Full List

Search

Recent Breaches

• Pacific Pulmonary Medical Group October 4, 2024 • [ ransomware, malware, healthcare ] The Pacific Pulmonary Medical Group (PPMG) is hit with an Everest Team ransomware attack.
• IdeaLab October 4, 2024 • [ ransomware, data leak ] IdeaLab confirmed data theft from an Oct 2024 ransomware breach claimed by Hunters International. 137,000 files (~262.8 GB) stolen and leaked impacting employees/contractors and dependents.
• American Water October 3, 2024 American Water, the largest publicly traded U.S. water and wastewater utility company, is forced to shut down some of its systems after a cyberattack.
• Wayne County October 3, 2024 • [ ransomware, malware, government ] Wayne County in Michigan is dealing with an alleged ransomware attack that has shut down all government websites and limited the operations of several offices.
• Bloom Hearing Specialists October 3, 2024 • [ ransomware, malware, healthcare ] Bloom Hearing Specialists warns thousands of customers about a ransomware attack stealing sensitive data.
• Universal Music Group October 3, 2024 • [ leak ] Universal Music Group informs hundreds of individuals about a recent data breach impacting their personal information.
• Vocational Training Center, or Berufsbildungszentrum (BBZ) October 3, 2024 The Vocational Training Center, or Berufsbildungszentrum (BBZ), in the canton of Schaffhausen is the victim of a ransomware attack.
• ADT October 2, 2024 Home and small business security company ADT discloses it suffered a breach after threat actors gained access to its systems using stolen credentials and exfiltrated employee account data.
• Red Barrels October 2, 2024 • [ hack, technology ] Canadian video game developer Red Barrels warns that the development of its Outlast games will likely be delayed after the company suffered a cyberattack impacting its internal IT systems and data.
• Charleston Area Medical Center October 2, 2024 • [ phishing, data leak ] Phishing attack on multiple email users; unauthorized access to one mailbox between Oct 23, 2024, possibly exposing personal and health information. No other systems impacted.
• Methodist Homes of Alabama and Northwest Florida October 2, 2024 • [ unauthorized access, healthcare data breach, network incident ] Methodist Homes of Alabama and Northwest Florida reported an incident involving unauthorized access to its network between October 2 and October 14, 2024. The organization notified HHS on January 30, 2025 that 908 patients were affected, and later notified the Maine Attorney Generals Office in October 2025 that the incident affected 25,579 individuals in total.
• Governments and armed forces, think tanks, academic researchers, and Ukrainian entities October 1, 2024 • [ espionage, malware, government ] Researchers at Trend Micro reveal the details of a campaign carried out by the Russia-linked APT29 threat actor, leveraging malicious Remote Desktop Protocol (RDP) configuration files.
• Undisclosed nuclear-related organization October 1, 2024 • [ espionage, malware, energy ] Researchers at Kaspersky reveal that the Lazarus Group, the threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization. The attacks, part of Operation Dream Job, culminated in the deployment of a new modular backdoor referred to as CookiePlus,
• Switch October 1, 2024 • [ leak, misconfiguration, technology ] In October 2024, the Hungarian IT headhunting service Switch inadvertently exposed thousands of customer records via a public GitHub repository. The exposed data contained job applications with names, email addresses and in some cases, commentary on the applicant.
• Tecta America Corporation October 1, 2024 • [ hack ] Tecta America discovered suspicious network activity around October 1, 2024. Investigation revealed that between September 20October 2, an unauthorized actor accessed or acquired files. Impacted data includes names, Social Security numbers, drivers licenses, and financial account info for approximately 22,573 individuals Notifications sent January 2, 2025, and credit monitoring offered.
• Heartland Community Health Center October 1, 2024 • [ phishing, data leak ] Clinic reported email account breach exposing sensitive patient and insurance information.
• Andy Frain Services October 1, 2024 • [ ransomware, data leak ] Physical security firm reported a ransomware intrusion in Oct 2024 attributed to Black Basta with exfiltration of a wide range of data; notices sent to ~100k people in May 2025.
• Onsite Mammography October 1, 2024 • [ phishing, data leak ] Phishing attack compromised a single employees email account, enabling exfiltration of PII and PHI data affecting over 350,000 individuals; no encryption involved.
• Barbados Revenue Authority September 30, 2024 230GB of records from the Barbados Revenue Authority, such as property tax records and vehicle owners registration records, are being offered for sale.
• Rackspace September 30, 2024 Rackspace tells customers that threat actors exploited a zero-day vulnerability in ScienceLogic, a third-party application it was using, and abused that vulnerability to break into its internal performance monitoring environment.