Cyber Insights series: June 2025 – this month in cybersecurity

In this new Cybersecurity Insights blog series, Craig Lusher, Product Principal of Secure Solutions at C8 Secure, will be exploring the latest cybersecurity developments, threat trends and actionable strategies to mitigate emerging risks.

In June 2025, the cybersecurity landscape witnessed significant incidents across several sectors. Craig examines recent developments, including high-profile attacks targeting national infrastructure, data breaches affecting major organizations and popular platforms and increasingly sophisticated social engineering operations within the airline industry.

Sweden broadcasters and banks targeted by DDoS attacks

On June 11, Sweden’s Prime Minister Ulf Kristersson announced a series of distributed denial-of-service (DDoS) attacks affecting major institutions over a three-day period, including national broadcaster SVT and leading banks. Kristersson noted that Sweden was “exposed to enormous cyber attacks,” raising concerns about the resilience of the country’s digital infrastructure.

C8 Secure perspective: DDoS attacks can result in significant operational disruption and financial loss. We advocate a ‘defense-in-depth’ approach to DDoS mitigation, deploying multiple layers of security controls throughout the IT environment. Integrating DDoS protection within a comprehensive threat detection and response strategy is essential to maintain service availability and ensure robust enterprise- and infrastructure-wide cybersecurity.

Zoomcar data breach impacts 8.4 million users

On June 16, reports emerged that a threat actor accessed personal data – including names, phone numbers and vehicle registration numbers – of at least 8.4 million Zoomcar users.  The breach against the leading Indian car-sharing service was detected following direct communication from the attacker to Zoomcar employees. Zoomcar reported that, “Upon discovery, the company promptly activated its incident response plan” and that it was working with third-party cybersecurity experts to improve its cybersecurity posture.

C8 Secure perspective: The rapid implementation of a formal incident response plan and collaboration with third-party cybersecurity specialists indicates that the company has cybersecurity protocols in place, which should certainly be commended. To further strengthen breach prevention and response, organizations should prioritize comprehensive cybersecurity assessments – including cybersecurity audits, Vulnerability Assessment and Penetration Testing (VAPT) and vulnerability scans (V-Scans) – to proactively identify and remediate security gaps. These measures will help safeguard IT infrastructure, ensure regulatory compliance and reinforce long-term cyber maturity.

Historic data leak: 16 billion credentials exposed across popular platforms 

On June 18, Cybernews disclosed an unprecedented data breach involving 16 billion credentials spanning a wide range of services, including Apple, Facebook, GitHub, Google and Telegram. According to Cybernews, the breach comprised of 30 distinct exposed datasets – including information from infostealer malware, credential stuffing operations and historical leaks – each containing between tens of millions to more than 3.5 billion records.

C8 Secure perspective: This breach provides malicious actors with the potential for widespread identity theft and sophisticated phishing attacks. To defend against such risks, organizations and individuals should enforce best-practice credential management, including frequent password updates, employing unique and complex passwords, leveraging password managers and enabling multi-factor authentication (MFA). These actions are essential for minimizing the likelihood of unauthorized access to sensitive data, systems and operations.

Scattered Spider targets airline sector: elevated threat to sensitive data

On June 27, the FBI issued an alert regarding the activities of the cybercriminal group Scattered Spider, currently targeting the airline industry through advanced social engineering tactics. These actors circumvent MFA security by manipulating support personnel to add unauthorized MFA devices to compromised accounts. Their tactics threaten the broader airline ecosystem, with successful attacks resulting in data theft for extortion and deployment of ransomware.

C8 Secure perspective: While MFA remains a critical authentication method, the human element continues to be a primary vulnerability. Organizations must enhance their “human firewall” through continuous employee training, targeted phishing simulations, robust endpoint security and the implementation of advanced MFA protocols. Extending comprehensive cybersecurity standards to all third-party suppliers and vendors is also essential to mitigate supply chain risks and fortify ecosystem-wide resilience.

Cybersecurity solutions for a safer tomorrow 

C8 Secure provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your organization’s digital assets in the face of evolving cyber threats.

For more information on how C8 Secure can support your cybersecurity initiatives, email info@c8secure.com or fill out our Contact Us page.

Let’s Get Started