The Week in Breach News: 03/19/25 – 03/25/25
This week: a Zero Day exploit exposes data for 20k bank customers; ransomware thieves snatch research data from a zoo; and a checklist to help you build a company’s cyber resilience.
Read this week’s new featured blog: 5 Proven Ways to Strengthen Cyber Resilience by Safeguarding Users
Lake Washington Vascular
https://www.hipaajournal.com/lake-washington-vascular-ransomware-attack/
Exploit: Ransomware
Industry: Healthcare
Lake Washington Vascular, a surgical center in Bellevue, WA, has disclosed that the practice suffered a ransomware attack on February 14, 2025. The Qilin ransomware group claimed responsibility. The ransomware encrypted its electronic health record and practice management systems. The center said that it did not pay a ransom and instead chose to restore its files from secure backups. Patient data including names, medical histories and government-issued IDs was potentially compromised. Financial information was not affected. The center has notified 21,534 impacted patients.
How It Could Affect Your Customers’ Business: This business was able to recover without paying a ransom because it had secure backups in place, showcasing the importance of preparation.
Kaseya to the Rescue: Explore the biggest challenges professionals contended with in 2024 and the impact of AI on cybersecurity in the Kaseya Cybersecurity Survey 2024. GET THE REPORT>>
U.S.A. – Pennsylvania State Education Association (PSEA)
https://www.theregister.com/2025/03/19/pennsylvania_nonprofit_cyberattack/
Exploit: Ransomware
Industry: Non-profit
The Pennsylvania State Education Association (PSEA) has confirmed a ransomware attack exposed sensitive data on 517,487 individuals. The Rhysida ransomware gang claimed responsibility for the breach, which included financial, health and identity-related information such as Social Security numbers, driver’s licenses, payment details and medical records. PSEA completed its investigation on February 18 but has not disclosed when the breach was detected. The nonprofit currently represents more than 178,000 education professionals in Pennsylvania.
How It Could Affect Your Customers’ Business: Ransomware threats extend beyond businesses and government agencies to nonprofits and professional organizations handling personal data.
Kaseya to the Rescue: Learn how to secure your systems and data from threats like this in The Comprehensive Guide to Third-Party and Supply Chain Risk. DOWNLOAD IT>>
Western Alliance Bank
Exploit: Third-Party Data Breach
Industry: Finance
Arizona-based Western Alliance Bank is notifying 21,899 customers that their data was stolen in an October 2024 cyberattack on a third-party service provider. Hackers allegedly exploited a pre-auth zero-day vulnerability (CVE-2024-50623) in Cleo LexiCom, VLTransfer and/or Harmony software to break in. The Cl0p threat actors exploited that flaw to deploy a JAVA backdoor dubbed “Malichus”. This supposedly enabled the gang to steal data, execute commands and gain further access to the victims’ networks. Bad actors exfiltrated sensitive information, including names, Social Security numbers, financial account details and identity documents. The breach was discovered after stolen files were leaked. The Cl0p ransomware gang listed Western Alliance among 58 victims in January.
How It Could Affect Your Customers’ Business: Hackers exploited a pre-auth zero-day flaw, emphasizing the importance of timely vulnerability management, patching and threat intelligence sharing.
Kaseya to the Rescue: Maximize your security on a lean budget with the insights you’ll find in our infographic 5 Ways to Squeeze More From a Tight Security Budget. DOWNLOAD IT>>
Uncover today’s worst phishing threats and see smart strategies to keep businesses out of trouble. GET EBOOK>>
Canada -The Toronto Zoo
https://therecord.media/toronto-zoo-warns-decades-cyberattack
Exploit: Ransomware
Industry: Science & Technology
A cyberattack on the Toronto Zoo exposed data on all visitors from 2000 to April 2023, including names, addresses, phone numbers and emails. Guests who made credit card transactions between January 2022 and April 2023 also had partial card details compromised. The Akira ransomware group claimed responsibility for stealing 133GB of data. The breach also affected current and former employees, volunteers and donors. Staff data dating back to 1989 was stolen. The Toronto Zoo experienced multiple days of operational difficulties and sadly lost decades of wildlife conservation research as a result of the incident. The Toronto Zoo reported the incident to the Office of the Information and Privacy Commissioner of Ontario.
How It Could Affect Your Customers’ Business: The attack disrupted zoo operations and led to the loss of critical wildlife conservation research, underscoring the broader impact of cyber incidents.
