The Week in Breach News: 05/28/25 – 06/02/25
This week: Victoria’s Secret is knocked offline by hackers; over 300k LexisNexis subscribers have their data exposed; Space Bears attack Aussie accounting firm; and 14 new Disney+ themed phishing training videos have arrived in a cloud of pixie dust.
See the evolution of the MSP business in our infographic 7 Key Stats From the 2025 MSP Benchmark Survey. DOWNLOAD IT>>
Victoria’s Secret
https://www.cbsnews.com/news/victorias-secret-us-website-dark-security-incident/
Exploit: Hacking
Industry: Retail
Victoria’s Secret’s U.S. website was knocked out and some in-store services were unavailable last week due to an unspecified security incident. The company, based in Ohio, says the shutdown is a precaution. Customers began reporting issues early last week. Customer care was also offline. The company said it is working to fulfill orders placed before the attack and will extend return windows and some coupon offers. Some office operations were halted as employees lost access to email.
How It Could Affect Your Customers’ Business: Downtime from a cybersecurity incident is expensive. Getting back on your feet fast is critical.
Kaseya to the Rescue: Learn how Tailored Threat Response with RocketCyber Dynamic Remediation speeds up incident response with automation to minimize damage. GET THE FEATURE SHEET>>
LexisNexis Risk Solutions
Exploit: Hacking (Third Party)
Industry: Business Services
LexisNexis Risk Solutions, a major U.S.-based data analytics firm, confirmed that a December 2024 breach exposed the personal information of over 364,000 individuals. The breach, disclosed in notifications sent starting May 24, was traced to a compromised company account on GitHub. The stolen data was taken from a third-party development platform, not LexisNexis’ internal systems. The company became aware of the breach on April 1, 2025.
How It Could Affect Your Customers’ Business: This breach underscores a key cybersecurity lesson: Even if your internal systems are secure, your data is vulnerable through third-party platforms.
Kaseya to the Rescue: Learn proven strategies for mitigating both malicious and accidental insider risk to keep businesses out of trouble in our Guide to Insider Risk. DOWNLOAD IT>>
MathWorks
https://www.securityweek.com/matlab-maker-mathworks-recovering-from-ransomware-attack/
Exploit: Ransomware
Industry: Technology
MathWorks, the Massachusetts-based creator of MATLAB and Simulink, disclosed a ransomware attack in a website update. The incident began on Sunday, May 18, disrupting several customer-facing applications and internal systems. On May 21, MathWorks was able to fix single sign-on and multifactor authentication but also reported that Cloud Center and MATLAB Mobile were part of the affected applications in the ransomware attack. The company is actively investigating the breach and working to restore all affected services.
How It Could Affect Your Customers’ Business: Cybercriminals often choose weekends or holidays to strike because low or no staffing makes their job easier.
Kaseya to the Rescue: Get tips to strengthen a company’s defenses and bolster its cyber resilience with our Building a Cyber-Resilient Business checklist. GET THE CHECKLIST>>
Covenant Health
https://www.hipaajournal.com/covenant-health-cyberattack/
Exploit: Hacking
Industry: Healthcare
Covenant Health, a healthcare provider based in Andover, Maine, is responding to a cyberattack that began on May 26, 2025, causing widespread connectivity issues across its hospitals, clinics and practices in New England and parts of Pennsylvania. The health system proactively shut down data systems to contain the attack. While post-acute care facilities remain largely unaffected, several hospitals, including St. Joseph Hospital in Nashua, NH, and two in Maine, are experiencing service disruptions. Some ambulances were temporarily diverted, and outpatient lab services were limited. Despite the incident, Covenant Health continues to provide care and patients are advised to keep their appointments as staff work to restore systems.
How it Could Affect Your Customers’ Business: Even with strong defenses, healthcare organizations must be prepared to maintain operations during a cyberattack.
Kaseya to the Rescue: Maximize your security on a lean budget with the insights you’ll find in our infographic 5 Ways to Squeeze More From a Tight Security Budget. DOWNLOAD IT>>
U.S. – Missouri Department of Conservation
Exploit: Hacking
Industry: Government
The Missouri Department of Conservation has confirmed a data breach that exposed sensitive personal and health information of current and former employee health plan beneficiaries. Detected in February and confirmed in April, the breach may include names, contact details, birth dates, health plan info and possibly Social Security or ID numbers. The department is offering complimentary credit monitoring services to those who may have been affected.
How it Could Affect Your Customers’ Business: Organizations must not only invest in threat detection but also ensure they have robust forensic capabilities to identify hidden impacts.
