Nth Degree

On April 14, 2025, Nth Degree disclosed a data breach resulting from unauthorized access to its network environment. The incident occurred between December 12, 2024, and December 20, 2024, during which threat actors potentially exfiltrated personal information of individuals. While the exact number of affected parties remains undisclosed, the breach raises concerns over the exposure of sensitive data, which may include personally identifiable information (PII). The company has not specified whether the compromised data belongs to employees, customers, or third parties, nor has it confirmed if financial records, login credentials, or other high-risk details were accessed. The lack of clarity on the scope and nature of the exposed data amplifies uncertainties regarding potential misuse, such as identity theft, phishing attacks, or fraud. Nth Degree has not provided details on the attack vector (e.g., phishing, exploited vulnerability, or insider threat) or whether ransomware was involved. The incident underscores vulnerabilities in the company’s cybersecurity posture, particularly in detecting and mitigating unauthorized network access over an extended period.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/00158cad-3e51-443b-959e-b42d7d075b3d.html

TPRM report: https://www.rankiteo.com/company/nth-degree

"id": "nth041090625",
"linkid": "nth-degree",
"type": "Breach",
"date": "12/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Unknown', 'name': 'Nth Degree'}],
 'data_breach': {'number_of_records_exposed': 'Unknown',
                 'personally_identifiable_information': True,
                 'type_of_data_compromised': 'Personal Information'},
 'date_publicly_disclosed': '2025-04-14',
 'description': 'Nth Degree reported a data breach on April 14, 2025, '
                'involving unauthorized access to their network environment. '
                'The breach potentially exposed personal information between '
                'December 12, 2024, and December 20, 2024, although the number '
                'of affected individuals is unknown.',
 'impact': {'data_compromised': True, 'identity_theft_risk': True},
 'initial_access_broker': {'reconnaissance_period': {'end': '2024-12-20',
                                                     'start': '2024-12-12'}},
 'title': 'Nth Degree Data Breach - April 2025',
 'type': 'Data Breach'}

Nth Degree

Anne Arundel Dermatology P.A.: Anne Arundel Dermatology $2.4M Data Breach Settlement

Spring Independent School District: Spring ISD employees on leave after mistakenly leaking sensitive data in email, district says

CPUID: HWMonitor and CPU-Z developer CPUID breached by unknown attackers — cyberattack forced users to download malware instead of valid apps for six hours