Towards the end of November, staff for the California-based cannabis brand, STIIIZY, were informed by a point-of-sale vendor that some of their account information had been compromised by hackers. The subsequent investigation revealed that the hackers had accessed the STIIIZY systems between October 10th and November 10th and were able to exfiltrate a significant amount of customer information, including payment data, passport and driver’s license details, and other personally identifiable information (PII) for over 420,000 individuals.
Breach exposes 360,000 Medusind patients
More than a year after being breached, the investigation into Medusind has revealed that nearly 360,000 customers of the medical billing firm have had their financial and healthcare records leaked. While the investigation has finally concluded, officials for Medusind are not revealing the threat actor behind this incident, not providing any information on how their systems were breached. Fortunately, the company is offering up to two years of credit monitoring for all affected customers.
FBI operation clears PlugX malware from US computers
Following a US court ruling, the FBI and other international law enforcement agencies have conducted an operation to remove the China-backed PlugX malware from more than 4,200 computers in the US alone. PlugX malware has been in use since 2014, after being developed by the Mustang Panda threat group, at the request of the Chinese government to gather information from systems in countries all around the world. The US judicial system gained the first of nine warrants in August of 2024 and enacted their searches until they finally expired at the beginning of January 2025, thus ending the operation.
Blood donation organization breached in ransomware attack
Over the summer of 2024, one of the largest not-for-profit blood donation organizations in the US, OneBlood, was the target of a ransomware attack that resulted in a significant data breach. Upon completion of the investigation, it was confirmed that the threat actors behind this attack initially gained access in the middle of July and were able to exfiltrate data and retain access to the OneBlood systems for two full weeks before being discovered.
Hackers leak Spanish telecom databases
At the beginning of the year, security researchers identified several databases sharing supposedly leaked data from the Spanish telecom company, Telefonica, and exposing sensitive information for thousands of customers and employees. It is believed that the hackers used a variety of infostealers to compromise the accounts of 15 Telefonica employees and use their credentials to gain further access to the systems. The stolen data has been published on BreachForums, with three threat actors with ties to the Hellcat ransomware group claiming responsibility.