Kaseya to the Rescue: Identify the must-have features in a user protection solution and explore how to build a robust user protection strategy in our Modern User Protection Buyer’s Guide. GET IT>>
Feeling overwhelmed by your task list? Discover four strategies for reducing your workload! GET INFOGRAPHIC>>
Singapore – Datapost
Exploit: Hacking
Industry: Business Services
The West Lothian Council in Scotland confirmed a ransomware attack on its education network, impacting IT systems across 13 secondary schools, 69 primary schools and 61 nurseries. The Interlock group claimed responsibility. While most stolen data appears related to operational matters like lesson planning, officials now believe some personal information may also have been compromised. The council was quick to assure the public that confidential pupil, financial and social work records were not stored in the impacted system. The affected network was quickly isolated, and there is no evidence that other council systems were breached. However, the council warned it has not ruled out the theft of sensitive medical or social work data. Parents, carers and staff are being notified, and Police Scotland is leading the investigation.
How it Could Affect Your Customers’ Business: One cyberattack can have far-reaching consequences for the victim, including the loss of customers and valuable business relationships.
Kaseya to the Rescue: Discover how Kaseya 365 User delivers comprehensive protection beyond the endpoint without breaking the bank. GET THE EBOOK>>
Discover user protection for the modern workforce in our eBook Kaseya 365 User Protection Business Case. GET IT>>
Australia – 3P Corporation
Exploit: Ransomware
Industry: Business Services
The Space Bears ransomware gang claimed responsibility for a cyberattack on Victoria-based financial services provider 3P Corporation, listing the firm on its darknet site in early April and later leaking over 213GB of sensitive data. The trove was published after a missed ransom deadline. It reportedly includes tax documents, bank details, employee pay slips and personal data of over 4,500 clients. The leaked files also appear to contain authority to deduct funds forms, tax file numbers and internal documents. 3P would say only that an “attempted attack” occurred on April 7.
How it Could Affect Your Customers’ Business: Even when systems flag suspicious activity, threat actors may have already accessed and copied sensitive files before being shut out.
Kaseya to the Rescue: Explore the biggest challenges professionals contended with in 2024 and the impact of AI on cybersecurity in the Kaseya Cybersecurity Survey 2024. GET THE REPORT>>
Take a deep dive into why an AI-powered anti-phishing solution is a smart financial choice. GET EBOOK>>
Bibbidi-bobbidi-blocked: 14 new Disney+ phishing kits to the rescue!
People around the world love watching Disney+. Cybercriminals know it too, making Disney+ phishing scams a popular tactic. Help your users outsmart their tricks with our new phishing resistance training kits.
- Disney+ – Account Has Been Suspended, US – English
- Disney+ – Your One-Time Passcode, US – English
- Disney+ – Conta Suspensa, Portuguese
- Disney+ – Seu código de acesso único, Portuguese
- Disney+ – Su código de acceso único, Spanish
- Disney+ – Cuenta Suspendida, Spanish
- Disney+ – Uw eenmalige toegangscode, Dutch
- Disney+ – Account Opgeschort, Dutch
- Disney+ – Din engångskod, Swedish
- Disney+ – Konto avstängt, Swedish
- Disney+ – Ihr Einmal-Code, German
- Disney+ – Konto gesperrt, German
- Disney+ – Un code d’accès a été demandé, French
- Disney+ – Compte suspendu, French
Learn more in the BullPhish ID Release Notes.
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
7 data points that reveal where MSPs are headed in 2025
We’ve pulled together 7 game-changing stats in one infographic to help you understand the trends, challenges and opportunities shaping the future of managed services. Use these insights to stay competitive and grow profitably.
Get expert advice for protecting your organization’s most vulnerable gateway in this infographic. DOWNLOAD IT>>
Master the Tech: Effortless Endpoint Management
June 12, 2025 | 2:00 PM ET
Discover how K365 Endpoint integrates with Autotask and IT Glue to simplify operations, boost efficiency, and enable proactive IT management. Learn practical ways to streamline deployment, improve visibility, and optimize your use of the Kaseya IT Complete platform.
June 4: Close the Deal: Using SaaS Security & Dark Web Data to Win Clients REGISTER NOW
June 10: Kaseya 365 Ops in Action REGISTER NOW>>
June 10: Unlocking Autotask Projects: A Step-by-Step Guide to Mastering Project Management in PSA REGISTER NOW>>
June 17 – 19: Kaseya DattoCon Europe REGISTER NOW>>
July 3: Kaseya+Datto Connect Local: Perth REGISTER NOW>>
July 15: Kaseya+Datto Connect Local: Montreal REGISTER NOW>>
August 28: Kaseya+Datto Connect Local: Brisbane REGISTER NOW>>
September 4: Kaseya+Datto Connect Local: Adelaide REGISTER NOW>>
October 6 – 8: Kaseya DattoCon Miami REGISTER NOW>>
October 28 – 30: Kaseya DattoCon Asia-Pacific REGISTER NOW>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Read our case studies and see how MSPs and businesses have benefited from using our solutions. READ NOW>