The Week in Breach News: 02/19/25 – 02/25/25
This week: A mineral company loses half a million dollars to a business email compromise scam; a major data leak for an Ontario school system; a checklist detailing five dangerous user threats and an exploration of the state of the Managed Service Provider (MSP) landscape in 2025.
Read this week’s new featured blog: Insights into the State of the MSP and the Cybersecurity Challenges They Face in 2025
Anne Arundel County, Maryland
Exploit: Hacking
Industry: Government
Anne Arundel County, Maryland, government buildings were closed on Monday, February 24, 2025, due to an external cyber incident disrupting public services. Officials are investigating, with full restoration expected to take days. The attack resulted in several service impacts. Senior Activity Centers are open, but AARP tax prep is unavailable. The county’s Aging and Disabilities Services arm is closed with limited phone assistance available. Recycling centers and landfills are closed, but curbside collection continues. County parks, rec centers, schools and libraries are unaffected. Authorities, including cybersecurity specialists, are assessing the breach. No timeline has been offered for recovery.
How It Could Affect Your Customers’ Business: It is critical for governments at every level to commit to robust cybersecurity measures to minimize service downtime
Kaseya to the Rescue: Explore the biggest challenges professionals contended with in 2024 and the impact of AI on cybersecurity in the Kaseya Cybersecurity Survey 2024. GET THE REPORT>>
Hipshipper
https://www.foxnews.com/tech/huge-data-leak-exposes-14-million-customer-shipping-records
Exploit: Hacking
Industry: Transportation & Logistics
Hipshipper, a shipping platform used by eBay, Shopify and Amazon sellers, accidentally exposed over 14.3 million records containing personal customer information. Researchers discovered the unprotected AWS storage bucket in December 2024, but the issue remained unfixed until January 2025, leaving sensitive data exposed for at least a month. The leaked data includes shipping labels and customs forms with buyers’ full names, home addresses, phone numbers, mailing dates and parcel details. The breach raises concerns about potential fraud and identity theft risks for affected customers. Hipshipper has not yet commented on the incident. Experts urge impacted users to monitor their accounts for suspicious activity and be cautious of phishing attempts.
How It Could Affect Your Customers’ Business: Employee mistakes can be devastating, but you can mitigate the risk of employee-related trouble with security awareness training.
Kaseya to the Rescue: Learn to mitigate a company’s risk of damage from email-based threats in A Comprehensive Guide to Email-based Cyberattacks. GET THE GUIDE>>
Are you feeling overwhelmed by IT tasks? Let us show you how to reduce your security workload! GET TIPS>>
NioCorp Developments
Exploit: Business Email Compromise
Industry: Mining & Natural Resources
Canadian mineral exploration firm NioCorp Developments, which operates in Nebraska, has disclosed a cyberattack that led to a $500,000 financial loss. In a report filed on Feb. 14, the company stated that unauthorized third-party access compromised portions of its email systems, resulting in a misdirected vendor payment to a fraudulent bank account. NioCorp quickly identified the incident and alerted federal law enforcement and financial institutions in an attempt to recover the funds. The company has launched an investigation and implemented containment measures but has not yet determined whether the breach will materially impact its financial condition.
How It Could Affect Your Customers’ Business: Companies must adopt proactive measures, including employee training and advanced email security solutions, to prevent and mitigate similar attacks.
Kaseya to the Rescue: Our 10 Tips for Successful Employee Security Awareness Training infographic can help you maximize the effectiveness of your security awareness training efforts. DOWNLOAD IT>>
Rainbow District School Board
https://www.cbc.ca/news/canada/sudbury/cyber-attack-rainbow-schools-1.7464080
Exploit: Hacking
Industry: Education
The Rainbow District School Board in Sudbury, Ontario, confirmed that a cyberattack exposed sensitive personal data of staff, students and parents. Affected data includes social insurance numbers, banking details, medical records, academic info and contact details spanning 2011 to 2024. The breach also exposed health and behavioral records of students in Intensive Support Programs since 2019, along with parents’ contact and employment info. Staff data from 2010 to the present, including addresses and medical leave records, were compromised. School photos from 2012-2025 were accessed but not linked to identities. The breach has been reported to local and provincial police.
How It Could Affect Your Customers’ Business: Institutions that handle vast amounts of private information, such as schools, must take extra precautions to keep it safe.
