Latest news on cybersecurity leaks and intrusions
In a series of recent events, several companies across the globe have fallen victim to cyberattacks, underscoring the importance of robust data security measures.
North Country HealthCare Breach
Pro-Russia ransomware group Stormous has claimed responsibility for a data breach at North Country HealthCare, based in Arizona, USA. The breach is said to have compromised the personal and health information of around 600,000 patients. As of now, the healthcare provider has not confirmed the extent of the breach.
Australian Mortgage Services Data Breach
Six mortgage services companies in Queensland, Australia, experienced a data breach in July 2025. The breach involved the theft of personal and financial information, including sensitive data like driver's licenses, passports, pay stubs, and mortgage applications. Authorities allege that Joseph Kelly, a suspect in the case, is responsible for the break-ins at several Mortgage Choice locations and an unspecified ITP Accounting Professionals office. However, no publicly available records or investigations concerning Kelly have been found.
Novabev Group and Air Serbia Under Attack
The Russian alcohol company Novabev Group reported a cyberattack on July 14, affecting its operations. The owner of the Beluga and Belenkaya vodka brands did not disclose details about the nature of the attack or the data compromised. Meanwhile, Air Serbia is battling a cyberattack that has disrupted internal systems, delayed employee pay stubs, and limited internet access. It's suspected that infostealer malware may be involved.
ITA Data Breach
Independent Title Agency, LLC (ITA) in New York suffered a data breach due to a ransomware attack on April 17. The breach resulted in the theft of approximately 932 GB of data, including names, Social Security numbers, and other sensitive information tied to real estate transactions. ITA began notifying affected individuals on July 18 and is offering free credit monitoring and identity protection services through Experian IdentityWorks.
Wiley Rein's Microsoft 365 Email Compromise
Wiley Rein, a prominent Washington, D.C. law firm, had its Microsoft 365 email accounts compromised in a suspected China-backed cyber espionage campaign. Google-owned cybersecurity firm Mandiant is handling the investigation and remediation at Wiley Rein. The breach appears to be part of a Chinese intelligence gathering effort, but it's unclear what, if any, data was stolen.
TADTS Data Breach
The Alcohol & Drug Testing Service (TADTS) in Texas suffered a major data breach, impacting 748,763 individuals. The cybercrime group Bian Lian claimed responsibility, and compromised data may include names, Social Security numbers, dates of birth, driver's license information, passport numbers, financial account details, login credentials, biometric data, and immigration-related information.
These incidents serve as a reminder that data security extends beyond cyber defenses. Physical data access controls are equally important in safeguarding sensitive information. Furthermore, failing to disclose a data breach quickly could potentially damage a company's reputation. For instance, in the case of the Novabev Group, the company refused to pay the ransom demand, but as of current information, customers' personal data remains uncompromised, and the investigation continues.
