Try it
See a demo
Try it
See a Demo
SF-August-04
August 4, 2025
Alex Ramaiah

SecureFact – Cyber Security News – Week of August 04, 2025

SafePay ransomware threatens to leak 3.5TB of Ingram Micro data

  • SafePay ransomware gang claims to have stolen 3.5TB of data from Ingram Micro.
  • The attack caused a global outage, with employees told to work from home.
  • SafePay is known for double-extortion: stealing data before encrypting systems.
  • Ingram Micro performed a company-wide password and MFA reset.
  • The company restored most internal systems within days.
  • SafePay added Ingram Micro to its dark web leak portal.
  • Ingram Micro has not confirmed the data theft but acknowledged the ransomware attack.
  • The volume and sensitivity of the stolen data remain unconfirmed by the company.

*Source

Allianz Life confirms data breach impacts majority of 1.4 million customers

  • Allianz Life confirmed a data breach affecting a majority of its 1.4 million customers.
  • The breach involved unauthorized access to a third-party, cloud-based CRM system.
  • Exposed data includes customer names, contact information, and policy details.
  • No financial account numbers or Social Security numbers were reported as compromised.
  • The company is working with law enforcement and cybersecurity experts.
  • Allianz Life notified affected customers and offered support.
  • The breach is linked to the broader Salesforce data theft campaign.
  • Enhanced monitoring and additional security measures have been implemented.

*Source

Tea app leak worsens with second database exposing user chats

  • The Tea app data breach expanded with a second database leak.
  • Stolen data now includes 1.1 million private messages between app members.
  • The breach was first reported earlier in July and has since grown.
  • Data was shared on hacking forums, increasing exposure risk.
  • The type of data includes user chats and potentially sensitive communications.
  • No financial or payment data exposure was reported.
  • The company has not detailed mitigation steps or user notification.
  • The incident highlights risks in social media and messaging platforms.

*Source

ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH

  • ShinyHunters extortion group linked to data breaches at Qantas, Allianz Life, LVMH, and Adidas.
  • Attackers used voice phishing to compromise Salesforce CRM instances.
  • Data theft involved customer information databases, including Accounts and Contacts tables.
  • Allianz Life confirmed breach of a third-party cloud-based CRM system.
  • Qantas breach reportedly impacted 5.7 million customers: Allianz Life affected majority of 1.4 million customers.
  • No public data leaks yet; extortion attempts ongoing via email.
  • Companies are urged to strengthen MFA, restrict app permissions, and monitor for suspicious activity.

*Source

Pi-hole discloses data breach triggered by WordPress plugin flaw

  • Pi-hole disclosed a data breach exposing donor names and email addresses.
  • The breach was caused by a vulnerability in the GiveWP WordPress donation plugin.
  • Donor information was made publicly accessible in the webpage source code.
  • Nearly 30,000 donors were impacted, according to Have I Been Pwned.
  • No financial or payment data was compromised; only names and emails were exposed.
  • The plugin developer released a patch within hours of the report.
  • Pi-hole apologized and accepted accountability for the incident.

*Source

By Alex Ramaiah