SecureFact – Cyber Security News – Week of June 02, 2025

ConnectWise, a provider of remote IT management software, has suffered a breach believed to be executed by a sophisticated nation-state actor.
The attackers targeted ConnectWise’s ScreenConnect product, potentially compromising the data and systems of many organizations that depend on it for secure remote access.
The company has confirmed that the breach affects a significant number of customers, especially those in compliance-heavy industries. Initial investigations reveal that the attackers exploited vulnerabilities in authentication mechanisms.
ConnectWise has initiated incident response protocols and is working closely with cybersecurity firms and law enforcement. Affected clients have been notified, and temporary patches have been applied to mitigate ongoing risks.
The breach has sparked industry-wide discussions around the safety of third-party IT management tools. ConnectWise pledged to release further updates as the investigation proceeds.

The Everest Group, a notorious cybercriminal organization, has been exploiting vulnerabilities in SAP’s human resources software to infiltrate global enterprises.
By targeting outdated instances and misconfigured cloud deployments, they gained unauthorized access to internal networks and sensitive HR data.
This included personally identifiable information, salary records, and employee banking details. Victimized organizations were then extorted with threats of public data leaks.
Cybersecurity professionals have labeled the campaign as highly coordinated, suggesting potential insider knowledge of SAP environments.
Security vendors have since released patches and detection tools.
The incident has reignited the urgency for enterprises to audit their enterprise software environments regularly. Regulatory bodies are also reviewing compliance requirements.
This campaign serves as a wake-up call for organizations dependent on large-scale ERP solutions.

Victoria’s Secret temporarily disabled its e-commerce website in response to a security incident that compromised parts of its online infrastructure.
Although the company has not released full technical details, early reports suggest a potential intrusion into backend systems managing customer orders and payments.
As a precautionary measure, online transactions were halted. Cybersecurity consultants were brought in to assess the scope and impact of the incident.
Preliminary findings indicate that customer login information may have been accessed.
Victoria’s Secret is enhancing its data protection protocols and patching vulnerabilities uncovered during the audit.
Customers have been advised to reset their passwords and monitor for fraudulent activity.
Regulatory filings and breach notifications are expected as investigations progress.
The incident draws attention to retail sector risks amid rising e-commerce dependency.

Major banking associations have formally requested the SEC to reconsider or withdraw its recent mandate requiring public companies to disclose significant cybersecurity incidents within tight timeframes.
Banks argue that such rapid disclosure could alert threat actors to weaknesses before they are fully mitigated.
They also stress the risks of inadvertently releasing sensitive information during an ongoing investigation. The debate reflects growing tension between transparency and operational security in the financial sector.
Opponents of the rule advocate for more flexible timelines aligned with incident response phases. The SEC has yet to respond but is reviewing feedback from multiple industries.
This policy is part of a broader trend toward regulatory oversight of cyber risk. Experts predict potential compromises, such as conditional disclosures or tiered reporting requirements.
The outcome could reshape how financial institutions report cyber events.

LexisNexis Risk Solutions, a prominent data broker and analytics company, disclosed a data breach affecting over 364,000 individuals.
The breach, which occurred in December 2024, involved unauthorized access to sensitive personal information stored on GitHub, a third-party software development platform, through a compromised company account.
Exposed data included names, contact details, Social Security numbers, driver’s license numbers, and dates of birth, although no financial or credit card information was compromised.
Importantly, LexisNexis’s internal networks and systems were not accessed during the incident.
Upon discovering the breach on April 1, 2025, the company began offering two years of free identity protection and credit monitoring to those affected and advised vigilance against potential fraud or identity theft.
LexisNexis, a subsidiary of RELX, serves clients worldwide, including most Fortune 500 companies.