Cyberattacks Update: Ransomware Strikes Durant and Governments

Edward Zhou
Edward Zhou

CEO & Co-Founder

 
July 16, 2025 3 min read

Durant Updates Residents on June Ransomware Attack

The City of Durant experienced a ransomware attack on June 1, which compromised sensitive information including names, addresses, social security numbers, and financial data from individuals who had interacted with the city. Following the attack, the city began collaborating with law enforcement and cybersecurity experts to manage the situation. Outside forensic and IT specialists were engaged to investigate the breach, which is still ongoing.

Residents are advised to monitor their accounts for suspicious activity and consider placing a fraud alert on their credit reports. The city has reported that some services, including digital and credit card payments, have been affected by this incident.

For more information, see the KXII news report.

Durant Ransomware Attack

Image courtesy of The Record from Recorded Future News

Cyberattacks Impacting Governments

In the past week, government systems in Ohio, Oklahoma, and Puerto Rico have faced significant cyberattacks. In particular, the city of Durant reported severe disruptions to services as a result of ransomware, causing issues with digital and credit card payments. Officials are working with law enforcement to restore operations. Emergency services, including 911, remain operational but communication delays are expected due to network outages.

Durant is not alone; other municipalities, such as Lorain County, Ohio, have also experienced cyber incidents leading to operational disruptions. For more details, visit the full report from The Record and check ongoing updates from local news outlets.

!Puerto Rico Cyber Incident Image courtesy of The Record from Recorded Future News

Ransomware Group Incransom Targets Durant City

On June 17, 2025, Durant City became a target of a ransomware group known as Incransom, which has reportedly compromised over 800 GB of sensitive data. The attack not only highlights the vulnerabilities within municipal cybersecurity frameworks but also raises alarms about the potential exposure of critical personal information, including passport data and contact details of residents.

The city's management is under scrutiny for their handling of the situation, as the group has threatened to release the data unless their demands are met. The incident underscores the urgent need for robust cybersecurity measures to prevent such breaches. For more information, see the incident report from HookPhish.

Incransom Attack on Durant

Image courtesy of HookPhish

Google Warns About Vishing Attacks Targeting Salesforce Users

Google has issued a warning regarding a threat group (UNC6040) that is targeting Salesforce customers through voice phishing (vishing) and data extortion campaigns. This group impersonates IT support staff to gain unauthorized access to sensitive data. The attack highlights the increasing trend of cybercriminals targeting IT roles to facilitate breaches without exploiting platform vulnerabilities.

Organizations should be aware of such social engineering tactics and enhance their security protocols. For additional insights, read more from SecurityWeek.

CrowdStrike Under Investigation Following Major Software Bug

CrowdStrike is currently cooperating with federal authorities regarding a significant software bug that occurred last July, which disrupted millions of computers. The company's recent SEC filing disclosed that the Justice Department and SEC are investigating the incident, raising concerns about revenue recognition practices and annual recurring revenue reporting.

Organizations relying on CrowdStrike's services should stay informed about the developments. For further details, refer to the Wall Street Journal.

Demand for Cybersecurity Professionals Rising

With the surge in cyber threats, particularly driven by AI technologies, the demand for cybersecurity professionals is increasing. Organizations are encouraged to adopt modern defenses, including AI-driven solutions and zero-trust architectures. Reports indicate that many healthcare organizations are unprepared to respond effectively to these threats.

For organizations looking to bolster their cybersecurity posture, considering managed security service providers can be a strategic move. More information can be found in the latest report by LevelBlue.

Explore how Gopher Security can assist you in enhancing your cybersecurity measures to protect against evolving threats.

Edward Zhou
Edward Zhou

CEO & Co-Founder

 

CEO & Co-Founder of Gopher Security, leading the development of Post-Quantum cybersecurity technologies and solutions.

Related News

SolarWinds Patches Critical Web Help Desk RCE Vulnerabilities Now
SolarWinds Web Help Desk

SolarWinds Patches Critical Web Help Desk RCE Vulnerabilities Now

Critical RCE & Auth Bypass flaws in SolarWinds Web Help Desk are fixed! Don't risk it. Update to v2026.1 now to protect your systems. Learn more.

By Edward Zhou March 9, 2026 4 min read
common.read_full_article
AI vs Human Hackers: Who Prevails in 2026 Pen Testing?
AI hacking

AI vs Human Hackers: Who Prevails in 2026 Pen Testing?

Discover the results of a groundbreaking study comparing AI agents and human hackers in web vulnerability exploitation. See who prevails and what it means for your security. Read now!

By Jim Gagnard March 6, 2026 6 min read
common.read_full_article
Vulnerability Exploits Lead Cyber Intrusions in 2026 Trends
vulnerability exploits

Vulnerability Exploits Lead Cyber Intrusions in 2026 Trends

Exploits are now the top intrusion method, outpacing phishing. Discover why rapid vulnerability patching is critical and how to bolster your defenses. Read more!

By Edward Zhou March 4, 2026 4 min read
common.read_full_article
Google Dismantles IPIDEA, Major Proxy Network for 550+ Threats
Ipidea proxy network

Google Dismantles IPIDEA, Major Proxy Network for 550+ Threats

Google has disrupted Ipidea, a massive residential proxy network used by cybercriminals. Learn how this action impacts online security and what it means for threat actors. Read now!

By Brandon Woo February 27, 2026 4 min read
common.read_full_article