Extra! Extra! This week’s cybersecurity news recap is here! Let’s dive in…
Community Health Center Inc., a healthcare provider in the United States, suffered a data breach incident during January 2025, that has now been revealed to have exposed the sensitive information of over one million of their customers.
The incident involved a hacker gaining unauthorized access to the organization’s systems, giving the attacker access to customer data including names, contact information, Social Security numbers, medical and financial data, as well as COVID-19 vaccination information.
(–Source: Forbes
Read More: 1,000,000 Patients Exposed In Healthcare Provider Data Breach )
News of the new AI software developed in China, DeepSeek, has been making headlines recently, including reports of malicious attacks against the software. Previously, not much was known about the incident aside from the announcement that new user registrations had to be temporarily limited.
Now, it has been revealed that DeepSeek experienced a data leak that exposed over one million records including chat logs, system details, operational metadata, API secrets, and sensitive log streams. The database containing these records was publicly accessible to anyone on the internet due to an oversight resulting in misconfigured cloud storage. Thankfully, once the company was aware of this, they were able to secure the database within an hour.
(–Source: Forbes
Read More: DeepSeek Data Leak Exposes 1,000,000 Sensitive Records )
Security experts are voicing concerns about the potential security risks posed by the new government advisory board, the Department of Government Efficiency (DOGE) lead by Elon Musk, gaining unprecedented access to information belonging to US government departments, as the level of clearance of the DOGE team is not currently known, and neither is the level of security with which this sensitive information is being handled.
(–Source:TechCrunch
Read More: The biggest breach of US government data is under way | TechCrunch )
An in-depth investigation has been ongoing since American insurance company, Globe Life, suffered a cyberattack during the summer of 2024, and the findings indicate that the data breach may have been larger than originally thought.
At the time of the incident, it was announced that the attackers had accessed sensitive information belonging to at least 5,000 customers, with that number expected to be larger once an investigation occurred. Now, following the investigation, we have a finalized number.
Approximately 855,000 customers had their sensitive information including names, contact information, addresses, birth dates, Social Security numbers, and health and insurance information compromised in the breach. The attackers attempted to hold the information for ransom, but Globe Life refused and got federal law enforcement involved. The company is now preparing to send out a notification and provide free credit monitoring services to affected individuals.
(–Source: TechRadar Pro on MSN
Read More: Globe Life data breach may have affected 850,000 more patients than previously thought )
An undisclosed number of GrubHub customers, merchants, and drivers have had their personal information breached after unauthorized activity was detected in the food delivery service’s systems.
No information is currently known about when the attack occurred, or how many users were affected, but it is known that the information accessed by the attacker(s) includes names, contact information, and partial debit/credit card information.
(–Source: TechCrunch on MSN
Read More: Grubhub confirms data breach affecting customers and drivers )
