Fintech firm Marquis notifies affected business after ransomware breach

Texas based fintech firm Marquis is notifying U.S. banks and credit unions after a ransomware attack in August allowed an intruder to exploit a SonicWall firewall vulnerability and access internal files. Regulatory filings say the exposed data may include names, contact details, dates of birth, Social Security and taxpayer IDs, and limited financial account information belonging to customers of Marquis’ clients. The company is now sending notices on behalf of current and former customers while stating it has no evidence of misuse so far.

Pro Medicus Confirms Isolated Cybersecurity Incident

Medical imaging software company Pro Medicus confirmed that an attacker gained unauthorized access to a single employee email inbox in July 2025. An investigation with outside experts concluded the incident did not affect client systems, patient data, or core product databases, but personal information for about 100 current and former employees may have been exposed. The firm says the breach was contained, operations were not disrupted, and affected individuals have been notified and offered support.

Data Breach at Atenção Primária à Saúde Brazil: What You Need to Know

A U.S. law firm announced it is investigating a data breach involving Atenção Primária à Saúde Brazil, saying unauthorized parties accessed sensitive databases on December 4, 2025. Details on the intrusion are still emerging, but the firm indicates that personal information for patients may have been compromised and is preparing potential class action litigation. Individuals who received breach notices are being urged to review their options and take steps to monitor for misuse of their data.

Telecom Industry Fears High Costs Due To Cybersecurity Regulation

Industry group GSMA warns that poorly designed cybersecurity regulations are driving up costs for mobile operators without necessarily improving security outcomes. The group estimates operators currently spend 15–19 billion dollars annually on cybersecurity and could be forced to spend as much as 40–42 billion dollars by 2030 under increasingly complex and inconsistent rules. The report urges regulators to focus on harmonized, risk based requirements so that spending goes toward real threat mitigation instead of compliance overhead.

Why OpenAI’s data breach matters for maritime

This article examines OpenAI’s recently disclosed data breach, which stemmed from a compromise at third party analytics provider Mixpanel that exposed some ChatGPT API users’ personal data such as names, emails, approximate location, and device details. It explains that although no chats, passwords, API keys, or payment details were accessed, the incident still creates phishing and social engineering risks and highlights how AI services rely on complex third party ecosystems. The piece connects these lessons to maritime companies increasingly adopting AI tools and needing to understand the full chain of data processors involved.

Sophos Report: Manufacturing Industry Blocks More Ransomware Attempts, While Adversaries Shift to Data Theft

A new Sophos report on ransomware in manufacturing and production finds that only 40 percent of attacks in the sector resulted in encryption this year, the lowest level in five years, as more organizations manage to stop attacks midstream. At the same time, extortion only incidents where attackers steal data but do not encrypt systems rose sharply, and many victims whose data was encrypted also experienced theft. The findings suggest attackers are shifting tactics toward data theft and pressure campaigns even as technical defenses improve against encryption itself.