Major Data Breaches and Security Updates Dominate Cybersecurity News
Major Data Breaches and Security Updates Dominate Cybersecurity News
On January 14, 2025, the cybersecurity landscape was significantly impacted by a series of high-profile data breaches and the essential release of security updates by Microsoft. In a notable incident, the hacker known as "b0nd" announced the sale of data affecting approximately 18.8 million customers of TalkTalk, highlighting the vulnerabilities associated with third-party suppliers. Meanwhile, Gravy Analytics reported unauthorized access to its AWS cloud storage, potentially exposing sensitive location data of millions, including critical sites such as the White House. In the cryptocurrency sector, Phemex suffered a breach leading to the theft of over $85 million, while PowerSchool experienced a breach compromising sensitive information related to K-12 students and staff. The Cybersecurity and Infrastructure Security Agency (CISA) has urged all users to apply the latest Microsoft security updates to protect against these emerging threats. CISA Alert
Also In Security Today
- TalkTalk Data Breach: Data from 18.8 million customers is up for sale by hacker "b0nd", traced back to a third-party supplier. This incident underscores the risks associated with third-party systems. Strobes Security
- Gravy Analytics Breach: Unauthorized access to AWS cloud storage could compromise sensitive location data of millions, including high-security sites. Security Boulevard
- Phemex Crypto Exchange Attack: Attackers utilized sophisticated techniques to steal over $85 million in cryptocurrency from Phemex. Pomerium
- PowerSchool Breach: Sensitive data related to K-12 students and staff, including Social Security numbers, was accessed by threat actors. Strobes Security