Parque Eólico Toabré
March 31, 2026
•[ cyberattack, data leak, ransomware ]
Everest claimed responsibility for a cyberattack against Parque Elico Toabr on March 31, 2026 and threatened to release sensitive data. La Estrella de Panam later listed Parque Elico Toabr among Panamanian technology incidents dated May 9, 2026, and other dark-web monitoring reported an alleged 175GB database leak. Public reporting did not confirm encryption, data destruction, operational disruption, or compromise of wind-farm control systems.
Eholo Health
March 30, 2026
•[ data leak, vulnerability exploitation, medical records ]
XP95 claimed it stole 165 GB of data from Eholo Health, including more than 1.1 million medical notes and personal information tied to 601,308 users, after exploiting a vulnerability in the company's systems.
Maine state government
March 30, 2026
•[ phishing, email account compromise, unauthorized access ]
State officials discovered that a Maine government employees email account had been accessed by cybercriminals, who used it to send phishing messages to internal staff and external contacts. The Security Operations Center secured the account, shut down the suspicious activity, and stopped additional unauthorized emails. No evidence of personal or sensitive data access was reported.
YEDNA
March 30, 2026
•[ DDoS, hacktivism, api outage ]
Pro-Russian hacker groups PalachPro and Noname057(16) claimed a DDoS attack against Ukrainian social network YEDNA less than a day after its March 29 launch. The attack disabled the platform API, leaving the website and social-network functionality unavailable to visitors; no restoration time was reported.
Statistics South Africa
March 29, 2026
•[ cyber breach, data theft, ransomware ]
Stats SA said a cyber breach affected one HR database used for online job applications, while XP95 claimed it stole 453,362 files totaling 154 GB and demanded ransom.
Scotia-Glenville Central School District Facebook page
March 29, 2026
•[ Account Takeover, Social Media Hijacking, Unauthorized Access ]
A malicious actor gained administrative control of the Scotia-Glenville Central School District Facebook page through a hacked non-district account used by its communications specialist and posted inappropriate videos and replies while posing as the district; the district said its internal servers and data systems were not compromised.
Hasbro Systems
March 28, 2026
•[ unauthorized access, cyberattack, operational disruption ]
Hasbro identified unauthorized access to its network on March 28, 2026 and took select systems offline as a containment measure while continuing operations through business-continuity procedures; the company warned that interim measures could cause order-processing, shipping, and invoicing delays while it reviewed potentially impacted files.
FBI Director Kash Patel's personal Gmail
March 27, 2026
•[ data leak, email breach, state-sponsored attack ]
Iran-linked group Handala claimed it breached FBI Director Kash Patel's personal Gmail account and published historical emails, photographs, and files; the FBI said the exposed material did not involve government information.
Jackson County Sheriff's Office
March 27, 2026
•[ ransomware, cyberattack, operational disruption ]
A ransomware attack crippled the Jackson County Sheriff's Office in Indiana, taking computers, Wi-Fi, and reporting systems offline and forcing staff to use temporary manual workarounds.
Goodwill of Greater Grand Rapids
March 27, 2026
•[ ransomware, extortion, data theft ]
Goodwill of Greater Grand Rapids said an attack disrupted part of its network environment and affected store operations, forcing locations across its West Michigan service area to operate on a cash-only basis, while outside reporting tied the incident to an Interlock ransomware extortion claim alleging theft of 80 GB of data.
ZenBusiness
March 27, 2026
•[ data breach, extortion, ransomware ]
In March 2026, the hacker and extortion group "ShinyHunters" claimed to have obtained a substantial corpus of data from ZenBusiness, a business formation and compliance platform. The group claimed the data had been exfiltrated from platforms including Snowflake, Mixpanel and Salesforce, and threatened to publish it if a ransom was not paid. The following month, after claiming payment had not been made, ShinyHunters publicly released the data. The collection amounted to many terabytes across thousands of files that appeared to originate from multiple systems and business functions, including leads, support records and other CRM-related data. The data contained approximately 5M unique email addresses, often accompanied by name and phone number depending on the source file.
Caja de Seguro Social (CSS)
March 27, 2026
•[ unauthorized intrusion, data leak, medical records ]
Caja de Seguro Social (CSS), Panama's public social security and healthcare institution, reported a possible unauthorized intrusion on March 27, 2026 while stating that web services remained operational. The Gentlemen later claimed responsibility for the hack and alleged publication or sale of 3 TB of data, including medical histories, pension records, loan documents, signatures, phone numbers, and radiology files, with the group claiming the medical and pension databases covered 80% of Panama's population.
BreachForums Version 5
March 26, 2026
•[ data leak, hacking forum, credential leak ]
In March 2026, a breach of one of the many iterations of the BreachForums hacking forum known as "Version 5" was publicly disclosed. The incident exposed 340k unique email addresses along with usernames and argon2 password hashes.
The Left Party
March 26, 2026
•[ ransomware, data leak, employee data ]
Die Linke said its federal headquarters IT systems were hit by a ransomware attack on March 26, 2026, causing partial disruption, while outside reporting tied the incident to Qilin and a claim of stolen internal and employee data.
Omax Autos
March 26, 2026
•[ ransomware, cyber security incident, IT infrastructure ]
Omax Autos said its IT department initially suspected a cyber security incident on March 26, 2026, which was later confirmed as a ransomware attack on the company's IT infrastructure; the company said core systems and operations were not impacted.
Sound Radix
March 25, 2026
•[ data leak, credential exposure ]
In March 2026, the audio production tools company Sound Radix disclosed a data breach that they subsequently self-submitted to HIBP. The incident impacted 293k unique email addresses and names. Sound Radix advised that it is possible that additional data including hashed passwords may have been exposed, and that no financial or credit card information was impacted.
Former Mossad Chief Tamir Pardo
March 25, 2026
•[ data leak, espionage, email breach ]
Handala published material from the personal Gmail account of former Mossad chief Tamir Pardo, and later reporting said the leak included business correspondence and a draft letter addressed to a CIA chief.
Ajax FC
March 25, 2026
•[ data leak, unauthorized access, PII ]
Ajax said a hacker unlawfully gained access to parts of its systems and viewed the email addresses of a few hundred people, as well as names, email addresses, and dates of birth for fewer than 20 people with stadium bans.
Awa Bank
March 25, 2026
•[ unauthorized access, data leak, test environment exposure ]
Awa Bank confirmed that unauthorized access to an OA system test environment caused leakage of 27,745 customer, shareholder, and related-party records.
Addi
March 25, 2026
•[ fintech, data breach, extortion ]
In March 2026, the Colombian fintech company Addi identified unauthorised activity on its platform and advised customers that "it is possible that your personal information may have been compromised". The "pay or leak" extortion group ShinyHunters subsequently claimed responsibility and published a large trove of personal data allegedly obtained from Addi. The data included 34M unique email addresses from credit scoring requests, credit bureau records, customer identity records and email validation logs. It also contained government issued IDs (Cdula de Ciudadana), estimated income, socioeconomic levels, purchases and other credit-related data points.
