February 2025 saw a series of high-impact data breaches affecting industries ranging from healthcare and finance to cloud services and government agencies. These incidents exposed sensitive data, disrupted operations, and highlighted the persistent risks organisations face daily.
Here’s a closer look at some of the most notable breaches this past month and key takeaways for strengthening security postures.
Healthcare Under Attack: The Genea Fertility Clinic Breach
A cyberattack on Genea, a leading Australian IVF and fertility services provider, has allegedly resulted in sensitive patient data being leaked on the dark web. The attack, attributed to the Termite ransomware group, led Genea to obtain a court injunction criminalising access to the breached data.
The breach, detected on February 14, exposed 940.7GB of patient information, including names, dates of birth, Medicare numbers, medical histories, diagnoses, treatments, test results, and contact details. Financial data was not confirmed to be compromised.
Genea informed patients of the attack on February 21 but has not yet specified which individuals were affected.
Genea is working with cybersecurity authorities and government agencies while continuing its investigation. The Termite ransomware group has previously targeted multiple sectors across various countries, using encryption tactics and ransom demands via the dark web.
Financial Sector Breach: TD Bank Compromised
TD Bank has confirmed a data breach involving a former employee who accessed and shared customer information, including names, contact details, birth dates, account numbers, and transaction details. While Social Security numbers and passwords were not compromised, the breach still poses risks of fraud and identity theft.
To support affected customers, TD Bank is offering two years of free identity protection through the Fraud-Defender program. Customers are advised to unroll in the program, monitor their accounts for suspicious activity, update passwords, enable multi-factor authentication, and check credit reports for unauthorised changes.
Placing fraud alerts or credit freezes can provide additional security, while staying vigilant against phishing scams is crucial. Those seeking long-term protection may consider identity theft insurance. To stay informed, customers should follow TD Bank’s official updates for any new security measures.
Cloud Security Concerns: Alibaba Cloud Vulnerability
A critical security vulnerability was discovered in Alibaba Cloud OSS, allowing unauthorised users to upload data due to a misconfigured HTTP PUT method. Security researcher Muhammad Waseem identified the issue during routine web browsing when a 403 Forbidden response hinted at restricted access to Alibaba Cloud OSS resources. Using the Wappalyzer extension, he confirmed the platform as Alibaba OSS and intercepted the request with Burp Suite.
By modifying the PUT request, he successfully uploaded a test JSON file and received a 200 OK response, confirming the misconfiguration. The uploaded file was publicly accessible, demonstrating the exploitability of the flaw.
This vulnerability enables attackers to store malicious content, exfiltrate sensitive data, or overwrite critical files, leading to operational disruptions. If combined with read-access misconfigurations, it could result in severe data breaches, exposing sensitive information.
Orange Group Data Breach
The Orange Group data breach exposed 600,000+ records after hacker Rey leaked internal data from Orange Romania following a failed ransom demand. The attacker remained undetected for over a month, stealing 6.5GB of data in just three hours, including customer and employee PII, financial records, and source code.
Orange confirmed the breach but downplayed its impact, calling it a non-critical back-office incident. However, the company’s security failures highlight major gaps in threat detection and incident response. The breach raises concerns about telecom cybersecurity standards, as real-time detection mechanisms failed to flag unauthorized access.
With regulatory scrutiny under GDPR and potential legal claims looming, this incident underscores the need for stronger security measures in the telecom industry.
DecisionFi Data Breach Exposed
DecisionFi LLC has disclosed a data breach, detected on January 15, 2025, and officially reported on February 21, 2025. An unauthorized user accessed sensitive consumer data through a web application. By January 28, the company identified the affected files and individuals. DecisionFi has since notified impacted consumers, though the exact data compromised remains unspecified.
The firm has strengthened its security and advised affected individuals to monitor financial activity and consider fraud alerts or credit freezes. This breach underscores the growing cybersecurity risks in the financial technology sector, which has faced increasing legal and financial consequences from such incidents.
Freddie Mac Data Breach Exposes Sensitive Consumer Information
Freddie Mac has disclosed a major data breach, exposing consumer names and Social Security numbers. Reported on February 19, 2025, the full scope and origin of the breach remain unknown. The company has launched an internal investigation and is notifying affected individuals, advising them to monitor financial accounts for unauthorised transactions.
Consumers are also urged to check their credit reports and consider fraud alerts or credit freezes to prevent identity theft. This incident highlights the ongoing cybersecurity risks in the financial sector, as institutions face increasing challenges in safeguarding consumer data. In 2024, several major breaches resulted in costly settlements, emphasizing the need for stronger security measures.
As cyber threats continue to evolve, financial organizations must enhance their defenses to protect sensitive information. The breach serves as a reminder of the growing risk of cyberattacks and the importance of proactive security strategies.
Conclusion:
These incidents serve as a reminder that cybersecurity risks are constantly evolving. Organisations must take a proactive approach to safeguarding their data and systems. Implementing strong security practices, conducting frequent assessments, and staying informed about emerging threats can make a significant difference in preventing breaches.
For expert guidance on strengthening your security posture, Strobes offers tailored solutions to help businesses identify and mitigate cyber risks effectively.
