Full List

Search

Recent Breaches

• Malawi Immigration Department February 23, 2024 • [ ransomware, malware, government ] The Malawi government reportedly suspends issuing passports for the past two weeks due to what appears to be a ransomware attack on the immigration service's computer network.
• medQ February 23, 2024 • [ ransomware, malware, technology ] medQ files a notice of data breach after discovering that hackers accessed and encrypted a software platform used by medQ.
• Hessen Consumer Center February 23, 2024 • [ ransomware, malware, healthcare ] The Hessen Consumer Center in Germany is hit with a ransomware attack, causing IT systems to shut down and temporarily disrupting its availability. The ALPHV/BlackCat ransomware gang claims responsibility for the attack.
• Greater Amsterdam School District February 23, 2024 • [ leak, education ] The Greater Amsterdam School District discloses that a data breach potentially led to the unauthorized access of protected student information.
• I-Soon February 22, 2024 Chinese police are investigating an unauthorized and highly unusual online dump of documents from I-Soon, a private security contractor linked to the nations top policing agency and other parts of its government.
• U-Haul February 22, 2024 U-Haul starts informing customers that a threat actor used stolen account credentials to access an internal system for dealers and team members to track customer reservations.
• Audiences in the US, Israel, Germany, and France. February 22, 2024 • [ social ] A joint effort by SentinelLabs and ClearSky Cyber Security uncover a significant propaganda and disinformation campaign, possibly orchestrated by the Russia-aligned influence operation network called Doppelgnger.
• Bimbo Bakeries USA February 22, 2024 • [ ransomware, malware, manufacturing ] Bimbo Bakeries USA, the U.S. branch of baking giant Grupo Bimbo suffers a ransomware attack by the Medusa ransomware group.
• Kootenai Health February 22, 2024 • [ ransomware, malware, healthcare ] Kootenai Health discloses a data breach impacting over 464,000 patients after their personal information was stolen and leaked by the 3AM ransomware operation.
• Rocky Mountain Gastroenterology February 22, 2024 • [ ransomware, malware, healthcare ] Rocky Mountain Gastroenterology suffers a triple ransomware attack.
• Spyzie February 22, 2024 In February 2025, the spyware service Spyzie suffered a data breach along with sibling spyware services, Spyic and Cocospy. The Spyzie breach alone exposed almost 519k customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs, and more. The data was provided to HIBP by a source who requested it be attributed to "zathienaephi@proton.me".
• Optum/Change Healthcare February 21, 2024 • [ ransomware, malware, healthcare ] Healthcare giant UnitedHealth Group confirms that its subsidiary Optum is forced to shut down IT systems and various services after a cyberattack by nation-state hackers on the Change Healthcare platform. The ALPHV/BlackCat ransomware gang claims responsibility for the attack.
• Maryville February 21, 2024 • [ leak, healthcare ] Maryville, which operates several addiction recovery centers around South Jersey, announces it was the victim of a data breach that accessed Social Security numbers and other personal information,
• Bausch Health February 21, 2024 The threat actor known as Sp1d3rHunters claims to have stolen extensive data from Bausch Health (1.6 Million DEA Numbers and Prescriber Details) and attempts to extort the company. The breach seems to be linked to compromised Snowflake accounts.
• Surgery Center of Mid Florida February 21, 2024 • [ ransomware, malware, healthcare ] Surgery Center of Mid Florida ("SCOMF") discloses to have suffered a ransomware attack.
• Innovative Renal Care February 21, 2024 • [ data leak ] Between February 21 and March 1, 2024, an unauthorized party accessed Innovative Renal Cares computer network and copied sensitive files. The breach exposed personal and health-related data including names, Social Security numbers, financial details, medical information, and prescriptions. The company filed a notice with the Massachusetts Attorney General on February 14, 2025, and began sending notification letters to impacted individuals. No encryption of systems or files was reported.
• American Renal Management February 21, 2024 • [ data leak ] IRC detected suspicious activity (2/29/2024); investigation found unauthorized access to certain systems (2/213/1/2024) with copying of internal files containing PII/PHI; IRC notified regulators and began mailing letters on 2/14/2025; credit monitoring offered and security measures enhanced.
• Individuals in China February 20, 2024 • [ financial, malware, finance ] China's Ministry of Industry and Information Technology warns local netizens that fake wallet apps for the nation's central bank digital currency (CBDC) are already circulating and being abused by scammers.
• Organization in the defense sector February 19, 2024 • [ espionage, malware, technology ] Germany's federal intelligence agency (BfV) and South Korea's National Intelligence Service (NIS) warn that Lazarus group's "Operation Dream Job," was also used against the defense sector.
• University of Manchester February 19, 2024 • [ hack, ddos, education ] The University of Manchester is hit with a DDoS attack. The Anonymous Sudan group claims responsibility for the attack.