The Week in Breach News: 02/05/25 – 02/11/25
This week: Ransomware stops the presses at Lee Enterprises; a cyberattack shuts down a clinic permanently; another UK engineering firm gets hacked; and six smart ways to maximize your cybersecurity budget.
Read this week’s new featured blog: 6 Budget-Savvy Tips for Strengthening Your Security Strategy
Pinehurst Radiology Associates
Exploit: Hacking
Industry: Healthcare
Pinehurst Radiology Associates in North Carolina has informed patients that the practice will remain closed indefinitely following a cyberattack on February 5, 2024. The attack disrupted the clinic’s ability to schedule and provide mammography and ultrasound services. The practice has enlisted legal counsel and cybersecurity experts to assist with the investigation. Founded in 1983, Pinehurst Radiology employed 13 radiologists and two physician assistants.
How It Could Affect Your Customers’ Business: This is a chilling example of just how quickly falling victim to a cyberattack can bring any organization to its knees.
Kaseya to the Rescue: Explore the biggest challenges professionals contended with in 2024 and the impact of AI on cybersecurity in the Kaseya Cybersecurity Survey 2024. GET THE REPORT>>
Grubhub
https://mashable.com/article/grubhub-data-breach
Exploit: Ransomware
Industry: Hacking (Third-Party)
Popular food delivery service Grubhub has disclosed a data breach that may have compromised the personal and financial information of its customers, drivers and merchants. The company said that it detected unusual activity linked to an account used by a third-party service provider for customer support. After identifying the breach, Grubhub terminated access for the compromised account and removed the service provider from its systems. The exposed data includes names, email addresses, phone numbers, and partial credit card details, specifically, card type and last four digits. Additionally, hashed passwords from certain legacy systems were accessed. The breach also affects student users of Grubhub’s campus dining service. Grubhub is currently being sold to food hall startup Wonder for $650 million, with the deal expected to close this quarter.
How It Could Affect Your Customers’ Business: With an acquisition deal on the table, this is not a good time for Grubhub to have an information security problem.
Kaseya to the Rescue: Learn to mitigate a company’s risk of damage from email-based threats in A Comprehensive Guide to Email-based Cyberattacks. GET THE GUIDE>>
Lee Enterprises
Exploit: Hacking
Industry: Media
Lee Enterprises, one of the largest newspaper groups in the U.S., confirmed a cyberattack on February 3, 2025, that caused a major system outage and disrupted its operations. The attack forced the shutdown of many networks, impacting the printing and delivery of numerous newspapers. Reporters and editors were unable to access files, and several news organizations’ sites displayed banners noting temporary disruptions to online publishing. Impacted publications include the Buffalo News in New York, the Richmond Times-Dispatch in Virginia, the Arizona Daily Star, the Omaha World-Herald in Nebraska, the Press of Atlantic City, the St. Louis Post-Dispatch in Missouri, the Casper Star-Tribune in Wyoming and dozens of other media outlets.
How It Could Affect Your Customers’ Business: Media organizations must strengthen cyber resilience with robust security, incident response plans and reliable backups to ensure they can keep reporting news.
Kaseya to the Rescue: Our 10 Tips for Successful Employee Security Awareness Training infographic can help you maximize the effectiveness of your security awareness training efforts. DOWNLOAD IT>>
Community Health Center Inc.
https://www.govtech.com/security/cyber-breach-exposes-personal-medical-data-in-eight-states
Exploit: Hacking
Industry: Healthcare
Community Health Center, Inc., which operates multiple clinics across Connecticut, has reported a data breach from October 14, 2024, to January 2, 2025, potentially exposing the medical records and Social Security numbers of over 1 million patients. The breach also affected individuals who received COVID-19 tests and vaccines at the clinics during the pandemic. The breach resulted in data exposure for 1,060,936 people across multiple states.
How It Could Affect Your Customers’ Business: Healthcare organizations are prime cyberattack targets that must prioritize strong cybersecurity measures to protect sensitive patient data.
