2.7 Million Affected, 79 Offices Disrupted, 79 Microsoft Flaws Exposed

Healthcare drives this edition. Navia Benefit Solutions disclosed a breach affecting 2,697,540 individuals. BlueCross BlueShield of Tennessee also said member data was exposed through the Conduent Business Services breach, which now affects more than 25 million people. Insight Hospital and Medical Center adds another warning sign, with one group claiming almost 200 gigabytes of stolen data and another claiming 360 gigabytes.

But the report also shows a sharper shift in attacker behavior. The Stryker attack combined data theft with remote wiping, with claims of 79 affected offices, more than 200,000 wiped systems, and 50 terabytes of stolen data. Microsoft fixed 79 flaws in March, including two publicly disclosed zero-days. PwC ties this together with a clear warning: attackers are increasingly logging in rather than breaking in, while 47% of leaders cite staffing gaps in operational technology and Industrial Internet of Things security and 39% cite unclear governance.

How ColorTokens Threat Intelligence Helps You Stay Breach Ready

• Helps healthcare teams triage large exposure events, from 2.7 million Navia records to Conduent’s 25 million-person fallout.
• Brings destructive attack signals into view, including Active Directory abuse and Intune-led device wiping in the Stryker case.
• Prioritizes patching around the flaws that matter most, including two public zero-days and Office preview-pane risk.
• Connects identity abuse to real risk, as PwC shows attackers increasingly log in rather than break in.
• Flags operational technology and Industrial Internet of Things gaps, where 47% cite staffing shortages and 39% unclear ownership.

Our cybersecurity specialists can help you interpret these threat patterns and build stronger containment, patching, and segmentation priorities before a breach turns into a wider operational problem.