In Mexico, health institutions are facing an unprecedented number of cyberattacks. Digital extortion attacks are costing firms over US$4 million each, not counting reputational fallout. In international news, a report shows that the US Department of Homeland Security (DHS) leaked sensitive intelligence data to thousands of unauthorized users due to a misconfiguration. Meanwhile, ransomware disrupted Jaguar Land Rover’s UK operations, forcing plant closures during peak sales season.
Ready? This is your Week in Cybersecurity!
Mexico
Mexico’s Health Sector Faces Rising Cyberattacks in 1H25
Mexico’s health sector faces an unprecedented digital threat. With 40.6 million cyberattack attempts recorded in the first half of 2025 across all industries, the country ranks as the second most-attacked in Latin America, putting critical infrastructure and sensitive patient data at risk.
Digital Extortion in Mexico: Attacks Cost Firms Over US$4 Million Each
Digital extortion has become a strategic threat for companies in Mexico, with an average attack costing more than US$4 million, excluding customer losses and reputational damage. According to Antonio Fajer, CEO, Pentafon, the lack of security certifications in contact centers and operations increases vulnerability.
International
DHS Leak Exposed Surveillance Data to Thousands of Unauthorized Users
A Freedom of Information Act (FOIA) request revealed that a misconfigured DHS platform exposed sensitive intelligence data to tens of thousands of unauthorized users between March and May 2023. The error in the Homeland Security Information Network’s intelligence section (HSIN-Intel) allowed government employees outside intelligence roles, private contractors, and even foreign nationals to access 439 intelligence reports over 1,500 times, with nearly 40% involving cybersecurity threats.
Cyberattack Forces Jaguar Land Rover to Extend UK Plant Shutdown
Jaguar Land Rover (JLR) has extended the shutdown of two UK production plants until Sept. 24 following a cyberattack that began on Aug. 31, which forced the company to take down its IT systems. The group Scattered Lapsus$ Hunters claimed responsibility, saying it deployed ransomware, further disrupting JLR’s operations during a peak sales season.