Kaseya to the Rescue: Maximize your security on a lean budget with the insights you’ll find in our infographic 5 Ways to Squeeze More From a Tight Security Budget. DOWNLOAD IT>>
Uncover today’s worst phishing threats and see smart strategies to keep businesses out of trouble. GET EBOOK>>
UK – IMI
https://www.scworld.com/brief/cyberattack-impacts-british-engineering-firm-imi
Exploit: Ransomware
Industry: Engineering
IMI, a UK-based engineering company, has confirmed a cybersecurity breach just over a week after Smiths Group, another top British multinational engineering firm, reported a similar compromise. IMI filed a report with the London Stock Exchange, notifying the securities exchange of unauthorized access to its systems. IMI is a global engineering group with manufacturing facilities in 18 countries. It specializes in precision fluid engineering and provides services in sectors including process and industrial automation, climate control, life sciences and transport.
How it Could Affect Your Customers’ Business: Engineering firms must strengthen cybersecurity with proactive defense and incident response readiness to protect critical infrastructure.
Kaseya to the Rescue: Watch this webinar to explore Kaseya 365 User, our latest innovation to empower small and midsize businesses to maximize security while boosting productivity. LEARN MORE>>
Japan – Mizuno
https://sgbonline.com/mizuno-usa-hit-by-cyber-attack/
Exploit: Ransomware
Industry: Manufacturing
DeepSeek, a Chinese AI-driven data analytics company, has suffered a significant data leak, exposing over one million sensitive records. Researchers discovered that the company had a misconfigured cloud storage instance containing a large database that was left publicly accessible without proper authentication and access controls. The database contained a variety of sensitive information including chat logs, system details, operational metadata, API secrets and log streams.
How it Could Affect Your Customers’ Business: Human beings will never stop making mistakes, making it essential for companies to ensure that workers are adhering to best practices to minimize trouble.
Kaseya to the Rescue: Learn how to mitigate the security risks that come from the actions of both accidental and malicious insider risk in our Guide to Reducing Insider Risk. DOWNLOAD IT>>
Japan – Puroland
https://unseen-japan.com/puroland-ransomware-attack/
Exploit: Ransomware
Industry: Travel & Entertainment
Puroland, a popular amusement park located in the Tokyo area, has revealed that it was the victim of a cyberattack that potentially exposed sensitive customer data. The park’s IT team discovered that the site had been hacked and infected with ransomware, compromising data belonging to an estimated two million Puroland Club members, including those who purchased annual passports. The breach may have leaked personal information such as names, addresses, and other undisclosed details of employees and clients. Sanrio Entertainment, best known for the Hello Kitty brand, operates the park. The company is currently investigating the attack and has yet to disclose additional details about the extent of the data leak.
How it Could Affect Your Customers’ Business: No organization is beyond the reach of cybercriminals, making it critical for every organization to implement robust security measures.
Kaseya to the Rescue: Take a deep dive into the players that shape dark web commerce today in our eBook State of the Dark Web. DOWNLOAD IT>>
Take a deep dive into why an AI-powered anti-phishing solution is a smart financial choice. GET EBOOK>>
Read this week’s feature story: 6 Budget-Savvy Tips for Strengthening Your Security Strategy
Does finding the delicate balance between strong security, technician efficiency and cost give you a headache? Here are six tips to maximize your resources and security with ease. READ IT NOW>>
Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>
Infographic: 5 Ways to Squeeze More From a Tight Security Budget
IT teams are always asked to do more with less – and cybersecurity is no exception. However, there are a few steps that a multifunctional IT professional can take to stretch every dollar. Here are six tips to maximize your resources and security with ease. In this infographic, we share five actionable insights that can enhance a company’s cyber resilience and protect its data affordably. DOWNLOAD IT>>
Did you miss…our eBook State of the Dark Web 2025? DOWNLOAD IT>>
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
Don’t Miss the Kaseya Compliance Summit in Washington D.C.
Join us in the heart of Washington D.C. on Thursday, February 27, 2025, from 12:00 PM to 7:30 PM EST. This unmissable event will provide you with strategies, tools and insights about compliance with a wide array of standards, including CMMC, SOC2, HIPAA and others. Enjoy a catered lunch and connect with industry experts and peers over drinks during our networking reception. Don’t miss out on this incredible opportunity! REGISTER NOW>>
April 28 – May 1 Kaseya Connect Global REGISTER NOW>>
June 17 – 19 Kaseya DattoCon Europe REGISTER NOW>>
October 6 – 8 Kaseya DattoCon REGISTER NOW>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Read our case studies and see how MSPs and businesses have benefitted from using our solutions. READ NOW>