Skip to content

Third Party Risk Management

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 7 Oct – 13 Oct 2025

This week witnessed four significant cybersecurity incidents affecting major organizations across multiple sectors. The period from October 7-13, 2025, was marked by sophisticated attack campaigns targeting authentication systems, zero-day vulnerabilities, and supply chain compromises. Key Incidents: DraftKings Credential Stuffing Attack (September 2, 2025): Targeted under 30 customer accounts through automated credential reuse Kido International Nursery… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 7 Oct – 13 Oct 2025

Discord Data Breach via Third-Party Customer Service Provider

Date of Incident: September 20, 2023 Overview: In a data breach disclosed on October 4, 2025, Discord experienced a security incident via a third-party customer service provider on September 20, 2023. The attack exposed partial payment data and personally identifiable information, including names, IDs, and email addresses of users who interacted with Discord’s support teams.… Read More »Discord Data Breach via Third-Party Customer Service Provider

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 23 Sep – 29 Sep, 2025

The final week of September 2025 saw critical cybersecurity incidents impacting global aviation, automotive, retail, and manufacturing sectors. Key events include a crippling ransomware attack on Collins Aerospace that disrupted European airports, a major data breach at Stellantis exposing 18 million customer records via a compromised Salesforce platform, and a system-wide outage at Japan’s Asahi… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 23 Sep – 29 Sep, 2025

Harrods third-party supplier breach

Date of Incident: 2024 Overview: In 2024, Harrods experienced a data breach due to a third-party supplier vulnerability, affecting 430,000 customer records with names, contact details, and marketing information exposed. The breach, which became public in September 2025, did not compromise passwords, payment details, or order histories. Attackers used exploitation techniques like SQL Injection to… Read More »Harrods third-party supplier breach

Stellantis Salesforce Data Breach

Date of Incident: 2025-05 Overview: In May 2025, Stellantis experienced a data breach involving unauthorized access to a third-party Salesforce platform used for customer service operations in North America. Attackers stole over 18 million records containing customer contact information, including names and contact details. No financial or sensitive personal information was compromised. The breach was… Read More »Stellantis Salesforce Data Breach

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.