The Week in Breach News: 03/05/25 – 03/11/25
This week: An attack on a Japanese telco impacts 18 million business clients; ransomware may complicate a debt sale deal; get a handy checklist of five user threats to prioritize; and optimizing your user protection strategy.
Read this week’s new featured blog: 4 Essential Questions for Optimizing Your User Protection Strategy
Berkeley Research Group
Exploit: Ransomware
Industry: Business Services
Berkeley Research Group (BRG) suffered a cyberattack on March 2, just weeks before its long-awaited debt sale deal is set to close. A hacker claims to have stolen data and encrypted files, issuing multiple ransomware demands. BRG has hired cybersecurity firms Octillo Law and Booz Allen Hamilton to address the breach. The events coincide with a $700 million leveraged loan sale that’s intended to finance TowerBrook’s purchase of a majority equity investment in BRG. That deal, announced last month, is expected to close in April, according to Moody’s Ratings.
How It Could Affect Your Customers’ Business: Cybercriminals often strike when companies are vulnerable because the pressure to resolve the issue quickly increases the likelihood of ransom payment.
Kaseya to the Rescue: Explore the biggest challenges professionals contended with in 2024 and the impact of AI on cybersecurity in the Kaseya Cybersecurity Survey 2024. GET THE REPORT>>
Chicago Public Schools
https://chicago.suntimes.com/education/2025/03/08/cps-data-breach-security-technology
Exploit: Supply Chain
Industry: Education
Chicago Public Schools (CPS) and law enforcement are investigating a data breach that exposed the personal information of approximately 700,000 current and former students. The breach stems from a cyberattack on Cleo, a file transfer software vendor used by CPS, late last year. According to CPS, student names, dates of birth, gender and ID numbers were accessed and published on the dark web. Medicaid-enrolled students also had their Medicaid ID numbers and eligibility dates exposed. No Social Security numbers, financial or health information were compromised. CPS has reported the incident to the FBI and the Illinois attorney general’s office as investigations continue.
How It Could Affect Your Customers’ Business: Every organization faces data breach risk from all of its vendors and suppliers – and needs to plan accordingly.
Kaseya to the Rescue: Learn how to secure your systems and data from threats like this in The Comprehensive Guide to Third-Party and Supply Chain Risk. DOWNLOAD IT>>
Learn to defend against today’s sophisticated email-based cyberattacks DOWNLOAD EBOOK>>
Argentina – Policía de Seguridad Aeroportuaria
https://diariopampero.com/hackeo-expone-vulnerabilidad-en-datos-de-policia-aeroportuaria/
Exploit: Hacking
Industry: Government
A cyberattack on the Policía de Seguridad Aeroportuaria (PSA) or Airport Security Police database resulted in a rash of unauthorized salary deductions for numerous officers, with amounts ranging from 2,000 to 5,000 pesos. The deductions appeared under false labels such as “DD mayor” and “DD seguro,” resulting in affected officers struggling to recover their missing funds through the Banco Nación platform. Some officers experienced multiple deductions, raising concerns that malicious software enabled repeated access. Officials indicated the breach originated in Banco Nación’s payment processing system rather than PSA’s internal systems. Authorities have disclosed that the hackers used foreign-based servers, although they have not ruled out local involvement. Investigations are ongoing, but no significant progress has been made in identifying the perpetrators.
How It Could Affect Your Customers’ Business: Financial systems, especially those handling payroll, are prime targets for cybercriminals, and a breach in one system can have widespread consequences.
Kaseya to the Rescue: Maximize your security on a lean budget with the insights you’ll find in our infographic 5 Ways to Squeeze More From a Tight Security Budget. DOWNLOAD IT>>
Feeling overwhelmed by your task list? Discover four strategies for reducing your workload! GET INFOGRAPHIC>>
Japan – NTT Communications Corporation
Exploit: Hacking
Industry: Telecom
Japanese telecom provider NTT Communications Corporation (NTT) disclosed a data breach affecting nearly 18,000 corporate customers. Hackers gained unauthorized access to NTT’s Order Information Distribution System, exposing company names, representative details, contract numbers, phone numbers, email addresses, physical addresses and service usage information. The breach was discovered on February 5, 2025, and access was blocked the following day. However, an investigation later revealed that attackers had moved to another device on NTT’s network, which was promptly disconnected on February 15 to prevent further spread. NTT confirmed that personal customer data and contracts for corporate smartphones provided by NTT Docomo were unaffected. The company will not issue individual notifications, relying solely on its public announcement to inform impacted businesses.
How It Could Affect Your Customers’ Business: Attackers often move laterally within networks, making swift detection and response crucial to limiting damage.
