We are barely a couple of months in 2025, but this year he has already seen several data violations that affect the personal information of millions of people, including everything, from student records to telephone data and confidential health information.
Last year, 2024, Sierra More than one billion stolen records. If the first two months of this year are something to go through, 2025 seems to be an unprecedented year for data violations.
Powerschool’s rape probably affects dozens of millions of students and teachers
The Violation of the ED-TEC Powerschool giant is one of the greatest infractions of students’ data in recent history. While we still don’t know exactly how many records were stolen (Powerschool has repeatedly refused to reveal this figure), The reports claim that the violation affected more than 62 million students and 9.5 million teachers in the United States.
Powerschool, which provides K-12 software to more than 18,000 schools in North America, First revealed data violation In January. At that time, Powerschool said that unidentified computer pirates used a single credential committed to access their customer service portal, giving access to data wealth in their school information system, Powerschool SIS, which schools use to administer students’ records.
Computer pirates accessed confidential personal information, including students’ qualifications, medical information and social security numbers. Multiple schools affected by rape have told TechCrunch that other highly confidential information, including Highly sensitive student dataIncluding information on restriction orders, it was accessed.
Powerschool has not confirmed or denied the figure of 62 million reported, but various files They have confirmed that millions of people were affected by rape. A presentation before the Texas Attorney General revealed that almost 800,000 state residents stole his data, while the Rochester City school district confirmed that 134,000 students are affected.
Powerschool recently confirmed Techcrunch that Around 16,000 people in the United Kingdom also stole data. In the gap.
Musk’s Dogs Access represents a great commitment to the Federal Government of the United States.
The first weeks of the Trump administration saw a different type of violation, and one that will probably become history as the The biggest commitment of the United States government data.
People who work for Elon Musk, who are behind the so -called Efficiency Department of the Trump administration government, or Doge, took control of the main departments and federal data sets to access huge federal confidential data thorios. Dux – composed of Mostly employees of the private sector of Musk’s own businesses – He seized broad access to critical payment systems of the US government. UU. Contains the personal information of millions of Americans and responsible for paying billions of dollars each year.
Since then, a coalition of more than a dozen US states. filed a lawsuit To block the Musk cost cutters equipment to access government systems that contain the personal data of Americans. More than 100 current and previous federal officials have also sued the Duxt agency. to access the records of the sensitive personnel of the Americans without adequate authorization.
Community Health Center, a non -profit health provider based in Connecticut, said in January Hacker had accessed the confidential data of more than one million patients..
ChC, which provides services, including health abuse and substances based on school, said the nameless hacker committed its network on January 2 to steal the personal data of patients and delicate health information. These data include patient addresses, telephone numbers, diagnoses, treatment details, test results, social security numbers and health insurance information.
Stalkerware Apps Cocospy, Spyic and Spyzie exhibit telephone data from millions of people
A trio of stalkerware applications presented the personal data of millions of people who, without knowing it, have them planted on their devices, A security researcher revealed Techcrunch In February.
The three applications – Cocospy, spiritand Spy – All share the same security vulnerability that allows anyone to access personal data, including messages, photos and call records, from devices that have installed applications, usually without the knowledge of device owners.
The easy to exploit error also exposes the email addresses of the people who were recorded in Stalkerware applications. That allowed a security researcher to scrape the email addresses of around 3.2 million email addresses from Cocospy, Spyic and Spyzie, which was provided to the infringement notification site have presented me.
The DISA American employee detection service confirms that rape affects more than 3 million people
DISA, a Texas -based employee detection service provider, including drugs and alcohol tests and background verifications, confirmed in February a massive data violation that occurred almost a year earlier in April 2024.
In a presentation before Maine’s attorney general, Disa said the rape affected more than 3.3 million people who had undergone employee detection tests. While the company said that its internal research “could not definitively conclude” what specific data were stolen, a separate presentation in the state of Massachusetts confirms that social security numbers, financial information and identity documents issued by the Government are among the stolen data.
Disa blamed the violation of an unidentified hacker, which had access to a part of the company’s network for more than two months before they were noticed.