PA teachers union breach, Infosys settles lawsuit, Sperm bank data theft

Thu Mar 20 2025

Attackers swipe data from Pennsylvania teachers union Infosys settles $17.5M lawsuit after third-party breach Top U.S. sperm bank discloses data breach Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell...

Summary

Cyber Security Headlines - Episode Summary Hosted by CISO Series | Release Date: March 20, 2025

1. PA Teachers Union Breach

Overview: On March 20, 2025, the CISO Series reported a significant data breach involving the Pennsylvania Teachers Union. This breach affected over 500,000 individuals, compromising sensitive financial and health information.

Key Details:

Incident Date: July 6, 2024
Data Exposed: Financial records and health information of union members
Responsible Group: The Raisita ransomware gang claimed responsibility in September 2024
Response: The Pennsylvania State Education Association notified the Office of the Main Attorney General and took steps to delete the stolen data to mitigate further risks.

Notable Quote:

"The attack exposed sensitive financial and health information, prompting immediate actions to delete the stolen data," said Sean Kelly at [00:06].

2. Infosys Settles $17.5 Million Lawsuit After Third-Party Breach

Overview: Infosys Limited reached a settlement of $17.5 million in response to six class-action lawsuits filed against its subsidiary, Infosys McCamish System (IMS). The lawsuits stemmed from a data breach that occurred in late October 2024.

Key Details:

Affected Customers: 6.5 million, including clients from Fidelity Investments, Bank of America, and American Express
Compromised Data: Names, Social Security numbers, bank routing numbers, and dates of birth
Settlement Status: Pending confirmation by plaintiffs and final court approval

Notable Quote:

"Attackers were able to gain personal data of 6.5 million downstream customers," explained Sean Kelly at [02:15].

3. California Sperm Bank Discloses Data Breach

Overview: California Cryo Bank (CCB) reported an unauthorized data breach that occurred between April 20th and 22nd of the previous year. The breach potentially exposed sensitive customer information.

Key Details:

Data Accessed: Names, Social Security numbers, driver's license numbers, financial account numbers, and health insurance information
Response Measures: CCB isolated affected systems promptly and offered 12 months of identity protection and fraud assistance to victims
Affected Individuals: Exact number undisclosed

Notable Quote:

"We promptly isolated the affected systems to prevent further unauthorized access," stated Sean Kelly at [04:40].

4. IBM Warns of Critical Vulnerabilities in AIX

Overview: IBM issued warnings regarding two critical vulnerabilities in its Advanced Interactive Executive (AIX) operating system, urging immediate patching to prevent exploitation.

Key Details:

Vulnerability Severity: One flaw has a maximum severity score of 10
Impact: Allows remote attackers to execute arbitrary commands
Affected Versions: AIX 7.2 and 7.3
User Base: Approximately 9,000 organizations, particularly in high-value industries

Notable Quote:

"Both flaws are caused by improper process controls and allow remote attackers to execute arbitrary commands," highlighted Sean Kelly at [06:10].

5. PHP Flaw Continues to Make Cyber News by Being Exploited

Overview: A persistent security flaw in PHP is being actively exploited to distribute cryptocurrency miners and remote access trojans, posing significant threats to Windows-based systems running in CGI mode.

Key Details:

Nature of Vulnerability: Argument injection
Exploitation Regions: Taiwan, Hong Kong, Brazil, Japan, and India
Recommendations: Update PHP installations to the latest versions to mitigate risks

Notable Quote:

"Exploitation attempts against the vulnerability have surged, particularly in regions like Taiwan and Brazil," mentioned Sean Kelly at [05:25].

6. Arcane Infostealer Infects Users via Game Cheats

Overview: Kaspersky researchers identified Arcane, an information-stealing malware targeting VPN credentials, gaming clients, messaging apps, and browser-stored data. The campaign primarily affects users in Russia, Belarus, and Kazakhstan.

Key Details:

Distribution Method: Fake software downloader named Arcana Loader, promoted on YouTube and Discord
Timeline: Campaign initiated in November 2024
Unique Aspect: Targets users in regions typically avoided by Russian-based threat actors

Notable Quote:

"Arcana Loader has been heavily promoted by content creators, making it a widely distributed threat," explained Sean Kelly at [06:50].

7. Scareware Combined with Phishing Targets macOS Users

Overview: Layer X, an Israeli cybersecurity firm, reported a shift in scareware phishing campaigns from Windows to macOS, following enhanced anti-scareware measures in mainstream browsers.

Key Details:

Original Target: Windows users
Current Target: macOS users, specifically using Safari
Attack Mechanism: Fake Microsoft security alerts and tailored phishing pages
Impact: Instructs users to provide Windows or macOS credentials to malicious phishing sites

Notable Quote:

"Recent improvements have forced threat actors to adapt their focus towards macOS users," noted Sean Kelly at [07:30].

8. Browser Phishing Attacks Increase by 140%

Overview: A Menlo Security report highlighted a dramatic 140% increase in browser-based phishing attacks in 2024, reaching a total of 752,000 incidents. The surge is attributed to AI-driven phishing techniques and exploitation of enterprise browsers.

Key Details:

Evasive Techniques: Fileless malware and memory-only payloads
Defense Recommendations: Implement secure cloud browsing solutions and AI-enhanced threat detection tools to counter sophisticated phishing campaigns

Notable Quote:

"Artificial intelligence-driven phishing techniques have significantly contributed to the rise in browser-based attacks," stated Sean Kelly at [08:00].

