Try it
See a demo
Try it
See a Demo
SF-3 3
April 21, 2025
Alex Ramaiah

SecureFact – Cyber Security News – Week of April 21, 2025

Landmark Admin data breach impact now reaches 1.6 million people 

  • The Landmark Health data breach, initially reported in February, has now impacted approximately 16 million individuals after the threat actor used stolen credentials to access the company’s systems.  
  • Sensitive personal information was exposed, including names, dates of birth, Social Security numbers, addresses, phone numbers, health insurance information, and clinical data. 
  • Following the breach, Landmark Health notified affected individuals and offered complimentary credit monitoring and identity theft protection services to help mitigate potential harm.  
  • The company also reported the incident to relevant regulatory bodies and is cooperating with law enforcement to investigate the incident.  
  • Landmark has implemented enhanced security measures to prevent future unauthorized access and is reviewing its data protection protocols. The investigation is ongoing to determine the full scope and impact of the breach.

*Source 

Ahold Delhaize confirms data stolen after threat group claims credit for November attack 

  • Ahold Delhaize confirmed that up to 6 terabytes of sensitive data were stolen from its U.S. operations in a November 2024 cyberattack claimed by the threat group Inc Ransom. 
  • The breached data volume is substantial, though specific types of compromised information have not yet been fully disclosed. The attack disrupted e-commerce and pharmacy operations, notably forcing Hannaford supermarkets to halt pickup and delivery services temporarily.  
  • In response, Ahold Delhaize took affected systems offline, engaged external forensic experts to investigate the breach, notified law enforcement, and is working to identify and inform impacted individuals according to legal requirements. The company continues to enhance its cybersecurity posture to mitigate further risks.

*Source 

 Entertainment services giant Legends International discloses data breach

  • Legends International, a major global entertainment and venue management company, disclosed a significant data breach from a cyberattack detected on November 9, 2024.  
  • The breach involved unauthorized access and exfiltration of personal data files belonging to employees and visitors of venues managed by the company, though the exact volume of data and number of affected individuals remain undisclosed. 
  • Compromised data likely includes sensitive personal information such as dates of birth, Social Security numbers, driver’s license numbers, payment card, medical, and health insurance details. 
  • In response, Legends International took affected systems offline, engaged external cybersecurity experts for investigation, notified law enforcement, and enhanced security measures post-incident.  
  • As mitigation, the company is offering 24 months of free identity theft protection services through Experian to impacted individuals, with enrollment open until July 31, 2025, while urging vigilance against potential misuse of personal information 

*Source 

Hertz confirms customer info, drivers’ licenses stolen in data breach 

  • Hertz confirmed a data breach where customer information, including driver’s license details, was stolen. The exact number of affected customers and the volume of compromised data have not been disclosed.  
  • Upon discovering the breach, Hertz initiated an investigation and implemented measures to contain the incident. The company has notified affected customers and is providing guidance on how to protect themselves from potential identity theft and fraud.  
  • Hertz is working with cybersecurity experts to enhance its data protection measures and prevent future incidents.  
  • The company is also cooperating with law enforcement authorities in their investigation. 

*Source 

Kidney dialysis firm DaVita hit by a weekend ransomware attack 

  • DaVita, a major kidney dialysis provider, experienced a ransomware attack that disrupted its IT systems.  
  • While the specific volume of data breached remains undisclosed, the attack potentially compromised sensitive patient information. 
  • The type of data affected could include medical records, personal identification details, and insurance information.  
  • In response, DaVita activated its incident response plan, took systems offline to contain the spread, and initiated a forensic investigation.  
  • The company is working to restore affected systems and is coordinating with law enforcement and cybersecurity experts.  
  • DaVita is also evaluating the scope of the breach to determine the necessary notifications and mitigations for affected individuals. 

*Source 

By Alex Ramaiah
Recent posts