Recently, the threat actors behind the RansomHouse extortion group have claimed responsibility for the data breach at Loretto Hospital in Chicago. The initial breach occurred back in early February, with the group adding Loretto Hospital to their leak site shortly afterwards and revealing that they had exfiltrated 1.5TB of sensitive information. It is unclear how RansomHouse was able to access the hospital’s network, nor is it known if officials are going to pay the ransom for the return or deletion of the data.
Japanese telecom suffers major data breach
Officials for the Japanese telecom, NTT, have confirmed that their network had been compromised by unknown hackers, which may affect nearly 18,000 clients. It is believed that the hackers only had access to the network for a single day before being discovered and having their access removed, though they were able to successfully exfiltrate information on their corporate clients. This is the second cybersecurity incident that has affected NTT since the beginning of the year, as they faced a significant outage due to a DDoS attack in January.
Microsoft patches long-exploited vulnerability
Almost 2 years after first being informed of a zero-day vulnerability that was being actively exploited, Microsoft has finally pushed out a patch to resolve CVE-2025-24983, a kernel-level bug that could be used to gain elevated privileges on a victim’s device. Researchers first identified this vulnerability in March of 2023, and tracked several threat actors using the exploit after gaining access to a victim device through a backdoor on systems running Windows 8.1 OS or Server 2012 R2. Fortunately, this vulnerability doesn’t affect any newer Windows operating systems.
Dark Storm Team targets X with DDoS attack
At the beginning of the week, staff for X confirmed that they were suffering from an operation outage due to a DDoS attack. This incident was later claimed by a pro-Palestinian group known as Dark Storm Team, who have been launching a series of DDoS attacks against organizations in the US, Ukraine, and Israel in the last few weeks. Luckily, this attack was short-lived, and normal operations were restored, with users able to access the site and mobile app unhindered.
Multiple healthcare breaches expose 560,000 patient’s data
In the last week, 4 healthcare organizations reported data breaches to authorities, with a combined 560,000 individuals being affected. The breaches all took place in 2024 and targeted Sunflower Medical Group in Kansas, Hillcrest Convalescent Center in North Carolina, Gastroenterology Associates of Central Florida, and Community Care Alliance in Rhode Island, which each have roughly 100,000 current patients/clients.
