The Week in Breach News: 03/25/25 – 04/01/25
This week: Cyberattacks snarl railways in Russia and Ukraine; an Oracle cloud breach hits 1.5k organizations; and insight into how to reduce business email compromise (BEC) risk through user protection.
Read this week’s new featured blog: Stopping BEC Starts with User Protection
Oracle
https://hackread.com/oracle-denies-breach-hacker-access-6-million-records/
Exploit: Hacking
Industry: Technology
A major cyberattack targeting Oracle Cloud has resulted in the potential exfiltration of six million records by a threat actor known as ‘rose87168’. The hacker allegedly stole sensitive data such as JKS files, encrypted SSO passwords, key files and enterprise manager JPS keys. A sample of the compromised data contains information on approximately 1,500 organizations. Evidence suggests the attacker may have been active since January 2025, accessing Oracle Cloud’s production environments. Oracle has repeatedly denied the incident, despite customer reports of breaches and reports of new details emerge.
How It Could Affect Your Customers’ Business: This breach raises serious concerns about cloud security and the safety of enterprise data stored in the cloud through a service provider.
Kaseya to the Rescue: Explore the biggest challenges professionals contended with in 2024 and the impact of AI on cybersecurity in the Kaseya Cybersecurity Survey 2024. GET THE REPORT>>
Parcel Plus
Exploit: Hacking
Industry: Business Services
A tax preparer in Hanover, PA, is warning customers about a data breach that has compromised customers’ financial information. Parcel Plus announced that it had fallen victim to a spear phishing attack allegedly linked to foreign cybercriminals. In this incident, clients had their direct deposit information fraudulently altered to another account. The IRS has assured Parcel Plus that all affected customers will still receive their tax refunds, but additional paperwork may be required. The company advised that compromised tax returns will need to be mailed in, resulting in delays in refund processing.
How It Could Affect Your Customers’ Business: Businesses must invest in a robust defense against cyber threats because every business of any size can be attacked by bad actors at any time.
Kaseya to the Rescue: Learn how to secure your systems and data from threats like this in The Comprehensive Guide to Third-Party and Supply Chain Risk. DOWNLOAD IT>>
Take a deep dive into why an AI-powered anti-phishing solution is a smart financial choice. GET EBOOK>>
Lee University
https://www.jdsupra.com/legalnews/lee-university-announces-data-breach-1531727
Exploit: Hacking
Industry: Education
Lee University in Tennessee has disclosed a data breach after discovering that an unauthorized party accessed sensitive information. The breach stems from a March 2024 cybersecurity incident that affected Lee University’s computer network. The investigation determined that cybercriminals exploited a vulnerability in third-party software used by the university to access and download confidential information. The university has not yet disclosed what specific data was involved or how many individuals were impacted.
How It Could Affect Your Customers’ Business: It is critical to routinely update, patch and audit third-party software to mitigate risks before they can be exploited.
Kaseya to the Rescue: Maximize your security on a lean budget with the insights you’ll find in our infographic 5 Ways to Squeeze More From a Tight Security Budget. DOWNLOAD IT>>
Uncover today’s worst phishing threats and see smart strategies to keep businesses out of trouble. GET EBOOK>>
Ukraine – Ukrzaliznytsia
Exploit: Hacking (Nation State)
Industry: Transportation
Ukrzaliznytsia, Ukraine’s national railway operator, suffered a massive cyberattack that crippled its online ticketing services, forcing passengers to buy tickets in person and causing overcrowding, long waits and frustration. While train operations were unaffected, additional staff were deployed at ticket booths and military personnel were allowed to purchase tickets onboard. Shortly after this incident, Russia experienced a similar attack on the subway system serving Moscow. Each nation points to the other as responsible for these incidents.
How It Could Affect Your Customers’ Business: It is critical to routinely update, patch and audit third-party software to mitigate risks before they can be exploited.
Kaseya to the Rescue: Our 10 Tips for Successful Employee Security Awareness Training infographic can help you maximize the effectiveness of your security awareness training efforts. DOWNLOAD IT>>
Feeling overwhelmed by your task list? Discover four strategies for reducing your workload! GET INFOGRAPHIC>>
Australia – Nine
https://www.abc.net.au/news/2025-03-27/data-16000-nine-newspapers-readers-breach/105105692
Exploit: Third-Party Data Breach
Industry: Media
A breach exposed the personal data of 16,000 subscribers to Nine newspapers, including the Sydney Morning Herald, The Age and The Financial Review. The breach, linked to a third-party supplier, resulted in names, postal addresses and email addresses being left accessible online due to a third-party supplier’s security lapse. Nine confirmed payment details and passwords were not compromised and is working to secure affected systems, although the exposure’s duration and potential access by malicious actors remain unclear.
How it Could Affect Your Customers’ Business: Organizations with sensitive data, like domestic violence survivors’ information, must ensure it is encrypted, segmented and access-controlled to prevent exposure.
