?? Cybersecurity Under Siege: Major Breaches, Hacks & Ransomware in 2025 ????
Arunkumar K.
CTO @ Sennovate | Pioneering AI Cybersecurity Solutions | Former CISO in Web3 & Crypto | Experienced with Bolstering defences for State & National Governments
Welcome back to Hacker Hacks your go-to source for the latest cybersecurity news and insights. In this episode we’re diving into a series of high-stakes breaches vulnerabilities and hacks that are shaking up the digital world. From major health data leaks to gaming hacks and ransomware incidents we’ll cover it all and offer tips on how to stay protected.
Sir Keir Starmer was reportedly forced to abandon his personal email account after UK security services investigated a suspected Russian hack. In 2022 his office head Jill Cuthbertson instructed staff to avoid messaging Starmer directly. The account described as “dangerously obvious,” was compromised shortly after Russia's invasion of Ukraine. While no emails were published the security services couldn’t guarantee that sensitive data wasn't stolen. This occurred around the same time that Russian operatives hacked British Eurosceptics including ex-MI6 head Sir Richard Dearlove. Additionally more than 20000 emails were leaked online. The hack was part of broader concerns about cyber threats targeting UK politicians with former PM Liz Truss also reportedly having her phone hacked during her time as foreign secretary though the news was suppressed at the time.
In January 2025 hackers stole over $73 million in digital assets across 19 incidents marking a significant rise compared to December 2024 where losses were just $3.8 million. While total losses in January were down 44% from January 2024’s $133 million the crypto industry still faces substantial risks especially in centralized finance platforms. These platforms accounted for 93% of the total hack losses while decentralized finance losses were minimal. The largest hack occurred on Phemex a Singapore-based exchange which lost over $69 million. Experts recommend stronger security measures including bug bounty programs and real-time threat detection. The broader crypto market continues to suffer from breaches with 2024 witnessing $2.3 billion in total hack losses across 165 incidents. Despite a yearly decrease the volatility of crypto hacks remains a major concern.
Sophos' new report “Beyond the Hype: The Business Reality of AI for Cybersecurity,” reveals that while 65% of IT leaders have adopted generative AI tools 89% are concerned about flaws in these tools potentially jeopardizing security. Despite cybercriminals remaining skeptical about GenAI some are already using it to automate tasks like bulk email creation and data analysis. The survey also found that 98% of organizations have AI integrated into their cybersecurity systems though 87% of IT leaders worry about over-reliance on AI and a lack of accountability. Smaller organizations (50-99 employees) prioritize reducing burnout with GenAI while larger firms focus on protection. Concerns about AI replacing cybersecurity jobs were also prevalent with 84% of leaders fearing unrealistic expectations. Additionally while GenAI's costs are hard to quantify 87% of IT leaders believe it will ultimately reduce cybersecurity costs.
A new UEFI vulnerability CVE-2024-7344 (Howyar Taiwan Secure Boot Bypass) allows attackers to bypass Secure Boot and deploy undetectable bootkits. This vulnerability stems from a customer PE loader that lets unsigned UEFI binaries load bypassing trusted services. Attackers can replace the default OS bootloader with a malicious XOR PE image which operates at the UEFI level making traditional anti-virus software ineffective. Several third-party recovery tools are affected including Howyar SysReturn Greenware GreenGuard and Radix SmartRecovery. ESET and Microsoft have taken steps to address the issue with ESET contacting affected vendors and Microsoft revoking certificates of vulnerable software in the latest Windows update. Users are advised to update both Windows and their software to mitigate the risk.
A data breach at Connecticut-based Community Health Center disclosed on Jan. 30 2025 has compromised the medical records of over 1 million patients. The breach discovered on Jan. 2 was caused by a skilled hacker who accessed personal and health data including names social security numbers medical diagnoses test results and health insurance details. Although the attack wasn't ransomware-related the stolen data poses significant risks especially for potential extortion. The breach underscores the vulnerability of healthcare systems with experts emphasizing the need for stronger security in the sector. Healthcare organizations are increasingly targeted by cybercriminals driven by the value of sensitive data and the perceived willingness of victims to pay ransoms. Following the breach the Community Health Center strengthened its security adding software to monitor for suspicious activity.
McAfee issued a critical warning for gamers particularly those playing popular titles like Call of Duty Fortnite Minecraft Apex Legends and Roblox who use YouTube for cheats or hacks. Hackers are targeting gamers by luring them into downloading malware disguised as game cheats software cracks or cryptocurrency tools. These malicious links often lead to downloads that disable antivirus software allowing malware to steal passwords and track user activity. Young gamers who are more likely to fall for these scams are particularly vulnerable. McAfee advises gamers to avoid downloading from unverified sources keep antivirus software active and check websites for inconsistencies. The key takeaway: no cheat or crack is worth compromising security.
A cyberattack on UnitedHealth Group's tech unit Change Healthcare affected the personal information of 190 million people making it the largest healthcare data breach in the U.S. The breach perpetrated by the "Blackcat" ransomware group disrupted claims processing and impacted patients and providers nationwide. Information compromised includes health insurance IDs patient diagnoses treatment details social security numbers and billing codes. While no misuse of the data has been reported Change Healthcare has notified the majority of those affected. The final breach count will be confirmed and filed with the U.S. Department of Health and Human Services. The attack was disclosed publicly in June as part of HIPAA requirements.
Fortinet has issued an advisory for a critical zero-day vulnerability (CVE-2024-55591) in FortiGate firewalls affecting FortiOS versions 7.0.0-7.0.16 and FortiProxy versions 7.0.0-7.2.12. The vulnerability allows attackers to bypass authentication and gain super-admin privileges potentially leading to ransomware deployment. Security researchers confirm the bug is being exploited en masse with multiple intrusions reported. The flaw is listed in the CISA KEV catalog urging federal agencies to patch it by February 4 2025. Though the exact number of affected victims is unknown researchers believe ransomware operators are leveraging the exploit for initial access and lateral movement. Fortinet has released a patch to address the vulnerability.
Thanks for tuning in to this week’s Hacker Hacks. Stay vigilant stay secure and remember—your best defense is always staying informed. Until next time keep your data safe and your systems locked down.