Instagram
January 7, 2026
•[ data leak, scraping ]
In January 2026, data allegedly scraped via an Instagram API was posted to a popular hacking forum. The dataset contained 17M rows of public Instagram information, including usernames, display names, account IDs, and in some cases, geolocation data. Of these records, 6.2M included an associated email address, and some also contained a phone number. The scraped data appears to be unrelated to password reset requests initiated on the platform, despite coinciding in timeframe. There is no evidence that passwords or other sensitive data were compromised.
Panera Bread
January 7, 2026
•[ ransomware, data leak ]
In January 2026, Panera Bread suffered a data breach that exposed 14M records. After an attempted extortion failed, the attackers published the data publicly, which included 5.1M unique email addresses along with associated account information such as names, phone numbers and physical addresses. Panera Bread subsequently confirmed that "the data involved is contact information" and that authorities were notified.
At least one IoT device compromised
December 31, 2025
•[ botnet, iot, vulnerability ]
Security researchers reported that the RondoDox botnet successfully exploited a critical vulnerability to take control of at least one internet-connected networking device, enrolling it into a botnet for malicious activity.
ManageMyHealth
December 30, 2025
•[ ransomware, data leak, healthcare ]
A significant volume of patient medical records was accessed and partially encrypted in a cyber intrusion targeting document systems The threat actor issued a ransom demand and published some data samples online before legal action was taken The breach was discovered in late December and publicly confirmed shortly after
University of Lille
December 29, 2025
•[ data leak ]
Unauthorized access to university systems resulted in the exfiltration of student personal data later advertised on an underground forum.
WhiteDate
December 29, 2025
•[ data leak ]
In December 2025, the dating website "for a Europid vision" WhiteDate suffered a data breach that exposed 6k unique email addresses. The breach exposed extensive further personal information including data related to physical appearance, income, education and IQ.
Ubisoft
December 27, 2025
•[ data leak, service disruption ]
Ubisoft suffered a breach in which attackers accessed internal systems controlling the Rainbow Six Siege economy and moderation tools. Game services were globally disrupted, requiring rollback and shutdown of servers for nearly two days.
Unleash Protocol
December 26, 2025
•[ Theft, Cryptocurrency, Smart Contract Exploit ]
Unauthorized multisig takeover allowed attacker to deploy a malicious contract upgrade and drain protocol funds, which were later laundered through Tornado Cash.
Complexul Energetic Oltenia
December 26, 2025
•[ ransomware ]
A ransomware attack attributed to the Gentlemen group encrypted internal IT systems at Complexul Energetic Oltenia on December 26 2025 causing partial operational disruption The company isolated affected systems restored operations from backups and stated that national energy supply was not affected Data exfiltration has not been confirmed
Chrysler (Stellantis)
December 25, 2025
•[ ransomware, data leak ]
Everest ransomware group claimed it breached Chrysler systems and exfiltrated 1088 GB of data, including Salesforce-related CRM exports and recall/customer service records, and threatened to leak the full dataset.
SudamericaData
December 25, 2025
•[ data leak ]
Threat actors advertised an alleged database from SudamericaData on underground forums, claiming exposure of a large volume of personal and registry data; the company has not publicly confirmed the breach at the time of reporting.
Kamunikat.org
December 25, 2025
•[ unauthorized access, data destruction ]
An attacker obtained administrator-level access to Kamunikat.org and deleted several thousand publications and news items from the online library before access was blocked and restoration began.
Arch Linux
December 25, 2025
•[ DDoS, service disruption ]
Arch Linuxs official website experienced a distributed denial-of-service attack that rendered the site inaccessible over IPv4 while remaining reachable via IPv6 as a mitigation measure.
Asiana Airlines
December 24, 2025
•[ data leak ]
Asiana Airlines experienced unauthorized access to its internal intranet via an overseas server on December 24 2025 resulting in the exposure of personal information for approximately 10000 employees and partner staff No customer data was affected The company blocked access reset credentials and notified authorities
Ramside Hall Hotel Golf and Spa
December 24, 2025
•[ data leak ]
A management system used by Ramside Hall was accessed by unauthorized actors resulting in exposure of some customer data The hotel confirmed the incident publicly and stated the breach originated from a system it uses
La Poste / La Banque Postale
December 22, 2025
•[ ddos, service disruption ]
La Poste confirmed a distributed denial-of-service (DDoS) incident disrupted its websites and mobile applications just days before Christmas, slowing deliveries and knocking some online services offline. The company said it had no evidence customer data was compromised, but acknowledged postal operations including parcel distribution were affected and some post offices operated at reduced capacity. La Banque Postale warned customers that access to online banking and its mobile app was affected, while card payments and ATM withdrawals continued to function and online payments were still possible when authenticated by text message. La Poste stated its teams were mobilized to restore services as quickly as possible.
At least one Russian Manufacturing Company
December 22, 2025
•[ unauthorized access, industrial operations ]
A manufacturing company based in Russia was affected by a cyber incident involving unauthorized access to corporate systems and potential disruption to industrial operations.
Kuaishou
December 22, 2025
•[ cyberattack, service disruption ]
Kuaishou experienced a cyberattack late on December 22, 2025 that disrupted livestreaming services for several hours, prompting market reaction and a decline in its share price the following day.
Romanian Waters (Administrația Națională Apele Române)
December 20, 2025
•[ ransomware ]
Romanias national water authority, Romanian Waters, suffered a ransomware incident that began on December 20, 2025 and disrupted IT services across the organization. Romanias National Cyber Security Directorate (DNSC) reported the event affected approximately 1,000 computer systems, including workstations, email services, and web servers, and spread from the main office to 10 of 11 regional river management branches. The disruption took down key digital tools such as domain services and GIS mapping, and the agencys public website remained offline while updates were shared through other channels. Authorities stated that operational technology supporting dams and flood defenses remained safe and that field staff continued critical functions manually.
Condé Nast / WIRED.com
December 20, 2025
•[ data leak ]
Hacker Lovely leaked 2.4M WIRED.com subscriber records (emails, names, IDs, contact info). Dataset verified by breach researchers and indexed by Have I Been Pwned. No official confirmation from Cond Nast; actor claims 40M more records may follow.
