Zero-Day Newsletter: Cybersecurity reports, news, and insights for IT professionals

Cybersecurity news doesn't have to be boring. Comparitech's Zero-Day Newsletter is focused on giving IT professionals weekly updates on cybersecurity alerts, ransomware news, industry insights, and IT product recommendations.

Feb 13 • 3 min read

Romance scams are costing your company more than you think


All about the ransomware train...

...which is steam-rolling its way into 2025 with over 890 attacks and counting (57 are confirmed).

After being dubbed the most prolific ransomware group toward the end of 2024, RansomHub is at risk of losing this accolade this year. So far, Akira has taken the top spot with 103 victims, followed by Clop (100), and RansomHub (77).

But if we’re basing ‘success’ on attacks that have been confirmed, none of the aforementioned gangs come out on top. Rather, Fog has four confirmed attacks to its name (most in the education sector as we’ll explore below). RansomHub does have three, however, as does Medusa, while Akira and RansomHub have two each.

Part of RansomHub’s 16-victim upload yesterday was the South African Weather Service which had previously confirmed an attack via the group in January 2025.

Talking of weather...

Here to learn about romance scam security? Scroll to the bottom!

Is it me or is it getting foggy around here?

We mentioned last week that Fog had started making a number of claims following its alleged theft of GitLab source code… but as the mist accumulated on these claims, the gloom started to form somewhere else as well–the education sector.

This week, it added Aurora Public Schools (US) and The University of Notre Dame Australia to its data leak site after both entities noted cyber attacks in January of this year. In the case of Aurora, 171 GB was allegedly stolen, while 62.2 GB was taken from The University of Notre Dame Australia.

The University of Oklahoma was a victim of Fog ransomware in January, too.

In today’s class, we’ll learn about the biggest threat to our IT systems

Unfortunately, Fog isn’t the only gang targeting the education sector. In the last week, we’ve seen multiple ransomware claims, attacks, and retrospective data breach notifications, including:

  • Crystal Lake Elementary District 47 – notifying 14,207 of a breach following an attack via RansomHub in October 2024
  • Community High School District 117 – notifying 18,830 of a breach following an attack via BlackSuit in June 2024
  • Harrison County Board of Education – hit by SafePay in January 2025
  • University of The Bahamas – hit this month by an unknown group
  • Muscogee County School District – notifying employees of a breach following an attack by SafePay in December 2024
  • CESI – the French engineering college was targeted by Termite this month

So far this year, we’ve noted 10 confirmed and 34 unconfirmed attacks on the education sector (worldwide).

Employee loneliness is ripe for the romance scammer's picking

Our romance scams report dropped just in time for Valentine's Day. We've been tracking romance scams annually for some time now, so you could call this a yearly tradition of ours.

This year, the numbers are rather staggering. Nearly 59,000 Americans collectively lost over $697 million looking for love in all the wrong places. We won't go into the full detail as the report is long, but we'll say this: Yikes, Arizona.

This brings up a very important issue:
Employee loneliness is a threat to not only their privacy and security, but the security of the entire organization. Scammers often manipulate victims into disclosing sensitive information or unwittingly facilitating unauthorized access to company systems. As our friends at K2Integrity have noted as well, employees have been coerced into diverting company funds, leading to substantial financial losses.

Your company must take employee loneliness and the risk of romance scams seriously by doing the following:

  1. Employee Education: Implement regular training sessions to inform staff about the tactics used in romance scams and the potential risks to both personal and organizational security.
  2. Promote Open Communication: Encourage employees to report any suspicious interactions without fear of embarrassment or retribution, fostering a culture of transparency.
  3. Monitor for Anomalies: Utilize security systems to detect unusual activities, such as unexpected data access patterns or unauthorized financial transactions, which may indicate compromised accounts.
  4. Support Employee Well-being: Recognize that loneliness can make individuals more susceptible to scams. Providing resources for mental health and facilitating social engagement can reduce vulnerability.

Is this a somewhat taboo topic? Yes. Is it difficult to talk about with employees? Yes. You may be blushing by the end of it. But your data security is more important than a bit of emotional discomfort (at least, we hope so).

Until next week. Let’s keep that zero-day count (and romance scam count) at zero!

Suite 3 Falcon Court Business Centre, College Road, Maidstone, Kent ME15 6TF
Unsubscribe · Preferences


Cybersecurity news doesn't have to be boring. Comparitech's Zero-Day Newsletter is focused on giving IT professionals weekly updates on cybersecurity alerts, ransomware news, industry insights, and IT product recommendations.


Read next ...