PowerSchool, a widely used cloud-based and on-premises platform, experienced a data breach reported on December 28, 2024. The platform helps K-12 schools manage student and teacher information, including Personally Identifiable Information (PII), attendance records, grades, medical information, and Social Security numbers. The breach affected both cloud and on-premises customers after a compromise of maintenance account credentials allowed the threat actor to exfiltrate sensitive data.

In 2024, the public sector faced a number of data breaches, highlighting the vulnerability of government agencies and public institutions in the face of evolving cyber threats. From leaked sensitive data to ransomware attacks targeting critical infrastructure, these incidents exposed significant gaps in cybersecurity measures. As cybercriminals grow more sophisticated, the stakes for protecting personal and national data have never been higher.

Third-party incidents, critical infrastructure threats and regulatory fines for cyber attacks have all risen in 2024. Here’s how to avoid them in 2025. With over one billion records exposed and over $1 billion in regulatory fines issued, 2024 was a record-breaking year for data breaches - in more ways than one.

While cyber criminals continue to devise ever more creative ways to get into systems, the outcomes of repeat like a broken record: stolen data and lost money. It happened in again and again this year, but our pick proves the stakes are only getting higher with time. We'll explain the logic behind the list, impacts felt, and key takeaways.

The U.S. Department of the Treasury suffered a major security incident when a Chinese threat actor compromised its third-party cybersecurity service BeyondTrust. The attackers obtained an API key that allowed them to bypass security measures and access unclassified documents.

Founded in 2018, MC2 Data is based in Florida and specializes in background check services. MC2 aggregates data from several records to provide background check services to landlords, employers, and other organizations. The company is said to operate other services, including PeopleSearch USA, PrivateReports, PrivateRecords.net, PeopleSearcher, and ThePeopleSearchers.

Data is everywhere in the digital realm, on cell phones, tablets, PCs, and Macs. Even smart TVs, game controllers, and home appliances have data now. With too much data being generated, should we protect all of this content or specific items relevant to protecting their personal security? Everyone using smart devices must understand how data is generated and how long we should keep the data. How can you determine if someone has compromised your data?

It’s 10:47 PM, and I’m halfway through binge-watching the latest must-see series when my phone buzzes. A notification from SecurityScorecard has my attention instantly: one of our critical vendors has just reported a breach. I hit pause, grab my laptop, and dive straight in. As much as I’d love to ignore it for a few hours, cyber risks don’t come with snooze buttons. Before panic sets in, I’m logging into the SecurityScorecard platform.

Data leaks sites (DLSs) commonly debut with a small number of claimed victims. When Cyjax discovered them, newly found DLSs for extortion groups FunkSec and Kairos claimed 11 and six victims, respectively. In contrast, a newly identified possible extortion group which aptly calls itself ’LeakedData’ has emerged onto the scene with an alleged total of 41 victims.

Delta Dental is a dental insurance provider serving over 90 million Americans. It offers coverage in all 50 states, Puerto Rico, and Washington, D.C. The company was established in 1966 in California as part of the Delta Dental Plans Association. It currently has a network of 39 independent Delta Dental companies with almost 3,000 employees.