With the close of the year’s first financial quarter for most businesses and organizations, March 2025 delivered a considerable amount of cybersecurity news stories to note. This month saw everything from record-breaking cryptocurrency heists to major moves impacting regulations for different industries, highlighting just how complex the modern infosec landscape is becoming. Continue reading the Recap below to learn more about these stories and how they may affect your business’s security posture:
FBI Warns Gmail & Outlook Users to Watch for Ransomware
The FBI along with other agencies released a joint Cybersecurity Advisory to users of Google’s Gmail, Microsoft Outlook, various VPN services and other email accounts to beware of ransomware attacks spreading across different industries, which have already impacted a few hundred victims. This Medusa variant, which is part of a RaaS (Ransomware-as-a-Service) network of developers and affiliates, typically relies on a “double extortion” method that will often see multiple demands for payment from actors who claim to have access to the locked data and will threaten to release it if not paid in time.
The Medusa hackers are sophisticated and employ a variety of methods to target potential victims and cover their tracks until it is too late to do anything. The best methods to counter according to the FBI and other cybersecurity is to apply an additional layer of security such as MFA (multifactor authentication), avoid clicking on hyperlinks or opening files from unknown senders or suspicious-looking messages, and to immediately change your account password if you believe you may have clicked on a malicious link or file.
Accounting Firm Sued for HIPAA Data Violation from 2024 Breach
Legacy Professionals LLP, a certified public accounting firm based out of Illinois that primarily provides services for employee benefits plans, labor unions, nonprofits and commercial entities in industries such as manufacturing or construction, was reported to have a suffered a data breach in April 2024 by the U.S. Department of Health & Human Services in March 2025. The firm had initially reported the incident to regulators in February of the same year after completing an investigation and alerting their customers; however, they are already facing up to five lawsuits at the time of this writing which allege that Legacy’s handling of the data and the incident itself put their customers at risk.
What makes this case particularly interesting is that at least some of these suits are seeking to invoke HIPAA privacy regulations and accuse Legacy Professionals LLP of violating these statutes by delaying to report the breach. HIPAA often technically overlaps with other wide-reaching data regulations, as much of the sensitive non-medical details categorized under PHI (protected health information) also often count as PII (personally identifiable information). Yet the data that was exposed in the April 2024 breach has not been stated to have included any medical-specific details, and it seems that the law was invoked on the basis of generally sensitive information such as Social Security numbers being included that would still apply.
Biggest Crypto Hack Ever Steals $1.5 Billion from Bybit
The cryptocurrency exchange Bybit, the second biggest of its kind currently, was the target of a major hack that is alleged to have stolen the largest amount ever in the history of the industry at $1.5 billion in digital tokens. Purportedly carried out by the Lazarus Group on behalf of North Korea, the money stolen is claimed to still be traceable online by multiple sources that include Bybit’s CEO, though the amount already being laundered has reportedly made the Hermit Kingdom the third largest holder of bitcoin in the world. The hackers allegedly pulled off the heist by first breaching one of Bybit’s suppliers and altering a digital wallet address to redirect Ethereum coins that were meant to be sent to the exchange into their own pockets.
The story is still rapidly evolving at the time of this writing, with Bybit’s CEO, Ben Zhou, giving assurances that the public traceability of the money through blockchain and an active bounty program for leads on Lazarus attempting to convert the bitcoin into fiat currency will allow his team to recover the funds. Many observers are less enthusiastic, however, and are already raising questions about the future of cryptocurrency as a result of this heist.
Top Cybersecurity Agency Impacted by Firings & Budget Cuts
The Cybersecurity and Infrastructure Security Agency, also known as CISA, has found itself caught up in the ostensible cost-cutting efforts of Elon Musk and his DOGE team. Over 4% of CISA’s workforce at the time were let go in February 2025, many of them highly experienced security professionals that made up a significant portion of the agency’s mission-critical probationary staff, as well as contractors filling in vital roles. CISA reportedly even had to hire back some of those terminated on court order after a judge determined DOGE’s firings were unlawful.
The chaos has only contributed to a growing consensus among observers that Musk and DOGE staffers may not have the most informed grasp of cybersecurity at the federal level, which is creating concerns that there may be irreversible and costly damages done to controls the government has in place against foreign bad actors. These include protections for state and municipal agencies as well as to help defend against potential cyber attacks by state-sponsored hackers, which frequently seek out connected vulnerabilities between associated networks and systems.
Google Buys Cloud Security Startup for $32 Billion in Biggest Acquisition Yet
Alphabet, the owner of Google LLC, has agreed to purchase an Israeli cloud security startup called Wiz for $32 billion in 2025, after a previous offer of $23 billion in 2024 was rejected. The increased price makes this Google’s largest acquisition to date, and the deal itself indicates that Alphabet is seeking to reinforce their Google Cloud expansion with enhanced cybersecurity for their data centers and services. This move also comes amidst their growing development and implementation of AI tools, including with their Cloud offers, adding new connections and configurations that need to be protected against intrusion and attack.
The deal may still come under regulatory scrutiny, however, as Wiz also provides cloud security solutions to many other companies and has partnerships with other cloud-based services that are Google’s top enterprise competitors, such as Microsoft and Amazon. The acquisition has yet to be federally approved at the time of this writing, and some watchdog groups have already called on the current administration to block it.
Navigate Evolving Cybersecurity Challenges
The events of March 2025 underscore the growing complexity of modern cybersecurity, from sophisticated hacking campaigns to the fallout from potential changes in regulatory reporting and government oversight. The experts at SWK Technologies will help your business navigate these evolving challenges and refine your security posture to ensure you are protected from both cyber threats and compliance challenges.
Contact SWK here to learn more about our award-winning managed IT and security services, and how our team will help position your business for success in the modern cybersecurity landscape.