Data Breach Report: January 2025 Edition

January 2025 has already proven to be a stark reminder of the ever-present threat of data breaches, with a disturbing wave of incidents impacting millions of individuals and organizations across various sectors. From healthcare providers and law firms to global corporations and government agencies, the past month has exposed vulnerabilities and highlighted the critical need for robust cybersecurity measures.

This month’s data breach report delves into the most significant incidents of January 2025, examining the scale of each breach, the types of data exposed, and the potential implications for those affected.

In January 2025, Gravy Analytics suffered a significant data breach that exposed the personal information of millions of people worldwide. The breach occurred when a hacker exploited a compromised credential to access Gravy’s cloud storage on Amazon’s servers.

Scale of the Breach: While the full extent is still under investigation, reports suggest the breach could involve the location data of millions of individuals. Gravy Analytics is known to track over a billion devices globally, collecting over 17 billion signals from smartphones daily.

Type of Data Exposed: The exposed data includes precise location data points, revealing exactly where people have been, lived, worked, and traveled.

Cause of the Breach: The breach was reportedly caused by a “misappropriated key” that allowed unauthorized access to Gravy Analytics’ AWS cloud storage environment.

Globe Life Inc., the parent company of American Income Life Insurance Company, disclosed a significant data breach in January 2025.This breach, initially reported in mid-2024, affected approximately 850,000 individuals, a substantial increase from the initial estimate of 5,000.

Scale of the Breach: The breach affected around 850,000 individuals, significantly more than the initially estimated 5,000.

Type of Data Exposed: The exposed data included names, Social Security numbers, contact details, dates of birth, health information, and insurance details.

Cause of the Breach: The breach, discovered on June 13, 2024, involved unauthorized access to databases maintained by a few independent agency owners.

SEC filing: https://www.sec.gov/ix?doc=/Archives/edgar/data/320335/000032033525000004/gl-20241017.htm

Conduent, a major business process outsourcing and IT services provider experienced a significant cybersecurity incident in January 2025. This incident caused disruptions to services across multiple states, particularly affecting government agencies and their ability to process payments and provide essential services.

Scale of the Breach: It’s unclear how many individuals were directly affected, but the incident disrupted services in at least four states, suggesting a potentially large-scale impact. Conduent handles data for numerous government agencies, so the potential reach is significant.

Type of Data Exposed: Conduent provides services related to child support, food assistance, and other social programs. This means they likely handle sensitive personal information, including: Names, Social Security numbers, Addresses, Dates of birth, Financial information, Possibly health information in some cases.

Cause of the Breach: Conduent only stated that the disruptions were caused by a “cybersecurity incident.” They haven’t provided details about the specific attack vector.

The International Civil Aviation Organization (ICAO), responsible for setting global aviation standards, suffered a data breach in January 2025, impacting nearly 12,000 individuals. This breach raises serious concerns, as the compromised data included records from key aviation regulatory bodies. Experts suggest the motive may extend beyond financial gain to espionage, targeting individuals with critical knowledge of aviation safety protocols and systems.

Scale of the Breach: Initially, a hacker claimed to have accessed 42,000 sensitive documents. After investigation, ICAO confirmed that nearly 12,000 individuals were affected.

Type of Data Exposed: The compromised data included personally identifiable information (PII) of job applicants from 2016 to 2024. This PII included names, email addresses, dates of birth, and employment history.

Cause of the Breach: The attack was reportedly executed through an SQL Injection vulnerability in a web application.

Official Statement: https://www.icao.int/Newsroom/Pages/ICAO-statement-on-reported-security-incident.aspx

Community Health Center, Inc. (CHC), a non-profit healthcare provider in Connecticut, suffered a significant data breach in January 2025, impacting over one million individuals. CHC detected unauthorized network activity and confirmed data exfiltration. This breach puts individuals at risk of identity theft, financial fraud, and potential misuse of their medical information.

Scale of the Breach: The breach affected approximately 1,060,936 individuals, including current and former patients and those who received COVID tests or vaccines at CHC clinics.

Type of Data Exposed: The compromised data included a wide range of sensitive personal, financial, and health information.

Cause of the Breach: CHC detected unusual activity on its computer network on January 2, 2025, indicating a potential data breach. An investigation revealed that an unauthorized third party had gained access to their systems and potentially copied files containing sensitive information.

Data Breach Notification: https://www.maine.gov/cgi-bin/agviewerad/ret?loc=1849

HCF Management, which operates 31 long-term care facilities in Ohio and Pennsylvania, suffered a significant data breach in 2024 that came to light in January 2025 as they have started sending letters to thousands of patients informing them of a data breach that gained access to their names, dates of birth, Social Security numbers, and other sensitive information.

Scale of the Breach: Approximately 70,000 residents of HCF Management-operated facilities were affected. The breach impacted residents across multiple facilities, including HCF Corry Manor, HCF Warren Manor, HCF Shawnee Manor, and HCF Edinboro Manor.

Type of Data Exposed: The compromised data included a variety of sensitive personal and medical information.

Cause of the Breach: The breach was the result of a cyberattack where hackers gained access to HCF Management’s network. The intrusion was detected on October 3, 2024, but the investigation revealed that the network had been infiltrated as early as September 17, 2024.

The law firm Wolf Haldenstein experienced a substantial data breach in January 2025, impacting approximately 3.4 million individuals. The breach, discovered in December 2023 but disclosed later, exposed highly sensitive personal and protected health information.

Scale of the Breach: The breach affected approximately 3.4 million individuals, making it one of the largest data breaches to occur at a law firm.

Type of Data Exposed: The compromised data included sensitive personal and protected health information (PHI),

Cause of the Breach: The law firm detected suspicious activity in its network environment on December 13, 2023. An investigation revealed that an unauthorized actor had gained access to certain files and data stored within the network.