Georgia Hospital Data Breach Exposes 120,000 Patient Records
A cyberattack on St. Joseph’s/Candler Health System in Georgia has resulted in the exposure of sensitive data from approximately 120,000 individuals.
The breach, which was first detected in December 2023, involved unauthorized access to patient information, including names, Social Security numbers, and medical records. The attackers reportedly remained undetected in the system for several weeks. The hospital has since taken security measures to contain the breach and is offering credit monitoring services to affected patients.
This incident highlights the growing risk of cyber threats in the healthcare sector, where sensitive patient data remains a prime target for attackers. Organizations must prioritize cybersecurity investments to protect critical information.
Cyberattack Disrupts Lee Enterprises’ Newspaper Operations Across the U.S.
A cyberattack has disrupted the operations of Lee Enterprises, a major U.S. newspaper publisher, affecting multiple publications nationwide.
The attack, first detected on February 6, 2025, has impacted the company’s printing and digital operations, delaying newspaper distribution and website updates. Lee Enterprises has not disclosed the nature of the attack, but ransomware is suspected. IT teams are working to restore services, while law enforcement agencies investigate the incident.
This attack underscores the vulnerability of media organizations to cyber threats, especially as digital platforms play a crucial role in news dissemination. Ensuring robust cybersecurity measures is critical to maintaining the integrity and availability of news services.
Hackers Exploit Google Tag Manager to Deliver Malware
Cybercriminals are leveraging Google Tag Manager (GTM) to stealthily distribute malware by injecting malicious scripts into compromised websites.
Researchers discovered that threat actors are using GTM containers to bypass traditional security filters, enabling them to load malware onto users’ devices without detection. The technique allows attackers to execute malicious JavaScript code dynamically, leading to credential theft, phishing attacks, and malware infections. Google has been informed of the issue, but mitigating such abuse remains challenging.
This discovery highlights the risks of trusted third-party tools being weaponized by attackers, reinforcing the need for organizations to monitor their web assets and adopt advanced security measures.
DeepSeek App Found Transmitting Sensitive User Data to Chinese Servers
Security researchers have found that DeepSeek, an AI-powered application, is transmitting users’ sensitive data to servers in China without explicit consent.
The app, which provides AI-driven recommendations and assistance, reportedly collects extensive personal information, including location data, browsing history, and user interactions. The data is then transmitted to remote servers in China, raising concerns about privacy and potential state surveillance. While DeepSeek has denied any malicious intent, experts warn that such data collection practices pose significant security risks.
This incident raises red flags about data privacy, particularly regarding applications with ties to foreign governments. It underscores the importance of transparency and stringent data protection policies for AI applications handling sensitive user data.
Massive Brute-Force Attack Uses 28 Million IPs to Target VPN Devices
A large-scale brute-force attack has been detected, using over 28 million unique IP addresses to compromise VPN devices worldwide.
The attack, which has been ongoing for several weeks, appears to be an automated campaign targeting weak or default credentials in VPN systems. Security researchers believe a botnet is behind the effort, attempting to gain unauthorized access to corporate networks. The scope of the attack suggests a well-resourced threat actor, possibly linked to state-sponsored hacking groups. Organizations are urged to implement strong authentication mechanisms and monitor for unusual login attempts.
This event highlights the ongoing threat to VPN security, emphasizing the need for organizations to enforce multi-factor authentication (MFA) and regular password updates to prevent unauthorized access.