Conclusion

In this episode of Cyber Security Headlines, Sean Kelly provided an in-depth analysis of several high-profile data breaches, emerging vulnerabilities, and evolving cyber threats. From significant breaches affecting educational and financial institutions to the rise of sophisticated phishing attacks targeting both Windows and macOS users, the episode underscores the ever-changing landscape of cybersecurity challenges. Kelly emphasized the importance of timely updates, robust security measures, and advanced threat detection to safeguard sensitive information in an increasingly digital world.

For more detailed stories and daily updates in the world of information security, visit CISOseries.com.

Summary

Cyber Security Headlines - Episode Summary Hosted by CISO Series | Release Date: March 20, 2025

1. PA Teachers Union Breach

Key Details:

Incident Date: July 6, 2024
Data Exposed: Financial records and health information of union members
Responsible Group: The Raisita ransomware gang claimed responsibility in September 2024
Response: The Pennsylvania State Education Association notified the Office of the Main Attorney General and took steps to delete the stolen data to mitigate further risks.

Notable Quote:

"The attack exposed sensitive financial and health information, prompting immediate actions to delete the stolen data," said Sean Kelly at [00:06].

2. Infosys Settles $17.5 Million Lawsuit After Third-Party Breach

Key Details:

Affected Customers: 6.5 million, including clients from Fidelity Investments, Bank of America, and American Express
Compromised Data: Names, Social Security numbers, bank routing numbers, and dates of birth
Settlement Status: Pending confirmation by plaintiffs and final court approval

Notable Quote:

"Attackers were able to gain personal data of 6.5 million downstream customers," explained Sean Kelly at [02:15].

3. California Sperm Bank Discloses Data Breach

Key Details:

Data Accessed: Names, Social Security numbers, driver's license numbers, financial account numbers, and health insurance information
Response Measures: CCB isolated affected systems promptly and offered 12 months of identity protection and fraud assistance to victims
Affected Individuals: Exact number undisclosed

Notable Quote:

"We promptly isolated the affected systems to prevent further unauthorized access," stated Sean Kelly at [04:40].

4. IBM Warns of Critical Vulnerabilities in AIX

Overview: IBM issued warnings regarding two critical vulnerabilities in its Advanced Interactive Executive (AIX) operating system, urging immediate patching to prevent exploitation.

Key Details:

Vulnerability Severity: One flaw has a maximum severity score of 10
Impact: Allows remote attackers to execute arbitrary commands
Affected Versions: AIX 7.2 and 7.3
User Base: Approximately 9,000 organizations, particularly in high-value industries

Notable Quote:

"Both flaws are caused by improper process controls and allow remote attackers to execute arbitrary commands," highlighted Sean Kelly at [06:10].

5. PHP Flaw Continues to Make Cyber News by Being Exploited

Key Details:

Nature of Vulnerability: Argument injection
Exploitation Regions: Taiwan, Hong Kong, Brazil, Japan, and India
Recommendations: Update PHP installations to the latest versions to mitigate risks

Notable Quote:

"Exploitation attempts against the vulnerability have surged, particularly in regions like Taiwan and Brazil," mentioned Sean Kelly at [05:25].

6. Arcane Infostealer Infects Users via Game Cheats

Key Details:

Distribution Method: Fake software downloader named Arcana Loader, promoted on YouTube and Discord
Timeline: Campaign initiated in November 2024
Unique Aspect: Targets users in regions typically avoided by Russian-based threat actors

Notable Quote:

"Arcana Loader has been heavily promoted by content creators, making it a widely distributed threat," explained Sean Kelly at [06:50].

7. Scareware Combined with Phishing Targets macOS Users

Overview: Layer X, an Israeli cybersecurity firm, reported a shift in scareware phishing campaigns from Windows to macOS, following enhanced anti-scareware measures in mainstream browsers.

Key Details:

Original Target: Windows users
Current Target: macOS users, specifically using Safari
Attack Mechanism: Fake Microsoft security alerts and tailored phishing pages
Impact: Instructs users to provide Windows or macOS credentials to malicious phishing sites

Notable Quote:

"Recent improvements have forced threat actors to adapt their focus towards macOS users," noted Sean Kelly at [07:30].

8. Browser Phishing Attacks Increase by 140%

Key Details:

Evasive Techniques: Fileless malware and memory-only payloads
Defense Recommendations: Implement secure cloud browsing solutions and AI-enhanced threat detection tools to counter sophisticated phishing campaigns

Notable Quote:

"Artificial intelligence-driven phishing techniques have significantly contributed to the rise in browser-based attacks," stated Sean Kelly at [08:00].

Conclusion

For more detailed stories and daily updates in the world of information security, visit CISOseries.com.

wavePod

PA teachers union breach, Infosys settles lawsuit, Sperm bank data theft

Powered by Wave AI

Summary

1. PA Teachers Union Breach

2. Infosys Settles $17.5 Million Lawsuit After Third-Party Breach

3. California Sperm Bank Discloses Data Breach

4. IBM Warns of Critical Vulnerabilities in AIX

5. PHP Flaw Continues to Make Cyber News by Being Exploited

6. Arcane Infostealer Infects Users via Game Cheats

7. Scareware Combined with Phishing Targets macOS Users

8. Browser Phishing Attacks Increase by 140%

Conclusion

Summary

1. PA Teachers Union Breach

2. Infosys Settles $17.5 Million Lawsuit After Third-Party Breach

3. California Sperm Bank Discloses Data Breach

4. IBM Warns of Critical Vulnerabilities in AIX

5. PHP Flaw Continues to Make Cyber News by Being Exploited

6. Arcane Infostealer Infects Users via Game Cheats

7. Scareware Combined with Phishing Targets macOS Users

8. Browser Phishing Attacks Increase by 140%

Conclusion