SecureFact – Cyber Security News – Week of May 05, 2025

In February 2024, VeriSource Services, a Texas-based employee benefits and HR outsourcing provider, suffered a data breach that exposed the personal information of approximately 4 million individuals.
The compromised data includes full names, addresses, dates of birth, gender, and Social Security numbers, primarily belonging to employees and dependents of companies using VeriSource’s services.
The breach was detected on February 28, 2024, but it took over a year for VeriSource to fully assess the scope and notify all affected individuals, with final notifications sent in April 2025.
VeriSource responded by securing its network, engaging cybersecurity experts for investigation, and offering 12 months of free credit monitoring, identity protection, and identity restoration services to those impacted.
The incident underscores the risks associated with third-party data handling and highlights the need for rigorous vendor security assessments and ongoing monitoring

Ascension disclosed a new data breach stemming from a December 2024 cyberattack on a former business partner, which exploited a vulnerability in third-party software.
This breach affected at least 114,692 individuals in Texas and 96 in Massachusetts, with potentially more nationwide. The compromised data includes personal details such as names, addresses, phone numbers, emails, dates of birth, race, gender, Social Security numbers, and clinical information related to inpatient visits like physician names, admission/discharge dates, diagnosis and billing codes, medical record numbers, and insurance details.
Ascension is offering two years of free identity monitoring, credit monitoring, fraud consultation, and identity theft restoration services to those affected.
The company has also reviewed its processes and is implementing enhanced security measures to prevent similar incidents in the future

The Texas Health and Human Services Commission (HHSC) recently announced a data breach affecting over 94,000 individuals who receive state benefits78.
This breach, stemming from employee misconduct dating back to July 2024, involved improper access to personal information78. The compromised data includes full names, addresses, phone numbers, Social Security numbers, and Medicaid/Medicare IDs7.
In response, HHSC has fired nine employees and is strengthening security measures, offering affected individuals two years of free credit monitoring and identity theft protection.

Harrods, a luxury department store in London, confirmed a cyberattack in late April 2025, joining M&S and Co-op as UK retailers recently targeted135.
In response to unauthorized attempts to access their systems, Harrods restricted internet access at its physical locations as a precaution346. The retailer assured customers that its flagship Knightsbridge store, H Beauty stores, airport locations, and online platform remained open and operational345.
Harrods has not yet disclosed whether systems were breached or if data was stolen but is actively responding to the attack15. The National Cyber Security Centre (NCSC) is collaborating with affected companies to understand the attacks and offer guidance.

Marks & Spencer (M&S) suffered a significant ransomware attack linked to the Scattered Spider threat actors, causing widespread outages including disruptions to contactless payments and online ordering.
The attackers initially breached M&S’s network as early as February 2025 by stealing the Windows domain’s NTDS.dit file, enabling them to extract password hashes and move laterally within the network.
On April 24, they deployed the DragonForce ransomware to encrypt VMware ESXi virtual machines, severely impacting operations. M&S engaged cybersecurity firms CrowdStrike, Microsoft, and Fenix24 to investigate and respond to the incident.
Scattered Spider is known for sophisticated social engineering tactics such as phishing, MFA bombing, and SIM swapping, often collaborating with ransomware groups. The attack highlights the growing threat of coordinated ransomware campaigns targeting large enterprises.