Litany Of The Hacked: August 2025 Wrap-Up

Hack...or quack? This month has both.

We started a series named the litany of the hacked. It's a monthly list of entities that have been successfully hacked.

The point of these litany posts is to note that this sort of thing happens and it has consequences. Pretending that you can whistle past the graveyard in cyberspace is foolish and delusional.

And so, the litany of the hacked, August 2025 edition. The litany now includes:

Google's Gemini AI platform via a calendar invite...Cisco...Orange Telecom...Aspire Rural Health System...states of Delaware, Georgia, Indiana, Iowa, Nevada, Oklahoma, and Virginia...iiNet...a dam in Norway...daVita Dialysis...Bragg...Western New Mexico University...Venice Film Festival...

It also possibly includes Prince George's County (MD) Public Schools and YemenNet, an internet network in Yemen. These have been rumored to have been hacked but, much like the country of Singapore in June, confirmation is lacking.

Special mention goes to Poland, which foiled a cyberattack. Gratulacje!

Bonus ugh: bad month for Google.

These attacks indicate that the gangs perpetrating them -- and make no mistake these are gangs -- are getting better at doing cyber-crime. They seem to have found that manipulating human insiders works great for their purposes. It's inexpensive, it can be improved, it can happen quickly, and it can be deployed at scale -- talk about better, cheaper, and faster! Just remember: not all cybercrime is the same. 

Question: bad guys improving their game means you're now also improving yours -- right?

Question: you see that it's not only -- sorry but certainly -- less-sophisticated entities such as state offices but also universities (remember, Columbia U got onto the litany a few months ago) and tech companies that get hacked -- right?

You cannot assume you are not a target or that you're safe because you're Google or because "nothing happened" or that your company was not attacked because the audit committee didn't mention it. 

"Nothing happened" in the year 2025 from a cybersecurity perspective means either you don't know it happened or you are paying attention and can prove your systems worked. If you can't prove you were not successfully breached then you have been successfully attacked.

You might be the next to join the litany. See you in September.

Ask us how we can work with you to prove you were secure.