Breach Breakdown - May 2025

Introducing episode 20 of our expertly crafted series on data breaches, cyber attacks, and more. Breach Breakdown is your go-to source for recapping incidents and staying up-to-date on the latest solutions. May saw its fair share of reported cases, with breaches highlighting critical vulnerabilities affecting UK infrastructure and professional services:

NHS Trusts Targeted in Cyber Attack

Two primary NHS trusts—University College London Hospitals and University Hospital Southampton—were recently affected by a cyber attack after hackers exploited a critical flaw in Ivanti Endpoint Manager Mobile, software used to manage staff mobile devices.

The attackers gained access through a remote code execution vulnerability, allowing them to steal staff mobile numbers, device identifiers, and authentication tokens, with fears that patient records and operational systems could also be at risk.

Cody Barrow, CEO of EclecticIQ, described the incident as an “urgent wake-up call” for the NHS:

“The potential compromise scope goes well beyond data theft. We’re looking at the risk of unauthorised access to highly sensitive patient records, disrupted appointments, and even interference with critical medical devices”.

As a cyber security provider, we strongly advise all organisations to promptly patch software vulnerabilities, review access controls, and ensure robust monitoring and incident response plans to reduce the risk of similar attacks.

Victoria Secret Experiences Cyber Attack

Victoria’s Secret, the global lingerie retailer, was forced to take down its website and pause all online orders after a major cyber attack disrupted its digital operations. The incident, which began on 28 May 2025, also affected some in-store services, leaving customers unable to process online orders, returns, rewards, or gift cards, and locking some employees out of internal systems. While physical stores remained open, the outage halted a key revenue stream and caused the company’s share price to drop nearly 7%.

Victoria’s Secret responded by activating incident response protocols, engaging third-party cyber security experts, and notifying law enforcement, but has not yet disclosed whether customer data was compromised. As cyber security providers, we advise all retailers to regularly review their digital defences, ensure robust incident response plans, and monitor third-party systems closely to reduce the risk and impact of such attacks.

Anime Fans Targeted in Surge of Cyber Attacks Disguised as Popular Shows

A new wave of cyber attacks is targeting Gen Z anime fans, with over 250,000 incidents reported in the past year, where hackers disguised malware as popular shows like Naruto, Demon Slayer, Attack on Titan, One Piece, and Jujutsu Kaisen.

Cyber criminals are luring fans by promising “exclusive episodes” or “leaked scenes,” tricking users into downloading malicious files or sharing personal information. Most victims are emotionally invested fans seeking free or early access to content, making them especially vulnerable.

It’s essential for anime fans only to use legitimate streaming platforms, double-check website authenticity, and never download video files with suspicious extensions. Staying vigilant is key to avoiding these scams.

UK Fintechs Risk Customer Security by Exposing Critical Cyber Vulnerabilities

Shocking new research reveals that nearly 800 UK fintech firms are putting thousands of customers at risk by leaving critical gaps in their cyber security. An ethical hacking platform, Ethiack, analysis found that 40% of fintech firms expose software details on their web servers, giving hackers a “powerful headstart” to target vulnerabilities.

Almost one in five platforms were also found to be using expired or invalid SSL certificates, making it easier for attackers to intercept sensitive information.

We strongly advise fintech companies to regularly audit their digital infrastructure, keep all certificates and software current, and avoid revealing unnecessary technical details that could help cyber criminals. Robust, proactive security is essential to protecting your business and customers’ financial data.

Adidas Customer Data Breach Highlights Risks of Third-Party Cyber Attacks

Adidas has confirmed that customer contact information was stolen in a recent cyber attack after hackers accessed data from a third-party customer service provider. The breach affected individuals who had contacted Adidas’s help desk, but did not compromise passwords or payment details.

The BBC shared that the ‘Sportswear giant said criminals had obtained “certain consumer data” which “mainly consists” of the contact information of people who had been in touch with its help desk.’

While there is no evidence of business disruption, experts warn affected customers to stay alert for phishing attempts or scams using their personal information.

We recommend monitoring accounts for suspicious activity and being cautious of unexpected messages. Organisations must also regularly review the security of their third-party partners.