Full List

Search

Recent Breaches

• Oxford County September 22, 2025 • [ ransomware, data leak ] Oxford County in Ontario, Canada disclosed on 22 September 2025 that it had experienced a cybersecurity incident affecting its information systems. County IT staff detected unexpected activity, contained it, and engaged third-party experts to conduct a forensic investigation while keeping public services operating normally. Subsequent dark-web monitoring and local reporting linked the incident to the BrainCipher ransomware group, which claimed Oxford County as a victim and suggested that personal information on roughly 4,000 current and former employees may have been stolen.
• Office of the Deputy Chief Minister of Maharashtra September 21, 2025 • [ hack, government ] Maharashtra Deputy Chief Minister Eknak Shinde's ex-account was recently hacked during the high-voltage India-Pakistan-Asia Cup match. Hackers posted images of Pakistan and Turkey flags, sparking concern. However, thanks to the swift action of Shinde's social media team, the account was restored within 30-45 minutes and no sensitive data was compromised. The cybercrime police were immediately alerted and investigation is underway to determine the cause of the breach. This incident highlights the...
• Stellantis / Jeep / Dodge (via third-party service provider) September 21, 2025 • [ hack, manufacturing ] Stellantis confirmed a breach of a third-party vendors platform supporting its North American customer services. Attackers claimed Salesforce was the compromised system and alleged theft of 18 million records, but Stellantis has not confirmed this. Only contact information was reportedly exposed, and no financial or sensitive personal data was accessed.
• Circle K Hong Kong (Alimentation Couche-Tard) September 21, 2025 • [ hack, retail ] Circle K Hong Kong experienced a network disruption beginning September 21 2025 that partially halted e-payment and loyalty systems across approximately 400 stores. The company described it as a suspected cyberattack. No data encryption or data theft was reported.
• Bureau of the Treasury (BTr) September 21, 2025 • [ cyberattack, government ] DICT/CICC reported a coordinated wave of cyberattacks on government websites amid Sept 21 rallies.
• Vitas Hospice September 21, 2025 • [ data leak, third-party breach, healthcare ] Vitas Hospice Services (Vitas Healthcare) detected a cybersecurity intrusion on 10/24/2025. According to the organizations breach notice and subsequent reporting, the threat actor gained access to certain Vitas systems by using a compromised third-party vendor account. The unauthorized access persisted from approximately 09/21/2025 through 10/27/2025, and the attacker downloaded files containing personal information of current and former patients. Exposed data elements included identifiers (name, address, phone number, date of birth), government identifiers (drivers license number and Social Security number), and protected health information such as medical and insurance details, plus next-of-kin contact information. Government breach tracking and reporting indicated 319,177 individuals were affected. Vitas stated it took steps to secure systems, investigate, and notify impacted individuals, though the specific malware or group responsible was not publicly identified.
• Collins Aerospace September 20, 2025 • [ hack ] {"richText":[{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"Cyberattack on Collins Aerospaces "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"MUSE"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" software caused check-in/bag-drop outages and knock-on flight disruptions at Heathrow, Brussels, Berlin (and minor impact at Dublin/Cork). RTX said issues were limited and mitigated via manual check-in; cancellations/delays continued into Sunday. Attribution/technique unknown."}]}
• Crimean Occupation Authorities / Government of Crimea September 20, 2025 • [ hack, leak, government ] Ukraines Defense Intelligence Directorate (GUR) announced it breached servers of the Russian-installed authorities in occupied Crimea, exfiltrating over 100 TB of official records. No encryption or service disruption reported.
• Harrods (via third-party service provider) September 20, 2025 • [ leak, retail ] The luxury retailer Harrods disclosed that a third-party service provider was compromised, leading to exposure of roughly 430,000 customer records. The company confirmed no encryption, ransom activity, or service disruption occurred.
• Templeton Properties (Halifax, Nova Scotia) September 20, 2025 • [ social, phishing ] An employee at Templeton Properties clicked a phishing email link impersonating an invoice, triggering suspicious activity on company computers. The IT administrator confirmed it was a fraudulent email and contained malicious content. No confirmed data theft was reported.
• BK Technologies September 20, 2025 • [ data leak ] BK Technologies reported an intrusion on Sept 20; attackers accessed and stole non-public data from compromised systems; company says impact is not material and mostly covered by insurance.
• Thayer Hotel at West Point September 19, 2025 • [ data leak ] On 19 September 2025 the Thayer Hotel at West Point experienced unauthorized access to its computer systems, prompting a forensic investigation and containment measures. The hotel later confirmed that an Undetermined actor accessed systems holding data on roughly 33,053 individuals and that exposed information could include names, dates of birth, postal addresses, Social Security numbers, drivers license and passport numbers, state IDs, email addresses and some medical or financial data for guests and employees. A formal Notice of Data Security Incident dated 31 October 2025 describes the breach, and law firms have begun investigating potential claims while the hotel offers credit monitoring through Kroll.
• Other Ukraine September 17, 2025 • [ ddos ] TASS says Medvedchuks Other Ukraine website suffered a fresh DDoS on 09/17/2025 (second that week), following a run of attacks on 09/0909/11; technicians worked to restore access; no attribution or data theft.
• Veradigm Inc. September 17, 2025 • [ financial, healthcare ] Veradigm reported on September 26 2025 that it detected unauthorized access to portions of its network on September 17 2025. Investigators determined that data on roughly 1.1 million individuals was accessed, but no encryption, ransom demand, or operational disruption occurred. The actor has not been identified and the intrusion appears financially motivated.
• The Property Business Australia September 16, 2025 • [ leak ] Kairos listed The Property Business Australia on its leak site around 09/16/2025, claiming exfiltration of sensitive agent/tenant/landlord data; CyberDaily published on 09/17; trackers cite 164 GB leaked. Samples include ID and payment images. No victim confirmation or outage reported yet.
• SSC-ICT (serving several Dutch government agencies) September 15, 2025 • [ hack, ddos, government ] A sustained DDoS campaign targeted SSC-ICT systems, degrading VPN and internal site access for ~57k Dutch civil servants; ministries advised staff to work in office; Interior Ministry confirmed attacks, impact assessed as limited; no attribution.
• Gloucester-Mathews Gazette-Journal September 15, 2025 • [ ransomware, malware, technology ] Ransomware hit the Gazette-Journals production file server over the weekend; discovered 09/15/2025; no customer financial data compromised; recovery allowed in-house printing to resume after network restoration; attacker unknown.
• Friendlies Society Dispensary September 15, 2025 • [ ransomware, malware, healthcare ] A ransomware attack occurred in September 2025 against the Friendlies Society Dispensary in Toowoomba, Queensland. The pharmacys systems were encrypted, disrupting services for several days. Management reported uncertainty about what data was accessed. The incident was publicly reported on October 1, 2025, by ABC News.
• Maida.health (Brazil) September 15, 2025 • [ leak, healthcare ] Threat actors reportedly exfiltrated approximately 2 TB of sensitive data from Maida.health, a Brazilian health-technology firm providing services for the Military Police and their families. Stolen data allegedly include medical records, ID documents, and administrative files. No encryption or ransomware activity was reported, and the responsible actor has not been identified.
• Undisclosed Major Technology Firm September 15, 2025 • [ data leak, nation-state, AI-automated attack ] Anthropic reported that GTG-1002, a China-linked nation-state threat actor, conducted an AI-automated intrusion campaign detected in mid-September 2025; one successful breach involved an undisclosed major technology firm where sensitive information was stolen via exploitation of application server infrastructure.