Kaseya to the Rescue: Maximize your security on a lean budget with the insights you’ll find in our infographic 5 Ways to Squeeze More From a Tight Security Budget. DOWNLOAD IT>>
Uncover today’s worst phishing threats and see smart strategies to keep businesses out of trouble. GET EBOOK>>
U.K. – CPI UK
Exploit: Hacking
Industry: Media & Entertainment
CPI UK, the country’s leading book printer, suffered a cyberattack that has disrupted its IT systems across its eight UK sites. The company has enlisted specialist technical experts to investigate and restore operations. CPI UK confirmed that the attack specifically targeted its U.K. business, despite having significant cybersecurity protections in place. A forensic analysis confirmed the nature of the breach, and teams are working to recover systems as quickly as possible. The company has not disclosed the extent of the impact on production or whether any sensitive data was compromised.
How it Could Affect Your Customers’ Business: This incident highlights the importance of not only having robust defenses but also being prepared for quick incident response and recovery.
Kaseya to the Rescue: Watch this webinar to explore Kaseya 365 User, our latest innovation to empower small and midsize businesses to maximize security while boosting productivity. LEARN MORE>>
U.K. – The Agency
https://www.theregister.com/2025/02/19/london_celebrity_talent_agency_reports
Exploit: Ransomware
Industry: Media & Entertainment
The Agency, a talent agency established in 1995, told regulators it experienced a ransomware attack. The Rhysida ransomware group has claimed responsibility. Its data leak site suggests it is willing to sell the data for 7 Bitcoins ($678,035), and the gang has already published a sample of documents it alleges to have stolen. Those documents include an assortment of client passport scans, spreadsheets and other internal documents. The Agency has not provided any details about whether it intends to pay.
How it Could Affect Your Customers’ Business: Organizations that hold very sensitive client personal data like passport scans need to take extra care to protect it.
Kaseya to the Rescue: Take a deep dive into the players that shape dark web commerce today in our eBook State of the Dark Web. DOWNLOAD IT>>
U.K. – HCRG Care Group
https://www.theregister.com/2025/02/20/medusa_hcrg_ransomware
Exploit: Ransomware
Industry: Healthcare
HCRG Care Group, a UK-based private health and social services provider formerly known as Virgin Care, has reportedly been targeted by the Medusa ransomware gang. The cybercriminals claim to have stolen 2.275 TB of internal data and are demanding $2 million to either delete or sell the information. Medusa has set a February 27 deadline, threatening to leak the data if no payment is made. The gang is also offering to delay the release for $10,000 per day, presumably to keep negotiations open. Leaked samples already posted online include passport and driving license scans, staff schedules, a birth certificate and background check data. HCRG has yet to publicly confirm the extent of the impact.
How it Could Affect Your Customers’ Business: The healthcare sector is always a top sector for cybercrime because medical centers hold a wide variety of profitable data.
Kaseya to the Rescue: Learn how to mitigate the security risks that come from the actions of both accidental and malicious insider risk in our Guide to Reducing Insider Risk. DOWNLOAD IT>>
Take a deep dive into why an AI-powered anti-phishing solution is a smart financial choice. GET EBOOK>>
Read this week’s featured blog: Insights into the State of the MSP in 2025
Discover insights into the state of the MSP business, including a look at growth opportunities, the biggest cybersecurity challenges for MSPs to conquer and how MSPs are unlocking hidden revenue. READ MORE>>
Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>
Boost MSP Profitability With Kaseya 365 User
In today’s fast-changing MSP landscape, maintaining strong security while driving profitability is more important than ever.
In our exclusive webinar, “Boost MSP Profitability With Kaseya 365 User,” we explored how Kaseya 365 User, the latest breakthrough offering from Kaseya, helps MSPs eliminate roadblocks to profitability.
Watch now to discover how to:
- Tap into new revenue streams with a cost-effective subscription model designed to enhance your bottom line.
- Cut costs with a consistent, automated solution for managing user threats.
- Strengthen protection for user data and identities
Don’t miss this opportunity. Watch the webinar now and unlock new growth for your MSP! WATCH ON-DEMAND>>
5 Threats to Users That Demand Immediate Action
Employees are a company’s greatest asset and its biggest security risk. Learn about the top five cyberthreats targeting users in this handy checklist. Plus, gain actionable insights into implementing the right tools and best practices to prevent attacks, respond effectively and recover from security breaches. DOWNLOAD IT>>
Did you miss… Our Modern User Protection Buyer’s Guide? DOWNLOAD IT>>
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
April 28 – May 1 Kaseya Connect Global REGISTER NOW>>
June 17 – 19 Kaseya DattoCon Europe REGISTER NOW>>
October 6 – 8 Kaseya DattoCon REGISTER NOW>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Read our case studies and see how MSPs and businesses have benefitted from using our solutions. READ NOW>