SecureFact – Cyber Security News – Week of February 17, 2025

A significant cybersecurity breach at NorthBay Healthcare Corporation exposed the personal, medical, and financial records of over 569,000 Americans.
The breach, which occurred between January 11 and April 1, 2024, compromised sensitive data including names, Social Security numbers, financial account numbers, and credit card details.
NorthBay Health has since updated its security and is offering affected customers a one-year membership to Experian IdentityWorks.
While there is no current evidence of misuse of the data, the incident highlights the increasing threat of cyberattacks on healthcare institutions and the importance of robust cybersecurity measures.

South Korea has suspended new downloads of the Chinese AI app DeepSeek due to the company’s failure to fully comply with the country’s privacy laws regarding the protection of personal data.
The Personal Information Protection Commission (PIPC) stated that the suspension, which took effect on Saturday, aims to block new downloads of the app until
DeepSeek makes the necessary improvements to comply with South Korean privacy law.
DeepSeek’s web service remains accessible in the country.
This action follows a similar move by Italy’s data protection authority, which blocked DeepSeek’s chatbot due to privacy concerns.

A massive IoT data breach exposed 2.7 billion records, including Wi-Fi network names, passwords, IP addresses, and device IDs, linked to Mars Hydro and LG-LED Solutions.
Cybersecurity researcher Jeremiah Fowler discovered the unprotected 1.17 terabyte database, which likely belonged to users of Mars Hydro’s Mars Pro app.
The exposed data poses significant risks, such as unauthorized network access and “nearest neighbor” exploits.
Experts recommend encrypting sensitive logs, changing default passwords, conducting regular security audits, and limiting public cloud access to prevent future breaches, as many IoT devices are vulnerable due to outdated systems and weak credentials.

Zacks Investment Research reportedly suffered a data breach in June 2024, potentially exposing the sensitive information of about 12 million users.
A threat actor leaked data samples on a hacker forum, including full names, usernames, email addresses, physical addresses, and phone numbers.
While Zacks hasn’t confirmed the breach, the actor claims to have accessed the company’s active directory and stolen source code.
Have I Been Pwned (HIBP) has added the leaked database, confirming it contains 12 million unique email addresses, along with other personal data and unsalted SHA-256 hashed passwords.
This could be the third major data breach for Zacks in the past four years, with previous incidents occurring in 2023 and a validated leak from 2020.
HIBP notes that 93% of the leaked emails were already in their database from previous breaches, possibly from the same platform.

Ransomware attack on Memorial hospital.
120,000 individuals were notified that their personal information was stolen in a ransomware attack.
The ransomware attack was first disclosed in November, but at the time, it said that though its systems were down, and staff would have to revert to pen and paper to record patient information, its operations remained uninterrupted.
The Embargo ransomware group claimed responsibility for the attack, alleging that it stole 1.15 terabytes of data from the hospitals systems.
The hospital is offering a year of complimentary identity protection services, credit monitoring, a $1 million identity fraud loss reimbursement policy, and identity theft recovery services through IDX.
The hospital has no current evidence to suggest misuse or attempted misuse of personal information involved.