnews.com/article/coinbase-hack-crypto-exchange-ransom-e3ef5297dfea296eb7b7320d8c58647e

Exploit: Malicious Insider

Industry: Finance

Coinbase, the largest cryptocurrency exchange in the U.S., confirmed a data breach.  The company revealed it detected some of its non-U.S.-based customer service agents “accessing data without business need.” Those employees were fired, but not before bad actors got their hands on valuable data. The company said the breach resulted from cybercriminals bribing overseas support staff, enabling them to access customer data, including names, birthdates and partial Social Security numbers. The attackers demanded $20 million to avoid leaking information. No funds or login credentials were compromised. Coinbase pledged to reimburse victims and estimates up to $400 million in costs.

How It Could Affect Your Customers’ Business: Limiting data access and monitoring employee activity are essential guardrails for preventing data breaches caused by malicious employees.

Kaseya to the Rescue:  Learn proven strategies for mitigating both malicious and accidental insider risk to keep businesses out of trouble in our Guide to Insider Risk. DOWNLOAD IT>>

Discover user protection for the modern workforce in our eBook Kaseya 365 User Protection Business Case. GET IT>>

Nova Scotia Power

https://www.coastreporter.net/national-business/theft-of-ns-power-customer-data-is-likely-ransomware-attack-security-experts-10653472

Exploit: Ransomware

Industry: Utility

amy

Nova Scotia Power confirmed a data breach that exposed sensitive customer information, following the discovery of unauthorized access to its network on April 28. While electricity service was not affected, internal operations were disrupted. A subsequent investigation revealed the breach began on March 19 and that customer data, including names, contact details, addresses, program participation, dates of birth, account history, driver’s license numbers and bank account numbers, was stolen. Although there’s no evidence of misuse, the company is offering two years of free credit monitoring.

How It Could Affect Your Customers’ Business: Early threat identification, rapid response and transparent communication are critical to minimizing damage.

Kaseya to the Rescue: Get tips to strengthen a company’s defenses and bolster its cyber resilience with our Building a Cyber-Resilient Business checklist. GET THE CHECKLIST>>

Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>

Belgium – Effortel

https://mobileidworld.com/effortel-data-breach-exposes-70000-belgian-mvno-customers-personal-data/

Exploit: Hacking

Industry: Telecom

Effortel, a mobile virtual network enabler, confirmed a data breach affecting 70,000 customers of Belgian mobile virtual network operators Carrefour Mobile, Neibo and Undo. The incident occurred during testing of a central database for emergency services, when test files containing customer data were accessed by a hacker who infiltrated a support portal. Exposed information includes names, dates of birth, email addresses, phone numbers, addresses, passport and subscriber numbers, and SIM card details. Effortel is taking steps to address the breach.

How it Could Affect Your Customers’ Business: Using real customer data for testing without proper protection can expose sensitive information and lead to serious consequences.

Kaseya to the Rescue: Maximize your security on a lean budget with the insights you’ll find in our infographic 5 Ways to Squeeze More From a Tight Security Budget. DOWNLOAD IT>>

France – Christian Dior

https://www.msn.com/en-us/money/companies/dior-fashion-brand-hit-by-cyberattack-and-customer-data-leaked-heres-what-we-know/ar-AA1EPIrt

Exploit: Hacking

Industry: Retail

amy

Christian Dior Couture, one of LVMH’s most prominent fashion houses, confirmed it was the target of a recent cyberattack that compromised customer data. According to a statement from the House of Dior, an unauthorized external party gained access to some client information, though no financial details such as bank or credit card numbers were exposed. Initial findings suggest the breach primarily affected customers in South Korea and China. Dior has not disclosed the number of individuals impacted. No cybercriminal group has claimed responsibility for the intrusion, and the stolen data has not appeared on the dark web.

How it Could Affect Your Customers’ Business: Protecting customer data beyond payment details is critical, especially when serving a global clientele.

Kaseya to the Rescue: Identify the must-have features in a user protection solution and explore how to build a robust user protection strategy in our Modern User Protection Buyer’s Guide. GET IT>>

Feeling overwhelmed by your task list? Discover four strategies for reducing your workload! GET INFOGRAPHIC>>

Australia – MKA Accountants

https://www.cyberdaily.au/security/12108-exclusive-mka-accountants-confirms-qilin-ransomware-attack

Exploit: Ransomware

Industry: Business Services

Moonee Ponds-based MKA Accountants was named a victim of the Qilin ransomware gang. The group published 12 stolen documents on its darknet site on May 14, including internal emails, financial statements and insurance records. The firm has notified clients and reported the incident to the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. MKA says it is aware of the claims and is working to verify the extent of the breach.

