Zero-Day Newsletter: Cybersecurity reports, news, and insights for IT professionals

Cybersecurity news doesn't have to be boring. Comparitech's Zero-Day Newsletter is focused on giving IT professionals weekly updates on cybersecurity alerts, ransomware news, industry insights, and IT product recommendations.

Feb 06 • 3 min read

The #1 way IT leaders can support employees


A serving of new ransomware tactics with a dash of delayed data breach reporting

Is January an ominous warning of what we can expect in 2025?

Last month, we tracked 557 ransomware attacks (36 of which were confirmed). In January 2024, we noted 325 in total.

Not only that, but we saw further claims (30+) from AI-powered ransomware gang, Funksec, and Fog started listing victims on its leak site after stealing GitLab source code (15 throughout January and February).

As ransomware gangs continue to employ new tactics and exploit multiple victims via a third party (as we see below with Akira), ransomware not only remains a dominant threat in 2025 but a threat that’s constantly evolving.

Here for the advice on supporting employees? Scroll to the bottom!

Akira, Akira!

Looking at these breaches there’s more than ample… OK, sorry, enough of the Shakira references.

After an attack on a yet-unknown IT provider, Akira has started extorting the victims of the breach. On Friday, it uploaded its first batch of 34 victims. On Monday, it uploaded another 26.

Here’s what we know about the victims so far:

  • Three attacks appear to be confirmed/connected to breaches from 2024
  • 37 victims are from the United States, four are from the United Kingdom
  • 13 provide services (e.g. marketing agencies, cleaning services, electrical contractors), 10 are manufacturers, nine operate in the retail sector, and six are construction companies
  • Three healthcare providers have also been breached as well as one medical device manufacturer

The bets are off! It was a ransomware attack after all…

Rivers Casino Philadelphia started issuing data breach notifications at the end of December 2024, citing “an incident that involved unauthorized access to certain Rivers Casino Philadelphia computer systems.” Names, Social Security numbers, and bank account info used for direct deposits were compromised.

This week, ransomware gang Cicada3301 claimed responsibility for this attack and alleged that it had stolen a rather hefty 2.56 TB of data. It’s giving the casino and its developer (Rush Street Gaming) up until February 15 to pay up before it discloses it.

Stick or twist?

And today’s award for wayward data breach reporting goes to…

…the City of Hayward.

Last week, this Californian city started notifying residents of a data breach that occurred back in July 2023 and compromised SSNs, credit cards, and medical records.

No, that isn’t a typo. We are talking about a breach that happened 18 whole months ago and one that stems from a ransomware attack that was reported on at the time and resulted in system downtime and an emergency declaration.

Which ID Theft Protection Plan Is Best for Employees?

We talk about ransomware and stolen identities quite often. In fact, that's the whole purpose of this email newsletter. It's an increasingly growing threat to businesses and individuals. Here's the problem, though:

  • Most business can recover from data breaches. Cyber liability insurance is fairly common now (we've written an extensive guide on it for small businesses) and many providers cover the financial losses incurred by ransomware and ransomware payments.
  • Yet when employee PII gets stolen, they have no such protection. That is, of course, unless they have ID theft protection, which often comes with its own financial loss coverage.

In an ideal world, businesses would cover the cost of ID theft protection for their employees. Unfortunately, this world is far from ideal, and most employers couldn't care less. IT leaders can be the hero of the hour here by recommending IF theft protection solutions to their teams. Most have free trials that you can test out yourself before sending a recommendation, which we highly suggest you do.

Data theft isn't slowing down, and companies are still tighting the purse strings. Employees are going to have to come out of pocket for their own threat protection, but at least we can point them in the right direction.

Until next week. Let’s keep that zero-day count at zero!

Suite 3 Falcon Court Business Centre, College Road, Maidstone, Kent ME15 6TF
Unsubscribe · Preferences


Cybersecurity news doesn't have to be boring. Comparitech's Zero-Day Newsletter is focused on giving IT professionals weekly updates on cybersecurity alerts, ransomware news, industry insights, and IT product recommendations.


Read next ...