North America
Another data breach strikes Texas state agencies
Another breach struck Texas state agencies, this time at the Texas General Land Office. A software misconfiguration in its online grant system exposed the personal data of more than 40,000 people. This marks the latest in a troubling string of data breaches affecting state offices, school districts, county offices and utilities.
According to the Texas Attorney General’s listing of data security incidents, the breach impacted 44,485 individuals. Exposed information includes names, addresses, Social Security numbers, identification numbers, banking details, medical information and birth dates. The issue was uncovered in late July when a user of the Texas Integrated Grant Reporting system discovered they could see other users’ information through the search function.
A spokesperson for the General Land Office confirmed the problem was fixed immediately after it was identified. However, the agency is unsure how long the misconfiguration was active or how many records may have been viewed.
SourceHow it could affect your business
This incident underscores how simple misconfigurations can expose massive amounts of sensitive data. Regular audits, monitoring and strict configuration management are essential to reduce the risk of similar exposures within your own systems.
North America
Phishing campaign mimics Google AppSheet to steal credentials
A sophisticated phishing campaign has emerged, targeting organizations that rely on Google Workspace. Attackers are sending fraudulent emails that impersonate Google’s AppSheet platform in an attempt to steal login credentials.
Discovered in August 2025, the campaign leverages fake notifications or requests that appear to come directly from AppSheet. Victims are prompted to review a project, data source or application, only to be redirected to convincing fake Google login pages. These pages are designed to mirror legitimate sign-in portals, making it extremely difficult for users to detect the deception.
State of New Jersey employees are among the many victims targeted by this campaign. The attack highlights how cybercriminals continue to exploit trusted cloud services to slip past traditional email security measures and compromise user accounts.
SourceHow it could affect your business
Social engineering attacks are increasingly targeting cloud-based SaaS platforms like Google Workspace. It is critical to understand how these attacks work and implement robust defenses to secure your SaaS applications.
North America
US HealthConnect reports cybersecurity incident impacting patient data
Earlier this month, US HealthConnect, a provider of continuing medical education and promotional education to healthcare providers, disclosed a cybersecurity incident to the Texas Attorney General. The report indicated that an unauthorized third party may have accessed sensitive personal and protected health information.
On January 25, 2025, the company identified suspicious activity within its computer network and brought in third-party cybersecurity specialists to investigate. The inquiry confirmed that an unauthorized actor had gained access to its systems and may have obtained certain data, including names and Social Security numbers.
In response, US HealthConnect enhanced its security policies and procedures, adding further administrative and technical safeguards to defend against similar threats. The organization is also offering affected individuals up to 24 months of complimentary credit monitoring and identity theft protection services.
SourceHow it could affect your business
This incident highlights the importance of proactive network monitoring. Without continuous visibility into network activity, threats can linger undetected and put your sensitive data at risk.
North America
Ransomware attack forces Uvalde School District to close schools
Alarming cyberthreats continue to emerge from the State of Texas. On September 13, the Uvalde Consolidated Independent School District canceled classes for several days following a ransomware attack.
Through a post on its Facebook page, the district confirmed that ransomware was detected on its servers, disrupting systems critical to school safety and daily operations. Impacted systems include phones, AC controls, camera monitoring, visitor management and Skyward, leaving schools without access to essential tools.
The district stated that the incident has been reported to the Federal Bureau of Investigation (FBI), its insurance cybersecurity team and other relevant agencies. A full investigation is underway to determine the source of the malware and whether sensitive information may have been compromised.
SourceHow it could affect your business
Cyberthreats are increasingly targeting educational institutions, disrupting critical systems and daily operations. A robust backup strategy with ransomware detection can help you recover swiftly and continue operations as usual.
North America
Plex suffers another data breach after the 2022 incident
The streaming giant Plex is urging its customers to reset their passwords after disclosing a new breach of one of its user databases.
In a post on September 8, Plex confirmed that attackers had stolen account information, including usernames, email addresses, scrambled passwords and unspecified authentication data. While the company stated that the passwords were unreadable to humans, it remains unclear if the stolen authentication data could be exploited to access customer accounts. This incident echoes a 2022 breach in which Plex exposed similar types of user data.
The company has advised customers to reset their passwords through Plex’s password reset form and to sign out of all connected devices as an additional precaution.
SourceHow it could affect your business
Implementing security mechanisms like multifactor authentication (MFA) can be critical in protecting your user accounts, especially when breaches expose login credentials.
Australia
NSW Health accidentally leaks data of over 600 medical staff
The New South Wales Ministry of Health (NSW Health) confirmed an accidental leak of confidential documents belonging to nearly 600 medical staff members.
The exposed data reportedly included personal details of current and former senior medical officers and other staff members. Due to an undisclosed misconfiguration on the South Eastern Sydney and Illawarra Shoalhaven local health districts’ websites, sensitive documents such as passports, driver’s licences, Medicare cards, professional credentials, registrations and work histories were accessible online.
All exposed documents have since been removed from the websites, and a full investigation is underway. NSW Health has stated that forensic analysis is being conducted to determine the extent of the incident.
SourceHow it could affect your business
Accidental exposures can be just as damaging as deliberate attacks. Organizations must control access to sensitive files and enforce strict data handling procedures and role-based access controls (RBAC).