How it Could Affect Your Customers’ Business: Small firms must prioritize strong defenses and incident response plans because bad actors will hit businesses of any size.

Kaseya to the Rescue: Discover how Kaseya 365 User delivers comprehensive protection beyond the endpoint without breaking the bank. GET THE EBOOK>>

Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>

South Africa – South African Airways

https://industrialcyber.co/transport/cyber-attack-disrupts-operational-systems-at-south-african-airways/

Exploit: Hacking

Industry: Transportation

South African Airways (SAA) revealed it was hit by a major cyber incident that temporarily disrupted access to its website, mobile app and several internal systems. The airline said it promptly activated its disaster management and business continuity plans to address the disruption. An independent digital forensic investigation is underway to determine the cause and assess whether the incident was linked to external cybercriminal activity. The airline reported the event to the South African State Security Agency and the South African Police Service, which have initiated a criminal investigation.

How it Could Affect Your Customers’ Business: Disaster recovery and business continuity plans are critical for ensuring that damage is minimized and the company gets back on its feet quickly.

Kaseya to the Rescue: Explore the biggest challenges professionals contended with in 2024 and the impact of AI on cybersecurity in the Kaseya Cybersecurity Survey 2024. GET THE REPORT>>

IDA-GRP-Blog-Image-May

Take a deep dive into why an AI-powered anti-phishing solution is a smart financial choice. GET EBOOK>>

11 newly translated videos now available in BullPhish ID

Empower your global workforce with localized training to recognize and resist today’s most deceptive phishing threats with 11 newly translated phishing training kits that can be accessed in the BullPhish ID Training Portal.

  1. iCloud – Armazenamento Cheio (Portuguese)        
  2. Outlook – Resumo Diário de Reações (Portuguese)            
  3. Outlook – Résumé Quotidien des Réactions (French)        
  4. Outlook – Resumen Diario de Reacciones (Spanish)         
  5. Outlook – Reactie Daily Digest (Dutch)        
  6. Outlook – Tägliche Zusammenfassung der Reaktionen (German)             
  7. Netflix – Atualize sua Conta (Portuguese)  
  8. Netflix – Actualiza tu Cuenta  (Spanish)        
  9. Netflix – Mettez à Jour Votre Compte (French)         
  10. Netflix – Aktualisieren Sie Ihr Konto (German)    
  11.  Netflix – Uw Account Bijwerken (Dutch)

Explore these videos in the BullPhish ID Release Notes.

a red fish hook on dark blue semitransparent background superimposed over an image of a caucasian man's hands typing on a laptop in shades of blue gray

Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>

Do you know the five threats to users that demand immediate action?

Discover the top five cyberthreats users face today, best practices for mitigating those threats and how to equip your IT team with proactive tools for prevention, response and recovery from cyber trouble.

Download the infographic now!

Get expert advice for protecting your organization’s most vulnerable gateway in this infographic. DOWNLOAD IT>>

May 22: Kaseya + Datto Connect Local: Detroit REGISTER NOW>>

May 22: DACH Monthly – Mai REGISTER NOW>>

May 22: Kaseya + Datto Connect Local: Melbourne REGISTER NOW>>

May 30: Kaseya 365 Ops in Action REGISTER NOW>>

June 3: Kaseya+Datto Connect Local: New York City Symposium REGISTER NOW>>

June 17 – 19: Kaseya DattoCon Europe REGISTER NOW>>

July 3: Kaseya+Datto Connect Local: Perth REGISTER NOW>>

July 15: Kaseya+Datto Connect Local: Montreal REGISTER NOW>>

August 28: Kaseya+Datto Connect Local: Brisbane REGISTER NOW>>

September 4: Kaseya+Datto Connect Local: Adelaide REGISTER NOW>>

October 6 – 8: Kaseya DattoCon Miami REGISTER NOW>>

October 28 – 30: Kaseya DattoCon Asia-Pacific REGISTER NOW>>

Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.

Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!

Read our case studies and see how MSPs and businesses have benefited from using our solutions. READ NOW>