Plus: An AI database exposed, a spyware attack, and (another) major outage.
Retro by Rewind

It’s time for another edition of Retro! This is my monthly recap of the industry's top data and security news, stories, and conversations, all sent directly to your inbox.

 

Here’s what’s keeping CISOs and CTOs up at night—and why you should care. Let’s get into it.

This month’s Retro at a glance: 

  • The rise of healthcare data breaches
  • DeepSeek AI database exposed
  • Today’s top cybersecurity challenges

Double Click

Breaking down the industry’s major story

 

Healthcare provider data breach impacts 1 million Americans 

 

Community Health Center (CHC), a Connecticut-based healthcare provider, recently confirmed a data breach affecting over 1 million patients. While the cyberattack was initially detected on January 2nd, 2025, the official filing revealed that it likely occurred on October 14th, 2024.

 

CHC said that a “skilled criminal hacker” accessed sensitive patient data, including names, birthdates, addresses, medical records, Social Security numbers, and health insurance details. Despite this, the healthcare provider reassured patients that no data was deleted, no files were locked, and its daily operations were not disrupted. The hacker’s access was reportedly blocked within hours of discovery.

 

In response, CHC has enhanced security measures, added monitoring software, and hired experts to investigate. To protect affected individuals, CHC is offering free identity theft protection through IDX and a $1,000,000 insurance reimbursement policy. While no misuse of the stolen data has been reported, patients are encouraged to enroll in protection services for added security.

 

What's the lesson here?

 

Cyberattacks on healthcare providers have been rising across the U.S. 84% of healthcare organizations reported incidents in the past year, according to a report by Netwrix. Medical data is sensitive and these breaches obviously raise concerns for patients and stakeholders—so much so that the HHS has proposed HIPAA updates to combat the surge.

 

Keeping health data safe has never been more important. One of the ways you can protect your organization is by teaming up with a trusted, reliable partner for HIPAA-compliant data backup and recovery—they can help you meet compliance obligations without compromising on security or ease of access to backed-up data.

 

 

What other topics are trending? 

  • Meta confirms zero-click WhatsApp spyware attack targeting 90 journalists, activists: The campaign involved the use of spyware from Paragon Solutions. The attackers were neutralized in December 2024 and WhatsApp said it has reached out to affected users. It’s currently not known who was behind the campaign and for how long it took place.
  • DeepSeek AI database exposed, with over 1 million log lines, secret keys leaked: The Chinese startup left one of its databases exposed on the internet, which could have allowed malicious actors to gain access to sensitive data.
  • Atlassian's Bitbucket Cloud goes down 'hard': The outage, which affected the website and Git hosting, lasted around five hours.

The Soapbox

Online conversations you don't want to miss

 

99 problems: What are some of the biggest issues we face today in cybersecurity?

Screenshot 2025-02-03 at 4.53.10 PM

My take? The comments in this thread cover a lot of ground—and they’re all things I’m always thinking about and discussing with my team. Last year saw a rise in threats and vulnerabilities like ransomware and human error, so it’s imperative that organizations are being proactive about data protection in order to mitigate risk and build data resilience.


Join the conversation on Reddit.

 

Do as I say, not as I do: AI company Anthropic asks job applicants not to use AI in job applications

Screenshot 2025-02-03 at 5.35.27 PM

My take? Oh, the irony. An AI company rejecting use of the very technology that it promotes? Either they’re training their AI using “pure” application data, or they’re genuinely threatened by the way the technology is evolving. 


Join the conversation on Reddit.

Upcoming industry events

Atlassian Team '25

April 8-10, 2025 | Anaheim, California & online

   

Atlassian is redefining what’s possible when great teams and transformative technology come together. With over 4,000 attendees joining Team '25 from around the world, you’ll be sure to leave with valuable insights and connections. Discover Atlassian’s cutting-edge AI solutions, hear unique perspectives fueling growth and innovation, and level up your skills.

 

Plus, come meet the Rewind team in person to learn about the importance of SaaS backups and how you can be resilient against data loss.

 

Register today!

Did someone forward you this email? Join the Retro community—we’d love to have you! Subscribe here.

 

See you next month! 

Rewind, 333 Preston Street, Suite 200, Ottawa, Ontario K1S 5N4, CA

Unsubscribe Manage preferences