Bunker Hill Community College (BHCC) serves a population of about 13,000 across two campuses and dispersed locations. BHCC offers over 100 degrees, including arts, sciences, business, health, law, and STEM opportunities. In May 2023, BHCC experienced a ransomware event—officials responded by taking their systems offline—but the threat was successful nonetheless. The assailants stole an estimated 195,588 records in their attack.

This week caps off our year of cyber breaches; in this week alone, we saw millions of records stolen, targeted health providers, mortgage servicers crumble, and the return of a year-old breach. ESO Solutions made the news first, reporting 2.7 million patient records stolen from their emergency response software. HealthEC was featured in our reporting soon after, announcing a 112k record data breach from their health analytics platform.

National Amusements (NA) is in Norwood, Massachusetts. They are the majority shareholder for media sources, including CBS, Viacom, and Paramount. They operate thousands of movie theaters nationwide, including Showcase SuperLux, Cinema de Lux, Showcase Cinemas, and Multiplex Cinemas. NA’s widespread ties to the entertainment and news cycles may have made it a target. In December 2022, NA suffered a network breach; its report is one of the last to appear in the final days of 2023.

LoanCare is a sub-servicing entity that assists mortgage loan providers with finance and data functions; they service over 1.5 million customers across the states and beyond. Their operations include mortgage plans via banks, credit unions, and private firms. Fidelity National Financial (FNF) is LoanCare’s parent company, which recently became embattled following a cyberattack. As a result, LoanCare borrowers may have information at risk.

Welltok provides a multi-use platform allowing institutions and individuals to manage their health and well-being. It is a third-party solution that caters to clinics, health networks, industry leaders, and private clinics. They also offer personalized resources and solutions meant to improve the health and lives of applicable patients.

HealthEC (HEC) is an analytics and AI-assisted solution that siphons all relative information about patients into cohesive packages. Their tech can identify high-risk patients and their barriers to optimal care while providing options to close these care gaps. The data comes from healthcare systems and integrates with claims data to represent the patient best.

ESO Solutions is a primary software developer and analytics platform for emergency and associated services; its programs connect emergency response agencies, fire departments, hospitals, and state response offices. ESO collects and disperses data between the services, giving responders the most complete information.

This week was devastating for data breaches. Across the US, cybercriminals stole the information of 58.4 million consumers, patients, and students. Our reports began in West Virginia, where the MOVEit breach cannibalized another 495k records from 17 hospitals. Soon after, Mr. Cooper’s breach appeared with more information about their October event—14.7 million homeowners had their data stolen.

Xfinity is the name of Comcast Communications’ internet, TV, and phone service; it is the most significant cabled internet service in the states, with more than 32 million residential customers. Available in 39 contiguous states and the capital, the service provides communication solutions for individuals, companies, institutions, and clinical networks. Xfinity’s vast influence has made them a target for cybercriminals.