Diverse dangers: 8 recent cyber attacks

Welcome to the new 36 cyber warriors who joined us last week. Explore our weekly delivery of inspiration, insights, and exclusive interviews from the global BHMEA community of cybersecurity leaders.

Keep up with our weekly newsletters on LinkedIn — subscribe here. 

Weekly insights and inspiration to help you stay a step ahead of your adversaries. 

This week we’re focused on…

The sheer variety of cyber attacks in the last six months. 

Why? 

Because everyone’s talking about the volume of attacks. But the diversity of attack types is a major challenge for organisations, governments, and individuals worldwide – because it shows that danger can come from any angle at any time, and nobody is immune. 

Here are eight recent cyber attacks that highlight the creativity (because let’s face it – threat actors are creative) and variety that exists in the threat landscape right now. 

1. The growing threat for Medusa ransomware 

They’ve been active since 2021, but recent operations by the Medusa ransomware group have escalated dramatically. With an attack method built on phishing scams that steal credentials, followed by a double extortion scheme, Medusa is particularly menacing because it uses a public data-leak site. Stolen data is published there unless the victim (or a third party) pays the ransom. 

Medusa has affected a range of industries already, including (but not limited to) healthcare, education, law, tech, and manufacturing – with at least 300 organisations affected so far. 

2. A DDoS attack took X (formerly Twitter) offline

Elon Musk’s much talked about social media platform, X, was hit with a large-scale distributed denial-of-service (DDoS) attack in early March, which caused widespread outages. Analysis suggests the attack was executed by a botnet, with a massive influx of traffic that overwhelmed the platform’s servers. 

Later analysis revealed that some of the origin servers were not properly secured behind Cloudflare’s DDoS protection – so this incident is a strong reminder of how important it is to maintain robust cloud security all the time. 

3. The Free ISP data breach that exposed 19 million users 

Back in October 2024, French internet service provider Free was hit with a major data breach that compromised sensitive information of 19 million users. The stolen data included IBANs, phone numbers, and home addresses – which put customers at serious risk of both targeted phishing scams and identity theft. 

4. A ransomware attack against Casio

Also in October, Casio suffered a ransomware attack that caused service disruptions and leaked confidential documents. The data of both employees and  business partners was compromised, along with the personal information of some customers. The ransomware group behind the attack, Underground, used their Tor leak site to flaunt the heist. 

5. A football club became a ransomware target too

Football clubs aren’t top of the list of vulnerable organisations in cybersecurity – but Italian club Bologna FC suffered a data leak following a ransomware attack in November 2024, and over USD $1.75 million was stolen by hackers who siphoned off payments made to the team by a streaming platform. 

Claimed by ransomware gang RansomHub, stolen data included financial documents, players’ medical records, and confidential data on customers and employees. 

6. An attack on medical supply chains 

In December 2024, US medical equipment provider Artivion faced a cyber attack that encrypted key systems and stole sensitive data. It caused serious disruption to shipping and order fulfillment – highlighting the real-world consequences of attacks on the healthcare supply chain. Artivion had cyber insurance, but the attack still caused financial and operational setbacks. 

7. And the Medicare MOVEit data breach affected millions 

Staying with healthcare for number seven, a vulnerability in the MOVEit file transfer system also led to a breach at the Centers for Medicare and Medicaid Services in the US. The personal data of 3.1 million individuals (including social security numbers, Medicare account details, and health insurance information) was compromised. 

The increasingly active Clop ransomware group was behind the breach – and it’s another one that exposes the critical risks linked to vulnerabilities in third-party software. Organisations absolutely have to maintain updates and audits of their digital infrastructure.

8. A DeFi platform lost $27 million in a crypto heist  

DeFi is gaining traction globally. But as its popularity grows, so do the risks associated with it – creating a potential goldmine for hackers. When hackers exploited the Penpie DeFi protocol in 2024, they were able to drain $27 million worth of Ethereum from the platform. They leveraged a vulnerability in Penpie’s staking system that allowed them to manipulate smart contracts in order to siphon funds. 

The variety of attacks and targets is a concern across industries 

No industry, no organisation, and no individual is immune to cyber attacks. And this reality is evident in the variety of attacks that have occurred in the last six months alone. 

Cyber criminals are relentless and – we’ll say it again – creative, both in their attack strategies and their targets. So all organisations have to stay a step ahead of potential threats; maintaining watertight security systems, working closely with cybersecurity researchers, and building stronger defences through collaboration and knowledge-sharing. 

Be a part of the global cybersecurity community at Black Hat MEA 

Meet us in Riyadh later on this year for Black Hat MEA 2025. It’s the best place to connect with leaders and pioneers in the field of cybersecurity, and bolster your defences with knowledge, tools, and partnerships. We’ll see you there.