Cyberattacks Update: Ransomware Strikes Durant and Governments
Durant Updates Residents on June Ransomware Attack
The City of Durant experienced a ransomware attack on June 1, which compromised sensitive information including names, addresses, social security numbers, and financial data from individuals who had interacted with the city. Following the attack, the city began collaborating with law enforcement and cybersecurity experts to manage the situation. Outside forensic and IT specialists were engaged to investigate the breach, which is still ongoing.
Residents are advised to monitor their accounts for suspicious activity and consider placing a fraud alert on their credit reports. The city has reported that some services, including digital and credit card payments, have been affected by this incident.
For more information, see the KXII news report.
Image courtesy of The Record from Recorded Future News
Cyberattacks Impacting Governments
In the past week, government systems in Ohio, Oklahoma, and Puerto Rico have faced significant cyberattacks. In particular, the city of Durant reported severe disruptions to services as a result of ransomware, causing issues with digital and credit card payments. Officials are working with law enforcement to restore operations. Emergency services, including 911, remain operational but communication delays are expected due to network outages.
Durant is not alone; other municipalities, such as Lorain County, Ohio, have also experienced cyber incidents leading to operational disruptions. For more details, visit the full report from The Record and check ongoing updates from local news outlets.
!Puerto Rico Cyber Incident Image courtesy of The Record from Recorded Future News
Ransomware Group Incransom Targets Durant City
On June 17, 2025, Durant City became a target of a ransomware group known as Incransom, which has reportedly compromised over 800 GB of sensitive data. The attack not only highlights the vulnerabilities within municipal cybersecurity frameworks but also raises alarms about the potential exposure of critical personal information, including passport data and contact details of residents.
The city's management is under scrutiny for their handling of the situation, as the group has threatened to release the data unless their demands are met. The incident underscores the urgent need for robust cybersecurity measures to prevent such breaches. For more information, see the incident report from HookPhish.
Image courtesy of HookPhish
Google Warns About Vishing Attacks Targeting Salesforce Users
Google has issued a warning regarding a threat group (UNC6040) that is targeting Salesforce customers through voice phishing (vishing) and data extortion campaigns. This group impersonates IT support staff to gain unauthorized access to sensitive data. The attack highlights the increasing trend of cybercriminals targeting IT roles to facilitate breaches without exploiting platform vulnerabilities.
Organizations should be aware of such social engineering tactics and enhance their security protocols. For additional insights, read more from SecurityWeek.
CrowdStrike Under Investigation Following Major Software Bug
CrowdStrike is currently cooperating with federal authorities regarding a significant software bug that occurred last July, which disrupted millions of computers. The company's recent SEC filing disclosed that the Justice Department and SEC are investigating the incident, raising concerns about revenue recognition practices and annual recurring revenue reporting.
Organizations relying on CrowdStrike's services should stay informed about the developments. For further details, refer to the Wall Street Journal.
Demand for Cybersecurity Professionals Rising
With the surge in cyber threats, particularly driven by AI technologies, the demand for cybersecurity professionals is increasing. Organizations are encouraged to adopt modern defenses, including AI-driven solutions and zero-trust architectures. Reports indicate that many healthcare organizations are unprepared to respond effectively to these threats.
For organizations looking to bolster their cybersecurity posture, considering managed security service providers can be a strategic move. More information can be found in the latest report by LevelBlue.
Explore how Gopher Security can assist you in enhancing your cybersecurity measures to protect against evolving threats.