Kaseya to the Rescue: Identify the must-have features in a user protection solution and explore how to build a robust user protection strategy in our Modern User Protection Buyer’s Guide. GET IT>>
Australia – New South Wales Department of Communities and Justice (DCJ)
Exploit: Hacking
Industry: Government
A cybersecurity breach at the NSW Department of Communities and Justice exposed 9,000 files in the state’s secure court registry, potentially affecting domestic violence survivors. The hacker gained access through a registered account and used a Python script to infiltrate the system. While the full extent of the compromised data is still being investigated, officials warned it may include sensitive details of survivors, including children. A security patch has been applied, and those concerned about their safety have been advised to take precautions. The NSW government has not yet disclosed how many individuals may be affected or whether the hacker’s identity is known.
How it Could Affect Your Customers’ Business: Organizations handling highly sensitive data, like this, must ensure it is encrypted, segmented and access-controlled to prevent exposure.
Kaseya to the Rescue: Identify the must-have features in a user protection solution and explore how to build a robust user protection strategy in our Modern User Protection Buyer’s Guide. GET IT>>
Get to know the players, commodities and places that are shaping today’s dark web. DOWNLOAD EBOOK>>
South Korea – Samsung
https://cybernews.com/security/us-hospitals-and-health-systems-data-breach
Exploit: Hacking
Industry: Technology
A data leak has exposed 270,000 Samsung Germany customer support tickets, revealing sensitive details such as names, emails, addresses, and transactional data. The breach, allegedly by hacker “GHNA,” is linked to samsung-shop.spectos.com and includes tracking URLs, raising concerns about package theft. The leak stemmed from unused login credentials and is now circulating online. Samsung Germany has yet to comment on the incident.
How it Could Affect Your Customers’ Business: Having a clear, timely communication plan for informing affected users and stakeholders is vital for recovering from a cyberattack.
Kaseya to the Rescue: Identify the must-have features in a user protection solution and explore how to build a robust user protection strategy in our Modern User Protection Buyer’s Guide. GET IT>>
Take a deep dive into why an AI-powered anti-phishing solution is a smart financial choice. GET EBOOK>>
Read this week’s featured blog: Stopping BEC Starts with User Protection
Did you know that last year, businesses saw a 50% surge in financial losses from business email compromise (BEC) attacks? Learn how investing in user protection helps you protect your organization from costly BEC scams before they start. READ MORE>>
Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>
The Ultimate User Security Playbook: Prevent, Respond and Recover with Confidence
As cyberthreats grow more sophisticated, protecting against phishing, ransomware and BEC becomes more complex. In this on-demand webinar, you’ll learn how to prevent attacks, respond quickly and accelerate recovery. WATCH NOW>>
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
Checklist: Building a Cyber-Resilient Business
Cybersecurity is now a business priority. Download our essential checklist to stay ahead of emerging threats like phishing, BEC, ransomware and identity theft, and protect your users while building a cyber-resilient business. DOWNLOAD THE CHECKLIST>>
Get expert advice for protecting your organization’s most vulnerable gateway in this infographic. DOWNLOAD IT>>
Have you registered for Kaseya Connect Global 2025 yet?
Kaseya Connect is just around the corner. Join us on April 28 – May 1, 2025, at the MGM Grand Resort in beautiful Las Vegas. This is an unbeatable opportunity to connect with 4,000+ professionals at this must-attend event.
- Get hands-on training and certifications
- Be the first to know about major Kaseya news and the future of Kaseya’s platforms
- Network at fun evening events
- Hear from keynote speakers Pro Football Hall of Famer Peyton Manning and Hot Ones Sean Evans
Come early and attend our pre-day events. GlueXperience and the M&A Symposium are here to up your game in integrations, workflows and company value! Plus, a new pre-day event is here: Kaseya Security Live, an immersive, hands-on experience tackling emerging cybersecurity threats.
Register now and get ready to supercharge your skills at Kaseya Connect 2025! REGISTER NOW>>
April 3: The Zero-Trust Advantage: Strengthening Endpoint & Network Security REGISTER NOW>>
April 10: Kaseya + Datto Connect Local: Columbus, Ohio REGISTER NOW>>
April 28 – May 1: Kaseya Connect Global REGISTER NOW>>
May 20: Kaseya + Datto Connect Local: Chicago Symposium REGISTER NOW>>
June 3: Kaseya + Datto Connect Local: New York City Symposium REGISTER NOW>>
June 17 – 19: Kaseya DattoCon Europe REGISTER NOW>>
October 6 – 8: Kaseya DattoCon REGISTER NOW>>
October 28 – 30: Kaseya DattoCon Asia-Pacific REGISTER NOW>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Read our case studies and see how MSPs and businesses have benefited from using our solutions. READ NOW>