#WeeklyRoundup

Weekly Databreaches Roundup Week 12-2025

March 26, 2025
week12-2025

Here’s your weekly #databreach news roundup:

Western Alliance Bank, Pennsylvania State Education Association (PSEA), California Cryobank, and Tata Technologies.

Western Alliance Bank

Western Alliance Bank

Western Alliance Bank, based in Arizona, has notified nearly 22,000 customers that their personal information was stolen in October 2024. Hackers gained access to the bank’s systems through a vulnerability in third-party file transfer software. The stolen data includes names, Social Security numbers, dates of birth, financial details, and other personal identifiers. The breach was discovered after some of the stolen files were leaked online. While there is no evidence that the data has been misused, the bank is offering free credit monitoring to affected customers. The attack was reportedly carried out by the Clop ransomware group, which exploited a security flaw in the third-party software.

Pennsylvania State Education Association (PSEA)

Pennsylvania State Education Association (PSEA)

Hackers stole sensitive personal information of over 517,000 members of the Pennsylvania State Education Association (PSEA) during a cyberattack in July 2024. The breach affected current and former teachers, counselors, healthcare workers, and school social workers. Stolen data includes Social Security numbers, passport numbers, medical and financial information, as well as account numbers, PINs, passwords, and security codes. PSEA stated not all data was stolen from every affected person and took steps to delete the data, suggesting the attack may have involved a ransom demand. However, paying the ransom doesn’t guarantee that the stolen data was fully deleted.

California Cryobank

California Cryobank

California Cryobank, the largest sperm bank in the US, has warned customers about a data breach that exposed personal information. The breach, detected on April 21, 2024, involved unauthorized access to the company’s network, potentially compromising data between April 20 and April 22, 2024. Exposed data includes names, bank account details, Social Security numbers, driver’s license numbers, payment card information, and health insurance details. The company is offering one year of free credit monitoring for those affected. It is unclear whether donor information, including ID numbers, was accessed, raising concerns for individuals who donated sperm anonymously. California Cryobank has implemented additional security measures to protect data.

Tata Technologies

The ransomware group Hunters International has leaked data it claims to have stolen from Tata Technologies, a month after the company confirmed a ransomware attack in January 2024. The leaked data includes over 730,000 documents, such as spreadsheets, presentations, and contracts, totaling around 1.4 terabytes. The stolen information contains personal details of employees, as well as sensitive company data like purchase orders and contracts with clients in India and the US. While Tata Technologies had previously stated that its client services were unaffected, it’s unclear if this leak is connected to the earlier attack. Hunters International, a new ransomware group, has ties to the Hive gang and has been linked to several high-profile attacks.

Discover more from Data Breach Insights

Subscribe now to keep reading and get access to the full archive.

Continue reading