HackNotice HackFax: July Recap

HackNotice HackFax: July Recap

August 4, 2025

Greetings, Cybersecurity Enthusiasts! July delivered another wave of intense cyber activity, with ransomware and defacements leading the charge. Let’s break down this month’s key numbers, trends, and emerging threats.

Cyber Incidents Breakdown

  • Overall Count: We recorded 1,326 incidents this month, showing consistent high activity in the threat landscape.

  • Defacements (525): A significant number of website defacements, keeping pressure on public-facing infrastructure.

  • News Coverage (147): Media attention remains strong, with key breach stories grabbing headlines.

  • Official Reports (172): Formal disclosures continue to rise, driven by compliance and transparency demands.

  • Ransomware Incidents (480): Ransomware remains dominant, making up 36% of all incidents.

  • SEC Filings (2): Two filings this month, signaling continued regulatory focus on cyber risk disclosure.

Most Active Ransomware Gangs

  • Harvest Ransomware Qilin (60 victims): Qilin leads again, maintaining aggressive momentum.

  • Harvest Ransomware Inc (58 victims): Close behind Qilin, showing expansion across sectors.

  • Harvest Ransomware Safepay (42 victims): Holding steady in the ransomware arena.

New ransomware gangs we are tracking:

  • Sinobi

  • Darkarmy

  • Payloads

  • Warlock

  • Bqtlock

These new entrants are just beginning to show activity and will be monitored closely.

Breaches That Made the News

Several high-profile breaches made headlines this month:

Industry and Geography Insights

Industries Most Impacted:

  • Manufacturing (20.1%) remained the most targeted sector, consistently under pressure from ransomware groups.

  • Professional, Scientific, and Technical Services (14.7%) also experienced sustained attack levels.

Notable Industry Trends

  • Mining, Quarrying, and Extraction: Overall breaches and ransomware incidents both dropped 43%.

  • Transportation and Warehousing: Breaches fell 75%, with ransomware attacks also down sharply.

  • Accommodation and Food Services: Breach activity dropped 40%, reflecting a broader cooldown in this sector.

Regions Most Affected:

  • North America (63.5%) continued to dominate in breach volume.

  • Europe (19.5%) and Asia (4.6%) followed.

  • South America (6.2%), Middle East (3.4%), and Africa (1.9%) each saw measurable activity, with Oceania (0.9%) rounding out the global reach of attacks.

Notable Regional Trends

  • Africa: Breaches surged +200%, with ransomware incidents rising in parallel.

Closing Thoughts

With ransomware accounting for over a third of all cyber incidents, defacements remaining high, and new gangs like Sinobi and Payloads emerging, July underscored a critical reality:
If you’re not monitoring ransomware for third-party breaches, you’re flying blind on third-party risk. The threat landscape isn’t just active, it’s shifting beneath your feet.

Book a demo and discover how HackNotice can help you stay ahead of third-party threats.