June Recap - The Breach Report

What happened: The hacktivist group Predatory Sparrow launched a cyberattack against Iran’s Bank Sepah, wiping systems, disrupting ATMs, and causing ripple effects across the country’s fuel distribution network.

Impact: Online banking, ATMs, and card services were disabled nationwide. Gas stations saw massive queues due to disabled payment systems.

Lesson: Even state-run financial infrastructure is vulnerable - air-gapped systems and offline failovers are vital in geopolitically tense environments.

Source: Read More

What happened: United Natural Foods Inc. (UNFI), a major food distributor for Whole Foods, was hit with a cyberattack that disrupted internal systems.

Impact: Food ordering systems were down for days, creating visible shortages in Whole Foods and partner stores nationwide.

Lesson: Supply-chain disruptions from cyberattacks can quickly become customer-facing - especially in essential services like food.

Source: Read More

What happened: Kettering Health, a network of 14 hospitals in Ohio, was targeted by Interlock ransomware, disrupting clinical systems and emergency services.

Impact: Patient record systems, communication lines, and ambulatory operations were heavily impacted, leading to care delays.

Lesson: Healthcare providers must prioritize ransomware resilience with backups, segmented networks, and ransomware-specific training.

Source: Read More

What happened: Social engineering tactics linked to Scattered Spider enabled attackers to breach Aflac, gaining access to personal and financial data.

Impact: Sensitive information such as SSNs, health claims, and account data was exposed - potentially affecting millions.

Lesson: Social engineering remains one of the most effective entry points - MFA and role-based access control aren’t optional.

Source: Read More

What happened: Hackers infiltrated Columbia University’s systems, displaying political content on digital signage while stealing personal data.

Impact: Records of over 2.5 million students, staff, and alumni were accessed, including application and financial aid data.

Lesson: Universities face unique risks from politically motivated attackers - data segmentation and real-time monitoring are key.

Source: Read More

What happened: Two major hospitals in Delhi - NKS Super Speciality and Sant Parmanand - were taken offline in a targeted cyberattack.

Impact: Systems for patient management and billing were locked, forcing staff into manual operations and risking treatment delays.

Lesson: Healthcare institutions must maintain updated EHR systems and incident response plans to ensure patient safety.

Source: Read More

What happened: A widespread “SEO spam” campaign hijacked official domains including HHS.gov and Stanford, redirecting users to AI-generated junk content.

Impact: Critical government health messaging was temporarily replaced by spam content, risking public misinformation.

Lesson: Domain security and DNS monitoring are essential - especially for high-trust public sites.

Source: Read More

Hacktivism-as-a-Service: Groups like Predatory Sparrow are blending political motives with cybercrime tactics.

Supply Chain Sabotage: UNFI shows that disruptions to vendors can impact millions downstream.

Public Domain Hijacking: Trusted public URLs are being used for SEO spam, highlighting DNS and content security gaps.

Audit DNS Regularly: Ensure no unauthorized CNAME or A-record changes occur on public domains.

Run Tabletop Exercises Quarterly: Prepare for the real thing with incident simulations for staff and IT.

Update Ransomware Playbooks: Ensure your response plans are tested, current, and role-assigned.