Breach Breakdown - March 2025

Introducing Episode 17 of our expertly crafted series on data breaches, cyber-attacks, and more. Breach Breakdown is your go-to source for recapping incidents and staying up-to-date on the latest solutions. March saw its fair share of reported cases, with breaches affecting:

Security Flaw Exposes NHS Patient Data to Potential Cyber Threats

A newly discovered software vulnerability at Medefer, a private medical services provider handling 1,500 NHS patient referrals a month, left sensitive patient data potentially accessible to hackers. The flaw, found in November but suspected to have existed for at least six years, was linked to improperly secured APIs, which could have allowed outsiders to view patient records.

While Medefer insists there is no evidence of a data breach, cyber security experts argue that a full investigation should have been conducted immediately. The company only commissioned an external security review in late February, months after the issue was identified.

The NHS is now “looking into” the situation, stating that further action may be taken. This incident raises serious concerns about how private firms handling NHS data secure their systems and respond to potential breaches.

With cyber threats targeting healthcare at an increasing rate, this case underscores the need for rigorous security measures and immediate incident response protocols.

Unpatched Windows Zero-Day Exploited by State Hackers – What You Need to Know

A newly discovered Windows zero-day vulnerability (ZDI-CAN-25373) has been actively exploited by at least 11 state-backed hacking groups since 2017 for espionage and data theft. Despite this, Microsoft has not released a security patch, leaving Windows users exposed. Attackers use malicious shortcut (.lnk) files to disguise harmful commands, making it difficult for victims to detect the threat. For businesses, this highlights the need for proactive cyber security—ensure endpoint protection, enable Smart App Control, and avoid opening unknown files. Staying vigilant is key in an evolving cyber threat landscape.

Microsoft Warns of New Multifunctional Malware: StilachiRAT

Microsoft has identified StilachiRAT, a highly stealthy remote access Trojan (RAT) designed for system reconnaissance, credential theft, and crypto wallet attacks. It evades detection by delaying its command-and-control (C2) connections, hiding within common network traffic, and auto-reinstating if removed. This could mean an increase in the risks of data breaches, financial theft, and system compromise—especially if relying on weak cyber security measures. To protect against threats like this, enable Safe Links & Safe Attachments, deploy endpoint detection & response (EDR), and regularly update security policies. Stay proactive—cyber threats are always evolving.

Third-Party Breach Costs Infosys $17.5M

Infosys has settled a $17.5 million class action lawsuit after a 2023 cyber-attack on its subsidiary, Infosys McCamish Systems (IMS), exposed the personal data of 6.5 million individuals. The breach affected major financial firms, including Bank of America and Fidelity, highlighting the risks posed by third-party vendors. This is a critical reminder to vet suppliers’ security practices, enforce strong third-party risk management policies, and ensure robust incident response plans are in place. Cyber resilience isn’t just about your own defences—it’s about your entire supply chain.

Cyber security Shake-Up: NHS Digital Chief Warns Against NHSE Cuts

Denis Lafitte, Chief Digital Information Officer at Guy’s and St Thomas’ NHS Trust, has raised concerns over the government’s plan to dissolve NHS England (NHSE), warning that cutting its cyber security team would be a major risk. The trust was hit hard by the 2024 ransomware attack on Synnovis, which disrupted critical pathology services and delayed thousands of procedures. Lafitte stressed that NHSE’s cyber security team was “life-saving” during the crisis, providing vital monitoring and response support. With increasing cyber threats in healthcare, he urged decision-makers to maintain this essential protection for NHS trusts and frontline staff.