Kaseya to the Rescue: Our 10 Tips for Successful Employee Security Awareness Training infographic can help you maximize the effectiveness of your security awareness training efforts. DOWNLOAD IT>>
Are you feeling overwhelmed by IT tasks? Let us show you how to reduce your security workload! GET TIPS>>
New Zealand – James Pascoe Group
Exploit: Hacking
Industry: Retail
James Pascoe Group, the owner of many retail stores in New Zealand and Australia, confirmed a cyberattack over the weekend that disrupted operations in all of its shops. The attack knocked out store phone lines, customer service emails and IT systems. Stores were left unable to process gift cards and electronic payments. The company said that it quickly detected the breach and has restored most systems. The group owns 650 retail outlets, including Whitcoulls, Farmers, Goldmark, Stewart Dawson, Stevens, Prouds the Jewellers and Angus & Coote, with an estimated 10,000 employees.
How it Could Affect Your Customers’ Business: The attack impacted the store’s electronic payment systems, showing the importance of robust cybersecurity measures for retailers.
Kaseya to the Rescue: Learn how a subscription to Kaseya 365 User helps you reduce costs, streamline security management and protect users and data across SaaS applications. LEARN MORE>>
University of Notre Dame Australia
Exploit: Hacking
Industry: Education
A ransomware attack on Notre Dame University in Perth is causing significant disruption. The attack began several weeks ago. Students and graduates are facing challenges with graduations, class schedules and assignment submissions due to knocked-out IT systems. The university has implemented manual workarounds and set up one-stop support hubs for face-to-face assistance. While alternative systems are in place for students needing records for employment, the university is working to restore all systems securely and will notify graduates once transcripts are available.
How it Could Affect Your Customers’ Business: IT disruptions can have severe operational impacts, highlighting the need for robust cybersecurity defenses and business continuity planning.
Kaseya to the Rescue: Identify the must-have features in a user protection solution and explore how to build a robust user protection strategy in our Modern User Protection Buyer’s Guide. GET IT>>
Take a deep dive into why an AI-powered anti-phishing solution is a smart financial choice. GET EBOOK>>
Read this week’s featured blog: 5 Proven Ways to Strengthen Cyber Resilience by Safeguarding Users
As cyberthreats become more advanced, proactive security is no longer optional – it’s essential for business success. Discover how building cyber resilience with a multi-layered strategy can help your organization defend against evolving threats and stay secure. READ MORE>>
Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>
Make your case for Kaseya 365 User
Ready to take a deep dive into the dollars and cents of user protection? Our eBook explains why Kaseya 365 User is a smart investment for any business. See how this innovative platform helps organizations prevent, respond to and recover from user-based threats while reducing costs, streamlining security management and achieving compliance across SaaS apps like Microsoft 365 and Google Workspace.
Learn more about affordable, comprehensive protection beyond the endpoint when you download this eBook.
Get to know the players, commodities and places that are shaping today’s dark web. DOWNLOAD EBOOK>>
Building a Cyber-Resilient Business
Download our checklist Building a Cyber-Resilient Business to see how bolstering a company’s cyber resilience helps the company stay ahead of threats like phishing, Business email compromise (BEC) and ransomware.
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
March 27: Maximera Effektiviteten: Transformera och Utveckla Ditt Företag med RMM, IT Glue och PSA REGISTER NOW>>
March 28: World Backup Day: From Disaster to Recovery – How to Win with BCDR REGISTER NOW>>
March 28: Test Drive Kaseya 365 Endpoint: Get Under the Hood REGISTER NOW>>
April 1: Kaseya + Datto Connect Local: Miami Symposium REGISTER NOW>>
April 2: MSP Benchmark Report: Guide to Your Profitability in 2025 REGISTER NOW>>
April 3: The Zero-Trust Advantage: Strengthening Endpoint & Network Security REGISTER NOW>>
April 10: Kaseya + Datto Connect Local: Columbus, Ohio REGISTER NOW>>
April 28 – May 1: Kaseya Connect Global REGISTER NOW>>
May 20: Kaseya + Datto Connect Local: Chicago Symposium REGISTER NOW>>
June 3: Kaseya + Datto Connect Local: New York City Symposium REGISTER NOW>>
June 17 – 19: Kaseya DattoCon Europe REGISTER NOW>>
October 6 – 8: Kaseya DattoCon REGISTER NOW>>
October 28 – 30: Kaseya DattoCon Asia-Pacific REGISTER NOW>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Read our case studies and see how MSPs and businesses have benefited from using our solutions. READ NOW>