Student Data, AI Ethics, Data Breaches & Regulations – 10/13/2025

Secure Your Business Now

Today’s privacy digest highlights critical breaches affecting healthcare and education, alongside growing concerns about AI’s role in politics and liability. Microsoft faces scrutiny over student data tracking and its involvement in international conflicts. Additionally, vulnerabilities in Oracle and Microsoft products demand immediate attention to safeguard sensitive data.

Top 5 Critical Privacy Alerts

  • Microsoft ‘illegally’ tracked students via 365 Education: Austrian data protection regulator ruled Microsoft illegally tracked students and used their data via 365 Education. Read more
  • SimonMed says 1.2 million patients impacted in January data breach: U.S. medical imaging provider SimonMed Imaging is notifying over 1.2 million individuals of a data breach. Read more
  • SonicWall VPN accounts breached using stolen creds: Threat actors compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen credentials. Read more
  • Harvard investigating breach linked to Oracle zero-day exploit: Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site. Read more
  • EFF urges action around Microsoft’s role in Israel’s War on Gaza: EFF and other organizations call on Microsoft to cease involvement in providing AI and cloud computing technologies for use in Israel’s actions. Read more

Privacy Laws & Regulations

  • California’s Latest Trio of Privacy Bills: New laws in California allow consumers greater control over their personal information. Read more
  • 2025 Brought Us Eight US “Comprehensive” Privacy Laws: Maryland law went into effect on October 1st, bringing the total to 17 US state privacy laws in 2025. Read more

Data Breaches

  • SimonMed says 1.2 million patients impacted in January data breach: U.S. medical imaging provider SimonMed Imaging is notifying over 1.2 million individuals of a data breach that exposed their sensitive information. Read more
  • Harvard investigating breach linked to Oracle zero-day exploit: Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site. Read more

AI

  • AI and the Future of American Politics: AI is poised to play a volatile role in America’s next federal election in 2026, with potential impacts for democracy. Read more
  • Meet Varonis Interceptor: AI-Native Email Security: Varonis’ new Interceptor platform uses multimodal AI to detect zero-hour phishing and social engineering attacks. Read more
  • Equity threatens mass direct action over use of actors’ images in AI content: Equity threatens action over use of members’ likenesses, images and voices in AI content without permission. Read more
  • AI could make it harder to establish blame for medical failings: Experts warn AI in healthcare could create a legally complex blame game for medical failings. Read more

Microsoft

  • Microsoft ‘illegally’ tracked students via 365 Education: Austrian data protection regulator ruled Microsoft illegally tracked students and used their data via 365 Education. Read more
  • Microsoft restricts IE mode access in Edge after zero-day attacks: Microsoft is restricting access to Internet Explorer mode in Edge browser after zero-day exploits. Read more
  • Microsoft investigates outage affecting Microsoft 365 apps: Microsoft is investigating an ongoing incident preventing some customers from accessing Microsoft 365 applications. Read more
  • Microsoft: Windows 11 Media Creation Tool broken on Windows 10 PCs: The latest version of the Windows 11 Media Creation Tool (MCT) no longer works correctly on Windows 10 22H2 computers. Read more
  • EFF urges action around Microsoft’s role in Israel’s War on Gaza: EFF and other organizations call on Microsoft to cease involvement in providing AI and cloud computing technologies for use in Israel’s actions. Read more

Vulnerabilities

  • Microsoft restricts IE mode access in Edge after zero-day attacks: Microsoft is restricting access to Internet Explorer mode in Edge browser after zero-day exploits. Read more
  • Oracle releases emergency patch for new E-Business Suite flaw: Oracle has issued an emergency security update to patch another E-Business Suite (EBS) vulnerability. Read more
  • Harvard investigating breach linked to Oracle zero-day exploit: Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site. Read more
Contact Us for a FREE Security Consultation!
Picture of Chris Armour

Chris Armour

Director of Software Engineering at Grab The Axe, leads the development of secure, scalable software solutions that drive growth and innovation. With expertise in network security, coding, and AI, he aligns technology strategies with business goals while mentoring high-performing teams. He holds a Bachelor of Science degree in Network Security from the University of Advancing Technology and is dedicated to advancing digital security and software innovation.

YOU MIGHT ALSO LIKE

Social Media Security

Strengthening Social Media Security: A Comprehensive Case Study

Financial Services Security

Enhancing Financial Services Security: A Comprehensive Case Study

The $102 Million Password: A Case Study in Converged Security at the Louvre