Kaseya to the Rescue: Our 10 Tips for Successful Employee Security Awareness Training infographic can help you maximize the effectiveness of your security awareness training efforts. DOWNLOAD IT>>
Uncover today’s worst phishing threats and see smart strategies to keep businesses out of trouble. GET EBOOK>>
Australia – Australian New Zealand Clinical Trials Registry
https://www.cyberdaily.au/security/11818-anzctr-cyber-attack-causes-week-long-research-delays
Exploit: Hacking
Industry: Healthcare
The Australian New Zealand Clinical Trials Registry (ANZCTR) was taken offline on February 28, following a cybersecurity incident on February 24, according to its operator, Sydney University. While no identifiable health data was compromised, exposed details include contact information and passwords. Affected users have been advised to change passwords and stay alert for phishing attempts. The outage has disrupted researchers and scientists, preventing them from registering clinical trials for public transparency. ANZCTR, the region’s largest registry, reports trial details to the WHO’s International Clinical Trials Registry Platform (ICTRP). Sydney University has assured that there is no ongoing threat to its systems and has recommended that researchers use alternative registries until ANZCTR is restored.
How it Could Affect Your Customers’ Business: The company launched an investigation only after discovering the breach rather than detecting it proactively, giving attackers more time to act.
Kaseya to the Rescue: Learn how to protect the most vulnerable gateway to your organization with a three-pronged approach to effective cybersecurity. DOWNLOAD INFOGRAPHIC>>
Australia – Bis Industries
Exploit: Hacking
Industry: Mining
Australian mining equipment supplier Bis Industries is investigating claims that hackers stole 502GB of data during a December 2024 ransomware attack. The RansomHub cybercrime gang listed the company on its darknet leak site on February 17, where the post has been viewed over 7,000 times. Bis confirmed that an unauthorized third party accessed and encrypted part of its IT system in December and is now working with cybersecurity experts to assess whether data was stolen. The company, which supplies coal mining equipment and services under its UGM brand, has not disclosed the nature of the compromised data. The investigation is ongoing.
How it Could Affect Your Customers’ Business: Incident response should include swift forensic analysis because delays in confirming what was compromised can lead to confusion and uncertainty.
Kaseya to the Rescue: Learn how a subscription to Kaseya 365 User helps you reduce costs, streamline security management and protect users and data across SaaS applications. LEARN MORE>>
Take a deep dive into why an AI-powered anti-phishing solution is a smart financial choice. GET EBOOK>>
Read this week’s featured blog: 4 Essential Questions for Optimizing Your User Protection Strategy
With remote work and SaaS apps expanding your attack surface, protecting users is more urgent than ever. Discover how a comprehensive user protection strategy can safeguard your organization from the financial, reputational and regulatory fallout of evolving cybersecurity risks. READ MORE>>
Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>
Kaseya 365 User Product Innovation Update
March 20, 2025 | 11:00 AM & 7:00 PM ET
Join us for an exclusive live webinar on the latest Kaseya 365 User innovations, including exciting updates for BullPhish ID, Graphus, Dark Web ID, SaaS Alerts, Spanning and Datto SaaS Protection. See how our new features and automations will enhance phishing defense, simplify security and improve backup and recovery.
Attend this live webinar to:
- Learn how to better protect your organization from evolving cyberthreats.
- Be among the first to see our solutions’ newest features and functions.
- Get a look at what’s ahead on our roadmap.
- Connect with Kaseya User Protection experts.
Get to know the players, commodities and places that are shaping today’s dark web. DOWNLOAD EBOOK>>
Get your 5 Threats to Users That Demand Immediate Action checklist
Employees are a vital asset, yet often the weakest link in an organization’s security. This checklist highlights the top five cyberthreats your team faces and provides actionable steps to defend against them. Equip your business with proactive tools and best practices to prevent, respond to and recover from security breaches smoothly. DOWNLOAD IT>>
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
March 13: Microsoft 365 & Google Workspace User Health Check Webinar for Internal IT Teams REGISTER NOW>>
March 14: Test Drive Kaseya 365 Endpoint REGISTER NOW>>
March 18: Kaseya + Datto Connect Local: Birmingham, United Kingdom REGISTER NOW>>
March 18: The AI Phishing Revolution: How Cybercriminals Are Outsmarting Traditional Defenses Webinar REGISTER NOW>>
March 19: Kaseya + Datto Connect Local: Los Angeles Symposium REGISTER NOW>>
March 19: The 2025 Outlook for AI in EMEA: Game-Changing Features and Trends Overview REGISTER NOW>>
March 20: Kaseya 365 User Product Innovation Update REGISTER NOW>>
March 25: The 2025 Outlook for AI at Kaseya: Game-Changing Features and Trends Overview REGISTER NOW>>
March 25: Turning PenTesting into Profit: Sales, Pricing Models & Service Packaging Explained REGISTER NOW>>
April 1: Kaseya + Datto Connect Local: Fort Lauderdale REGISTER NOW>>
April 10: Kaseya + Datto Connect Local: Columbus, Ohio REGISTER NOW>>
April 28 – May 1: Kaseya Connect Global REGISTER NOW>>
June 17 – 19: Kaseya DattoCon Europe REGISTER NOW>>
October 6 – 8: Kaseya DattoCon REGISTER NOW>>
October 28 – 30: Kaseya DattoCon Asia-Pacific REGISTER NOW>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Read our case studies and see how MSPs and businesses have benefitted from using our solutions. READ NOW>