Your Monthly Briefing on Cyber Threats and Business Impact

Introducing Cybersecurity in the News, Horn IT’s new monthly recap highlighting the most significant cybersecurity incidents and developments. Each month, we will provide an overview of major breaches, emerging threats, and critical trends, along with an analysis of how these events could impact your business. We’ll also suggest ways in which you can protect yourself against these types of threats. Our goal is to deliver clear, actionable insights to help you navigate the evolving cybersecurity landscape with confidence and strategic foresight.

🔐 Major Cybersecurity Incidents – April 2025

Marks & Spencer Cyber Attack Disrupts Operations

Location: United Kingdom

Incident: British retailer M&S experienced a significant ransomware attack over the Easter weekend, disrupting contactless payments and online order collections. The company temporarily moved some processes offline to protect stakeholders and paused click-and-collect orders in stores.

Impact: While customer data was reportedly unaffected, the incident highlights the vulnerabilities in retail operations and the importance of robust cybersecurity measures. (Source)

Oracle Cloud Breaches Expose Millions of Records

Location: United States

Incident: Oracle reported breaches in its legacy “Oracle Cloud Classic” and Oracle Health systems, potentially exposing up to 6 million records.

Impact: Although the core Oracle Cloud Infrastructure remained unaffected, the incidents underscore the risks associated with outdated systems and the need for regular updates and security patches. (Source)

Third-Party Vendor Breach Affects Financial Institutions

Location: Singapore

Incident: A ransomware attack on Toppan Next Tech , a third-party digital identity and physical identity vendor, compromised customer information from Singapore’s DBS Group and the Bank of China Singapore branch.

Impact: This incident highlights and is an example of the risks associated with third-party vendors and the importance of supply chain security. (Source)

South Australia – Hospital Data Breach

Location: South Australia

Incident: A major hospital in South Australia experienced a cyberattack that compromised the personal data of over 2,000 patients. The breach involved unauthorized access to sensitive information, including names, contact details, and clinical notes.

Impact: The incident highlights vulnerabilities in healthcare systems and the importance of robust cybersecurity measures. (Source)

🇨🇦 Major Cybersecurity Incidents Impacting Canadian SMBs – April 2025

Ontario Public Service Employees Union (OPSEU/SEFPO) Breach

Location: Toronto, Ontario

Incident: On April 2, OPSEU/SEFPO experienced a cybersecurity incident involving unauthorized access to its IT systems. The union described the attack as sophisticated and that they were  investigating the extent of the breach.

Impact: Systems were taken offline, and it was unclear at the time of this writing whether personal information was compromised. (Source)

Visionary Holdings Cyberattack

Location: Toronto, Ontario

Incident: Visionary Holdings, a medium-sized technology company based in Toronto, experienced a significant cyberattack affecting its website and email communications.

Impact: The company had to suspend its online and email services temporarily while implementing security upgrades and assessing potential data exposure. (Source)

Ransomware attack on a school district in Ontario, Canada

Location: Kingston, Ontario

Incident: Limestone District School Board experienced a network outage and were offline for a number of days due to a cyberattack.

Impact: Schools were forced to operate offline, significantly disrupting school operations, online learning applications, and student and teacher laptops until the incident was resolved. (Source)

📊 Key Trends Impacting Small and Medium-Sized Businesses

Ransomware Prevalence

According to Verizon’s 2025 Data Breach Investigations Report, ransomware was involved in 88% of breaches affecting small and medium-sized businesses, a significant increase from previous years. Cybercriminals increasingly target SMBs because they perceive their security postures as weaker. The report also noted a 37% rise in ransomware attacks overall.

Human Error

Approximately 95% of cybersecurity breaches are attributed to human error, emphasizing the need for employee training and awareness programs.

Financial Impact

The average cost of a cyberattack on an SMB is estimated at $254,445, with some incidents costing up to $7 million. Moreover, 60% of small businesses that suffer a cyberattack shut down within six months. All of this highlights the severe consequences of falling victim to a cyberattack.

🛡️ Recommendations for Businesses, Professional Organizations and Educational Settings

Implement Multi-Factor Authentication (MFA)

Adding an extra layer of security can prevent unauthorized access even if credentials are compromised.

Robust Backup Solutions

Implement secure, off-site backups to mitigate ransomware risks.

Regularly Update and Patch Systems

Ensure all software and systems are up-to-date to protect against known vulnerabilities.

Employee Training

Conduct regular cybersecurity awareness training to mitigate risks associated with human error.

Third-Party Risk Management

Assess and monitor the security practices of vendors and partners to prevent supply chain attacks.

Incident Response Plan

Develop and test a comprehensive incident response plan to quickly address and recover from cyber incidents.

Staying informed and proactive is crucial for SMBs to navigate the evolving cybersecurity landscape. Regularly reviewing and updating security measures can significantly reduce the risk and impact of cyber threats.

Contact Us Today

At Horn IT, we actively protect your business technology and data, ensuring compliance and security. By continuously upgrading, updating, and innovating, we deliver more than just the managed services you expect. Instead, you get a customized, forward-thinking, and proactive approach to managing your systems.

📧 info@horn-it.com
📞 647-557-5109