Litany Of The Hacked: July 2025 Wrap-Up

Note: the picture is from the OSMEGEOS exhibit at the Hirschhorn Museum and Sculpture Garden exhibit in Washington, DC, July 2025.

In May and then June we covered the litany of the hacked, a group of entities that had been successfully hacked.

The point of these litany posts is to note that this sort of thing happens and it has consequences. Pretending that you can whistle past the graveyard in cyberspace is foolish and delusional.

And so, the litany of the hacked, July 2025 edition. The litany now includes:

Aeroflot Airlines...Qantas Airlines...Allianz Re insurance...Rogers Communications...Tea (women-member-only date-rating site)...Elmo's account on the platform X...Microsoft's SharePoint servers... McDonald's hiring process assistant chatbot...CoinDCX crypto exchange...maybe the government of Singapore...City of St Paul, MN...pharmacies in Moscow, Russia...

These different hacks had different purposes. Getting a Sesame Street character to spout anti-Semitism and profanity, or grabbing images off of a dating site, are not at the same level of sophistication or end-goal as creating a "to pay or not to pay" ransom scenario with SharePoint, and motivations for hacking crypto exchanges are different than from hacking pharmacies in Moscow.

Question: did Elmo rely on The Count to give Elmo a simple password? That makes Elmo sad in retrospect. But it was not the end for Elmo. You can bet your Big Bird that Elmo now has multifactor authentication!

Question: do you think these entites had annual mandatory cybersecurity awareness training? If so, how did that work out?

These attacks indicate that the gangs perpetrating them -- and make no mistake these are gangs -- are getting better at doing cyber-crime. They seem to have found that manipulating human insiders works great for their purposes. It's inexpensive, it can be improved, it can happen quickly, and it can be deployed at scale -- talk about better, cheaper, and faster! Just remember: not all cybercrime is the same. 

Question: bad guys improving their game means you're now also improving yours -- right?

You cannot assume you are not a target or that you're safe because "nothing happened" or that your company was not attacked because the audit committee didn't mention it. 

"Nothing happened" in the year 2025 from a cybersecurity perspective means either you don't know it happened or you are paying attention and can prove your systems worked. If you can't prove you were not successfully breached then you have been successfully attacked.

You might be the next to join the litany. See you in August.

Ask us how we can work with you to prove you were secure.