PrivacySignal
Breach

Marlboro-Chesterfield Pathology Agrees to Settle Lawsuit Over 2025 Ransomware Attack

HIPAA Journal · · US Federal · Data Breaches

Marlboro-Chesterfield Pathology, a molecular, cytology, and pathology lab based in Pinehurst, North Carolina, has agreed to settle a class action lawsuit stemming from a ransomware attack that occurred in 2025. The settlement resolves claims brought by patients whose data was potentially exposed in the breach.

Why this matters: Pathology labs hold some of the most sensitive medical data that exists — tissue samples, cancer diagnoses, genetic results, the kind of information people barely want to say out loud. When that data gets stolen, patients do not just face spam. They face potential exposure of conditions they may not have shared with anyone. A settlement means the lab avoids a full legal reckoning. It also means patients get something, but rarely enough to reflect what it actually costs to have your most private health details taken. The real accountability question is whether labs handling this kind of data are building security proportionate to the risk, or just hoping ransomware finds someone else first.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · Healthcare professionals

This summary is AI-assisted and may contain errors. It is an original briefing to help you gauge significance quickly — not a reproduction of the source. Always read the linked original before relying on it. See our methodology.

Related stories

Breach
BleepingComputer · · International

Lidl discloses online shop breach after service provider hack

Lidl has notified customers in Germany, Belgium, and the Netherlands that their personal data was stolen through a breach at a third-party service provider. The discount supermarket chain disclosed the incident after attackers compromised the external vendor rather than Lidl's own systems.

Who should care: Cybersecurity · Privacy officers · Administrators · General readers · Policy

#breach#privacy Read original →
Breach
BleepingComputer · · International

Breach at the Beach: Play the Ultimate Entra ID CTF

Learn how attackers abuse Entra ID through a free hands-on Capture the Flag. Varonis created the Breach at the Beach CTF to teach defenders how to investigate Entra ID attack techniques using realistic scenarios. [...]

Who should care: Cybersecurity · Privacy officers · Administrators

Breach
HIPAA Journal · · US Federal

California Gay & Lesbian Services Center Data Breach Affects 75,500 Individuals

The Gay & Lesbian Community Services Center of Orange County, California, has disclosed a data breach affecting approximately 75,500 individuals. The organization provides mental health services, HIV testing, education, and outreach to its community.

Who should care: Cybersecurity · Privacy officers · Administrators · Healthcare professionals · Compliance

#breach#healthcare Read original →
Breach
DataBreaches.net · · International

Armenian National Extradited to the United States Pleads Guilty to Ransomware Extortion Conspiracy

PORTLAND, Ore.— An Armenian national extradited from Ukraine to the United States pleaded guilty yesterday for his role in Ryuk ransomware attacks and an extortion conspiracy targeting companies throughout the United States, including a technology company operating in Oregon. Karen Serobovich Vardanyan, 34, pleaded guilty to conspiracy and computer fraud. According to court documents, between... Source

Who should care: Cybersecurity · Privacy officers · Administrators

#breach#security Read original →
Breach
DataBreaches.net · · International

Ransomware negotiator who conspired with BlackCat threat actors sentenced to 70 months in prison

Jon Brodkin reports that a third co-conspirator who helped BlackCat attackers by giving them inside information on victims’ defense strategies has now been sentenced. A former ransomware negotiator was sentenced to 70 months in prison yesterday after colluding with BlackCat scammers to extort the victims he was hired to protect. As a ransomware negotiator for the company DigitalMint,... Source

Who should care: Cybersecurity · Privacy officers · Administrators

#breach#security Read original →
Breach
DataBreaches.net · · International

TikTok class action alleges data breach affected 2.4B users

A California man filed a federal class action lawsuit against TikTok on June 11, 2026, alleging a data breach exposed personal information belonging to more than 2.4 billion users globally. The complaint claims TikTok stored user data without encryption and failed to implement basic security measures.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · General readers · Policy

#breach#enforcement#privacy Read original →