This week caps off our year of cyber breaches; in this week alone, we saw millions of records stolen, targeted health providers, mortgage servicers crumble, and the return of a year-old breach. ESO Solutions made the news first, reporting 2.7 million patient records stolen from their emergency response software. HealthEC was featured in our reporting soon after, announcing a 112k record data breach from their health analytics platform.

National Amusements (NA) is in Norwood, Massachusetts. They are the majority shareholder for media sources, including CBS, Viacom, and Paramount. They operate thousands of movie theaters nationwide, including Showcase SuperLux, Cinema de Lux, Showcase Cinemas, and Multiplex Cinemas. NA’s widespread ties to the entertainment and news cycles may have made it a target. In December 2022, NA suffered a network breach; its report is one of the last to appear in the final days of 2023.

LoanCare is a sub-servicing entity that assists mortgage loan providers with finance and data functions; they service over 1.5 million customers across the states and beyond. Their operations include mortgage plans via banks, credit unions, and private firms. Fidelity National Financial (FNF) is LoanCare’s parent company, which recently became embattled following a cyberattack. As a result, LoanCare borrowers may have information at risk.

Welltok provides a multi-use platform allowing institutions and individuals to manage their health and well-being. It is a third-party solution that caters to clinics, health networks, industry leaders, and private clinics. They also offer personalized resources and solutions meant to improve the health and lives of applicable patients.

HealthEC (HEC) is an analytics and AI-assisted solution that siphons all relative information about patients into cohesive packages. Their tech can identify high-risk patients and their barriers to optimal care while providing options to close these care gaps. The data comes from healthcare systems and integrates with claims data to represent the patient best.

ESO Solutions is a primary software developer and analytics platform for emergency and associated services; its programs connect emergency response agencies, fire departments, hospitals, and state response offices. ESO collects and disperses data between the services, giving responders the most complete information.

This week was devastating for data breaches. Across the US, cybercriminals stole the information of 58.4 million consumers, patients, and students. Our reports began in West Virginia, where the MOVEit breach cannibalized another 495k records from 17 hospitals. Soon after, Mr. Cooper’s breach appeared with more information about their October event—14.7 million homeowners had their data stolen.

Xfinity is the name of Comcast Communications’ internet, TV, and phone service; it is the most significant cabled internet service in the states, with more than 32 million residential customers. Available in 39 contiguous states and the capital, the service provides communication solutions for individuals, companies, institutions, and clinical networks. Xfinity’s vast influence has made them a target for cybercriminals.

We reported on Mr. Cooper—one of the nation’s largest mortgage providers—a month ago. Mr. Cooper was featured as they dealt with the throws of a cybersecurity event. The attack disrupted their networks and caused homeowners to avoid payment dues temporarily. Back then, the consequences of the attack were unclear. Subsequently, the public was left to speculate about the event’s impact. Preliminary investigations have concluded, and the impact figure is massive.

The National Student Clearinghouse (NSC) is a provider of comprehensive skill sets; they work to better prepare students for success through grade school and during the transition into the workforce. Dubbed “the K-20 to Workforce Continuum,” NSC’s services have assisted thousands of individuals in achieving academic and career distinctions. These same individuals may now be at risk for information misuse, however. The NSC is another victim of the global MOVEit data breach event.