Jun 6, 12:14 PM

5,958 Securities Frauds in Japan, Major U.S. and Kuwaiti Firms Hit by Cyberattacks with Data Leaks and Ransom Deadlines

Between January and May 2025, there were 5,958 cases of unauthorized transactions linked to securities account takeovers in Japan, with losses exceeding 500 billion yen. Despite securities firms implementing mandatory multi-factor authentication to prevent such fraud, security experts warn that even one-time passwords can be bypassed, raising concerns about the effectiveness of current security measures. Concurrently, several cyberattacks have targeted major companies and financial firms in the United States and Kuwait. The Crypto24 hacking group claimed to have breached FORTÉ, formerly AVI Systems, exfiltrating 643 GB of data. The Chaos ransomware gang attacked Barnhart Crane & Rigging, leaking 360 GB of data. The Qilin ransomware gang breached Regents Capital Corporation, stealing 99 GB of data and threatening to release it on June 17, 2025. Arkana Security targeted Synopsys, a U.S.-based semiconductor software company with $6 billion in revenue, allegedly exfiltrating sensitive data related to over 41,000 corporate entities. In Kuwait, the NightSpire hacking group breached Green Flame Gas, exfiltrating 470 GB of data with a ransom deadline of June 10, 2025. Additionally, widespread phishing attacks have affected customers of various proprietary trading firms, prompting warnings for users to change passwords and calls for improved security practices within these firms.