Major Data Breaches & Hacking News in February 2025

Description: NorthBay Healthcare Corporation, a nonprofit health care system that operates two hospitals — NorthBay Medical Center & NorthBay VacaValley Hospital — and multiple primary care locations in California.

Breach Size: 569,012 people

Data Exposed: NorthBay Healthcare recently announced a massive breach, revealing that 569,012 individuals had their personal and medical information exposed in a cyberattack that went unnoticed for months. The stolen data includes names, birth dates, Social Security numbers, passport and driver’s license information, medical and health insurance data, financial account details, and credit/debit card information including PINs and security codes.

Organization Description: Hospital Sisters Health System, or HSHS, is a nonprofit health care system that operates hospitals and health care facilities in Illinois and Wisconsin

Breach Size: 882,782 people

Data Exposed: A massive data breach exposed the personal and health information of 882,782 individuals. The cyberattack disrupted computer systems, phone lines, and patient portals for days, preventing online payments and access to medical records. Stolen data included names, Social Security numbers, medical record numbers, and insurance details. While no confirmed fraud cases have been reported, patients received scam calls and emails posing as HSHS representatives.

Organization Description: Globe Life is one of the largest providers of life and health insurance plans in the United States.

Breach Size: 850,000 people

Data Exposed: Globe Life has concluded its investigation into a data breach that occurred in June 2024, revealing that the incident may have impacted an additional 850,000 customers — a significant increase from the initial estimate of about 5,000 individuals. The recent findings confirmed that the June 2024 cyberattack may have exposed highly sensitive information, including Social Security numbers, health data, and insurance details.

Organization Description: Scholastic Corporation is a multinational publishing, education, and media company.

Breach Size: 8 million people

Data Exposed: The personal data of 8 million people including parents, teachers, and students has been exposed during a recent data breach. The stolen information includes names, emails, phone numbers, and addresses, as well as over 1 million education contacts tied to schools. While the hacker claims the breach was “for fun” and assures that the data won't be published, its authenticity has been confirmed.

Organization Description: Wolf Haldenstein Adler Freeman & Herz LLP is an American law firm founded in 1888 that operates multiple offices across the United States.

Breach Size: 3,445,537 people

Data Exposed: A significant data breach at Wolf Haldenstein Adler Freeman & Herz LLP, has compromised the personal information of over 3.4 million individuals. Hackers gained access to sensitive data, including Social Security numbers, medical records, and more. The firm has not explicitly stated whether the exposed data belonged to clients, employees, or other individuals who had their information stored on its servers.