The cyber intrusion, which occurred on April 20, 2024, but remained undetected until October 4, 2024, has triggered mandatory breach notifications to affected individuals across multiple states, with formal notices sent to customers on March 14, 2025. California Cryobank has established a dedicated call center to address customer concerns and assist with enrollment in protection services as they continue working with law enforcement to investigate the full scope of the breach. According to official breach notification documents filed with state regulators, threat actors gained entry to the company’s databases containing client personal identifiable information (PII). Given the nature of California Cryobank’s services, this breach raises particular concerns about the exposure of highly sensitive reproductive and genetic information. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. California Cryobank has engaged Baker & Hostetler LLP as outside counsel to manage legal compliance with data breach notification laws. Security experts estimate the total number could reach into the thousands given the organization’s extensive client base across North America. This injection bypassed standard security protocols and allowed unauthorized database queries while attempting to cover tracks by compromising logging systems. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. Affected individuals are being offered one year of complimentary credit monitoring and identity theft protection services through CyberScout. Industry analysts note that such facilities are increasingly becoming targets for sophisticated threat actors due to the valuable nature of their data holdings. A forensic investigation revealed that the attack utilized a sophisticated exfiltration technique known as “SQL injection” to extract customer records.
This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 19 Mar 2025 16:05:24 +0000