A new analysis of data breaches in the United Kingdom's legal sector shows that organizations need to be looking inward more and look for ways to elevate the security awareness of employees. There’s so much focus on external cybercriminal activity, we often forget about the actions of internal employees that often facilitate a data breach.

Academy Mortgage Corporation (AMC) is a nationwide mortgage lender and home loan estate professional group. The organization has over 200 branches throughout the US and numerous loan, mortgage, and financing options. In March 2023, AMC officials discovered a breach within their system network; the threat actor accessed and deactivated some of their securities, putting employees and borrowers at risk for compromised data.

The Harris Center for Mental Health and Intellectual and Developmental Disabilities (IDD) has six regional locations and assists those with behavioral health and developmental needs. Every year, they serve thousands within Harris County and deliver over a million services nationwide. In November, Harris experienced a network disruption; an unauthorized actor accessed and compromised the data of 238,463 individuals within Harris’ network.

Singing River Health System (SRHS) is a healthcare network located in the tail of Mississippi (and northern Alabama). They provide a comprehensive network of medical services for residents, including cancer, emergency, hospice, pediatrics, and urgent care. SRHS’ emergency departments at Gulfport Hospital, Ocean Springs Hospital, and Pascagoula Hospital serve over 100,000 patients yearly.

This week’s featured cyber incidents included a combined 2.3 million, although one event remains under investigation. The week began with an update from the Edmonds School District regarding their January 2023 breach, which exposed 145,844 individuals. Three other breaches also updated information; NASCO led the group with an update on their 1.6 million breach stemming from MOVEit.

NASCO provides various healthcare solutions to serve Blue Cross and Blue Shield members. They offer a comprehensive portfolio of services and use industry insights to project the needs of their 20 million clients. Thanks to third-party vendors specializing in unique services, NASCO can serve millions of individuals. Progress Software’s MOVEit tool was one of these specialized vendors. The tool allows for streamlined file management and was used globally as a multi-industry option.

Cooper Aerobics is a health and lifestyle entity concerned with providing comprehensive wellness solutions. As a business organization, their brand includes The Cooper Institute, a Clinic, a Fitness Center, a Spa, a Vitamin line, Wellness Strategies, and a Hotel.

Electrostim Medical Services Inc. (EMSI) is a healthcare servicer in Tampa, Florida. They create and disperse home electrical stimulation devices, brace accessories, pain management solutions, and physical rehabilitation tools. They offer a range of products, from wearable, flexible garments to electrotherapy devices for pain relief. EMSI serves over 70,000 patients and employs another 400 from the Tampa Bay area.