Full List

Search

Recent Breaches

• Jackson County April 2, 2024 • [ ransomware, malware, government ] Jackson County, Missouri, declares a state of emergency and closes key offices indefinitely as it responds to what officials believe is a ransomware attack that has made some of its IT systems inoperable.
• City of Hope April 2, 2024 • [ leak, healthcare ] Cancer treatment and research center City of Hope warns that a data breach exposed the sensitive information of over 820,000 patients.
• Salvadoran Citizens April 2, 2024 In April 2024, nearly 6 million records of Salvadoran citizens were published to a popular hacking forum. The data included names, dates of birth, phone numbers, physical addresses and nearly 1M unique email addresses. Further, over 5M corresponding profile photos were also included in the breach.
• Undisclosed organizations in El Salvador April 1, 2024 • [ leak ] Researchers from Resecurity identify a massive leak of the personally identifiable information (PII) of over five million citizens from El Salvador on the Dark Web, impacting more than 80% of the countrys population.
• MediSecure April 1, 2024 • [ ransomware, malware, healthcare ] The e-script provider MediSecure is hit with a ransomware attack. A subsequent analysis reveals that 12.9 million records were affected.
• Melting Mind April 1, 2024 • [ ransomware ] Ransomware attack on Lbeck IT provider Melting Mind in April 2024 encrypted company systems and disrupted operations; attackers demanded ~50,000 in Bitcoin, with a partial ransom payment of about 3,000.
• Hoya Corporation March 31, 2024 • [ ransomware, malware, manufacturing ] Hoya Corporation, one of the largest global manufacturers of optical products, says a "system failure" caused servers at some of its production plants and business divisions to go offline. The Hunters International ransomware gang claims responsibility for the attack and demands a $10M ransom.
• Nexperia March 31, 2024 Dutch chipmaker Nexperia confirms that threat actors breached its network in March 2024 after the Dark Angels ransomware gang leaked samples of allegedly stolen data.
• PandaBuy March 31, 2024 Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform is leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems.
• New York City Automated Personnel System, Employee Self Service (known as NYCAPS/ESS) March 31, 2024 • [ hack, phishing, government ] The city of New York took its payroll website partially offline for the last nine days in response to a recent phishing scheme targeting city employees
• Pandabuy March 31, 2024 • [ hack, retail ] In March 2024, 1.3M unique email addresses from the online store for purchasing goods from China, Pandabuy, were posted to a popular hacking forum. The data also included IP and physical addresses, names, phone numbers and order enquiries. The breach was alleged to be attributed to "Sanggiero" and "IntelBroker".
• Atraf March 30, 2024 Atraf, a popular Israeli LGBTQ dating app, suffers a major data breach exposing personal information of over half a million users after a threat actor with the moniker "AK-47" dumps its database on Breach Forums.
• Traverse City Area Public Schools March 30, 2024 The Traverse City Area Public Schools (TCAPS) remains close for a network disruption due to a possible cyber attack.
• IxMetro March 30, 2024 Chilean data center and hosting provider IxMetro Powerhost suffers a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypts the company's VMware ESXi servers and backups.
• Nottingham Rehab Supplies Healthcare March 30, 2024 • [ ransomware, leak, malware ] Multiple UK councils warned that citizens personal data may have been breached following a ransomware attack on a medical equipment supplier Nottingham Rehab Supplies (NRS) Healthcare. RansomHub said it successfully breached the firm on 30 March, stealing hundreds of thousands of sensitive documents. "More than 600k private documents was downloaded, including: Accounting, HR, Financial reports, Reception, Contracts and much more, the group said on its leak site.
• Samsung Germany Customer Tickets March 30, 2024 • [ leak, malware, technology ] In March 2025, data from Samsung Germany was compromised in a data breach of their logistics provider, Spectos. Allegedly due to credentials being obtained by malware running on a Spectos employee's machine, the breach included 216k unique email addresses along with names, physical addresses, items purchased from Samsung Germany and related support tickets and shipping tracking numbers.
• Omni Hotels & Resorts March 29, 2024 • [ ransomware, malware ] Omni Hotels & Resorts confirms that an alleged ransomware attack caused a nationwide IT outage that is still affecting its locations. The Daixin Team ransomware claims responsibility for the attack.
• Florida Department of Juvenile Justice March 29, 2024 • [ hack, government ] Threat actors break into the computer network of the Florida Department of Juvenile Justice.
• Prisma Finance March 28, 2024 A threat actor steals about $11.6 million from Prisma Finance, a popular decentralized finance (DeFi) platform. Shortly after the attacker declares to be a "white hat" and available to return the funds.
• Hot Topic March 28, 2024 American retailer Hot Topic discloses that two waves of credential stuffing attacks in November exposed affected customers' personal information and partial payment data.