Here’s your weekly #databreach news roundup:
Wolf Haldenstein, Avery, Nominet, OneBlood, Gravy Analytics, Committee on Foreign Investment (CFIUS) and BayMark Health Services.
Wolf Haldenstein
Wolf Haldenstein Adler Freeman & Herz LLP ("Wolf Haldenstein") reports it has suffered a #databreach that exposed the personal information of nearly 3.5 million individuals to hackers. @billtoulas https://t.co/WLmxXBTi7d
— DevaOnBreaches (@DevaOnBreaches) January 18, 2025
Wolf Haldenstein Adler Freeman & Herz LLP suffered a significant data breach in December 2023, exposing the personal information of nearly 3.5 million individuals, including names, Social Security numbers, and medical details. Despite detecting the breach quickly, the investigation and notification process faced delays due to forensic challenges, leaving many affected individuals unaware. The firm has promised credit monitoring for those impacted and advises vigilance against phishing and fraud. The breach highlights severe risks to affected individuals and underscores the importance of prompt action in such incidents.
Avery
Avery Products Corporation is warning it suffered a #databreach after its website was hacked to steal customers' credit cards and personal information. @billtoulas https://t.co/Gce8gb43o5
— DevaOnBreaches (@DevaOnBreaches) January 18, 2025
Avery Products Corporation experienced a data breach where hackers placed a card skimmer on its website, compromising the payment information of over 61,000 customers between July and December 2024. Exposed data includes names, addresses, email, phone numbers, and payment card details. Avery has offered free credit monitoring for a year and urges vigilance against fraudulent transactions and phishing attempts.
Nominet
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability.https://t.co/Igw9A9MDkc
— DevaOnBreaches (@DevaOnBreaches) January 15, 2025
Nominet, the .UK domain registry managing over 11 million domains, suffered a network breach via an Ivanti VPN zero-day vulnerability. The attack, linked to suspected Chinese hackers, exploited critical flaws in mid-December 2024. While Nominet reports no evidence of data leaks or backdoors, investigations are ongoing. The company has restricted VPN access and informed relevant authorities.
OneBlood
Blood-donation not-for-profit OneBlood confirms that donors' personal information was stolen in a ransomware attack last summer. #databreach @billtoulas https://t.co/7nT6rDBZSB
— DevaOnBreaches (@DevaOnBreaches) January 15, 2025
OneBlood, a major blood donation organization, confirmed that donor data, including names and Social Security numbers, was stolen during a ransomware attack in July 2024. The breach caused significant delays in blood operations and forced critical shortage protocols. While OneBlood is offering free credit monitoring to affected individuals, the six-month delay in notifying them has left many at prolonged risk of identity theft and fraud. Impacted individuals are advised to remain vigilant and consider credit freezes and fraud alerts.
Gravy Analytics
A breach of a data broker’s trove of location data threatens the privacy of millions https://t.co/jbwPJ4TNgA
— TechCrunch (@TechCrunch) January 13, 2025
Gravy Analytics, a major location data broker, suffered a data breach exposing millions of sensitive location data points from consumer apps like Tinder, Grindr, and FlightRadar. The breach, caused by a misappropriated key, leaked data from sensitive locations such as military bases and the White House, raising serious privacy and security concerns. Researchers warn the data allows deanonymization and poses risks to individuals, including LGBTQ+ users in unsafe regions. Gravy Analytics, under recent FTC scrutiny for unlawful tracking, continues to investigate the breach, which highlights the dangers of data collection through online advertising practices.
Committee on Foreign Investment (CFIUS)
Silk Typhoon Chinese state-backed hackers have reportedly breached a Treasury Department office that reviews foreign investments for national security risks. #databreachhttps://t.co/4HIdoqGVoO
— DevaOnBreaches (@DevaOnBreaches) January 13, 2025
Silk Typhoon, a Chinese state-backed hacking group, breached U.S. Treasury Department systems, including the Committee on Foreign Investment in the United States (CFIUS) and the Office of Foreign Assets Control (OFAC). Using a stolen BeyondTrust API key, the attackers accessed unclassified information related to potential sanctions, likely aiming to gather intelligence on Chinese entities under scrutiny. Known for cyberespionage campaigns and exploiting zero-day vulnerabilities, Silk Typhoon has a history of targeting organizations worldwide for data theft and reconnaissance. The
BayMark Health Services
BayMark Health Services, Inc. (BayMark) notified an unknown number of patients that attackers stole their personal and health information. #databreach https://t.co/jBAYAinPnj
— DevaOnBreaches (@DevaOnBreaches) January 13, 2025
BayMark Health Services suffered a ransomware attack by the RansomHub group, exposing sensitive data of patients, including Social Security numbers, treatment details, and insurance information. The breach, spanning September to October 2024, led to 1.5 terabytes of data being published after BayMark reportedly refused to pay the ransom.
