Australia's largest home builder Metricon Homes confirms Qilin ransomware attack exposing 128GB of sensitive data including financial documents and architectural plans. Meanwhile, Orange France detects cyberattack affecting internal systems, disrupting services for 290 million customers.
Cyber attacks are no longer just data grabs. They are strategic tools of economic warfare. From factory sabotage to stolen identities and regulatory pressure, these breaches now aim to destabilize industries, drain trust, and reshape global power. The cost is not just money. It is control.
Russia's Aeroflot airline cancels 40+ flights after Silent Crow hackers claim year-long infiltration. Meanwhile, Ohio's Kettering Health confirms Interlock ransomware attack exposed patient data including Social Security numbers and medical records.
Heart Research Australia responds to website malware affecting donation systems while NASCAR confirms Medusa ransomware attack exposed names and Social Security numbers of racing fans in $4 million extortion demand.
Cyber News Centre's cyber update for 29th July 2025: Heart Research Australia has disclosed a cyber incident involving malware on its donation website that may have affected donor devices. Meanwhile, NASCAR has confirmed a major data breach following a Medusa ransomware attack that exposed names and Social Security numbers of racing fans.
Heart Research Australia is a leading medical research charity dedicated to funding cardiovascular research across Australia. The organization supports critical research into heart disease prevention, treatment, and cure through public donations and community partnerships.
Update: Heart Research Australia announced on July 28, 2025, that it is investigating a cyber incident involving unusual activity on its website that may have affected devices used to make online donations between June 25 and June 30, 2025. The incident was resolved quickly, and the organization has implemented additional security measures to prevent reoccurrence.
Importantly, Heart Research Australia stated it has no indication that any personal data or donations were compromised during this period. The charity has notified relevant government agencies and law enforcement authorities including the Australian Cyber Security Centre (ACSC) and NSW Police. The organization has begun contacting donors believed to be affected directly with steps they can take to identify, remove and protect their systems from any malware that may have been installed on their devices.
Why it Matters: This incident highlights the growing threat to Australian charitable organizations and the potential for cybercriminals to target donation systems to distribute malware. The rapid response and transparency demonstrated by Heart Research Australia sets a positive example for incident disclosure in the nonprofit sector.
This serves as a reminder to maintain updated security software and monitor their devices for unusual activity after visiting websites, particularly during donation processes. The incident also demonstrates how quickly malware can be deployed through compromised websites and the importance of robust website security for organizations handling financial transactions.
The National Association for Stock Car Auto Racing (NASCAR) is America's premier stock car racing organization, headquartered in Daytona Beach, Florida. Founded in 1948, NASCAR governs stock car racing across the United States, owns 16 major motorsport facilities nationwide, and employs over 8,700 people.
Update: NASCAR has confirmed that it suffered a cyberattack and data breach between March 31 and April 3, 2025, which resulted in the theft of personal information including names and Social Security numbers of racing fans. The organization detected the unusual activity on April 3 and immediately launched an investigation with specialized cybersecurity firms while notifying law enforcement.
The Medusa ransomware group claimed responsibility for the attack in April 2025, adding NASCAR to its data leak site and demanding a $4 million ransom with a deadline of April 19. The group claimed to have stolen over one terabyte of data from NASCAR's network. NASCAR began notifying affected individuals on July 24, offering one year of free credit and identity monitoring services through Experian IdentityWorks. The organization has also established a toll-free call center to assist with inquiries related to the incident.
Why it Matters: This breach demonstrates the continued targeting of major American organizations by sophisticated ransomware groups like Medusa, which has previously attacked high-profile victims including Toyota Financial Services and Minneapolis Public Schools. The three-month delay between the attack and public disclosure raises questions about notification timelines and the complexity of determining what data was actually compromised.
For NASCAR's millions of fans, the exposure of Social Security numbers creates significant identity theft risks that could persist for years. The incident highlights how ransomware groups increasingly use double-extortion tactics, stealing data before encryption to maintain leverage even if victims restore from backups. The $4 million ransom demand reflects the scale and sophistication of modern ransomware operations targeting organizations with valuable data and significant revenue streams.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Australia's largest home builder Metricon Homes confirms Qilin ransomware attack exposing 128GB of sensitive data including financial documents and architectural plans. Meanwhile, Orange France detects cyberattack affecting internal systems, disrupting services for 290 million customers.
Russia's Aeroflot airline cancels 40+ flights after Silent Crow hackers claim year-long infiltration. Meanwhile, Ohio's Kettering Health confirms Interlock ransomware attack exposed patient data including Social Security numbers and medical records.
Women's dating safety app Tea suffers major data breach exposing 72,000 user photos including selfies and ID verification images. Meanwhile, Allianz Life confirms data breach affecting majority of its 1.4 million US customers via social engineering.
Terry Ringland Chartered Accountants in NSW falls victim to INC Ransom attack disrupting accounting services. Meanwhile, Prestige Maintenance USA notifies 65,452 people of ransomware breach by Medusa gang demanding $1.2 million.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
