Full List

Search

Recent Breaches

• ZenBusiness March 27, 2026 • [ data breach, extortion, ransomware ] In March 2026, the hacker and extortion group "ShinyHunters" claimed to have obtained a substantial corpus of data from ZenBusiness, a business formation and compliance platform. The group claimed the data had been exfiltrated from platforms including Snowflake, Mixpanel and Salesforce, and threatened to publish it if a ransom was not paid. The following month, after claiming payment had not been made, ShinyHunters publicly released the data. The collection amounted to many terabytes across thousands of files that appeared to originate from multiple systems and business functions, including leads, support records and other CRM-related data. The data contained approximately 5M unique email addresses, often accompanied by name and phone number depending on the source file.
• BreachForums Version 5 March 26, 2026 • [ data leak, hacking forum, credential leak ] In March 2026, a breach of one of the many iterations of the BreachForums hacking forum known as "Version 5" was publicly disclosed. The incident exposed 340k unique email addresses along with usernames and argon2 password hashes.
• The Left Party March 26, 2026 • [ ransomware, data leak, employee data ] Die Linke said its federal headquarters IT systems were hit by a ransomware attack on March 26, 2026, causing partial disruption, while outside reporting tied the incident to Qilin and a claim of stolen internal and employee data.
• Omax Autos March 26, 2026 • [ ransomware, cyber security incident, IT infrastructure ] Omax Autos said its IT department initially suspected a cyber security incident on March 26, 2026, which was later confirmed as a ransomware attack on the company's IT infrastructure; the company said core systems and operations were not impacted.
• Sound Radix March 25, 2026 • [ data leak, credential exposure ] In March 2026, the audio production tools company Sound Radix disclosed a data breach that they subsequently self-submitted to HIBP. The incident impacted 293k unique email addresses and names. Sound Radix advised that it is possible that additional data including hashed passwords may have been exposed, and that no financial or credit card information was impacted.
• Former Mossad Chief Tamir Pardo March 25, 2026 • [ data leak, espionage, email breach ] Handala published material from the personal Gmail account of former Mossad chief Tamir Pardo, and later reporting said the leak included business correspondence and a draft letter addressed to a CIA chief.
• Ajax FC March 25, 2026 • [ data leak, unauthorized access, PII ] Ajax said a hacker unlawfully gained access to parts of its systems and viewed the email addresses of a few hundred people, as well as names, email addresses, and dates of birth for fewer than 20 people with stadium bans.
• Undisclosed Israeli firm #50 March 24, 2026 • [ cyberattack, data wiping, security cameras ] Bloomberg reported an Israeli official said Iran-linked hackers stepped up cyberattacks on Israel, wiping the data of more than 50 small businesses in recent weeks and compromising dozens of security cameras. The official stated critical infrastructure such as energy grids, banks, and hospitals was not infiltrated or disrupted, and that most targeted companies had existing cybersecurity vulnerabilities while stronger-defended companies were not affected. Victim names and specific camera locations were not provided in the report.
• LiteLLM March 24, 2026 • [ supply chain attack, malware, credential theft ] TeamPCP used compromised release access to publish malicious LiteLLM versions to PyPI, embedding code that exfiltrated secrets and established persistence on systems that installed the poisoned packages.
• Aroostook Mental Health Center March 24, 2026 • [ ransomware, data leak, network disruption ] Aroostook Mental Health Center said a recent network disruption affected some business operations and temporarily interrupted connectivity, while outside reporting linked the incident to the Qilin ransomware group and a related leak-site extortion claim.
• At least one TikTok Business account March 24, 2026 • [ phishing, adversary-in-the-middle, credential theft ] Threat actors used adversary-in-the-middle phishing pages impersonating TikTok for Business and Google Careers to capture credentials and session cookies and hijack at least one TikTok Business account while bypassing 2FA.
• Port of Vigo March 24, 2026 • [ ransomware, critical infrastructure, logistics ] A ransomware attack disrupted digital systems at Spain's Port of Vigo, affecting servers used for cargo traffic and other services, locking some equipment, and forcing parts of the port's logistics coordination to shift to manual procedures.
• Hong Kong Correctional Services Department March 24, 2026 • [ unauthorized access, data breach, personal data leak ] Hong Kong's Correctional Services Department said a hacker illegally accessed its internal Knowledge Management System on March 24, 2026 and then accessed another system containing personal data of about 6,800 current and former staff.
• Centrum Medyczne Eskulap March 24, 2026 • [ ransomware, medical records, encryption ] Centrum Medyczne Eskulap reported that a ransomware attack on March 24, 2026 encrypted servers dedicated to patient services and blocked access to medical data and medical histories; reporting also said there was a high probability patient data may have been obtained before encryption, but no theft was confirmed.
• Checkmarx March 23, 2026 • [ supply chain attack, malware distribution, compromised artifacts ] TeamPCP used compromised Checkmarx distribution channels to publish malicious versions of developer tooling, exposing users who downloaded the affected artifacts during the publication window.
• At least one Ukrainian official March 23, 2026 • [ phishing, remote administration tool, malware ] A pro-Russian group tracked as UAC-0255 and linked to CyberSerp sent phishing emails impersonating CERT-UA and successfully infected a small number of devices in Ukraine with the AgeWheeze remote administration tool, enabling remote control of compromised systems.
• Liberty March 23, 2026 • [ unauthorized access, data leak, personal information ] Liberty notified customers that unauthorized access to personal information had occurred and said the exposed data included names, surnames, and identity numbers, while policies, investments, and services remained secure and operational.
• TheBurntPeanut March 23, 2026 • [ DDoS attack, streaming ] TheBurntPeanut was forced off a Sea of Thieves stream after a reported DDoS attack interrupted the session shortly after it began.
• Russell Cellular March 23, 2026 • [ data leak, customer records, employee credentials ] Russell Cellular was reported to be the source of a dataset offered for sale containing alleged customer records and employee credentials.
• Le Centre national des œuvres universitaires et scolaires March 23, 2026 • [ data leak, data exfiltration, personal information ] The Cnous said data was exfiltrated from its mesrdv.etudiant.gouv.fr appointment platform, exposing personal information from student social-services and housing appointments taken over the past ten years.