Full List

Search

Recent Breaches

• Welcome Financial Group August 21, 2025 • [ ransomware, finance ] ALPHV/BlackCat claimed responsibility for stealing 1.024 TB of files from Welcome Financial Group, alleging it contained customer data such as names, addresses, and account numbers. The firm countered that only internal documents like meeting records were taken, and that its savings bank unit and customer accounts were not compromised.
• Delta Telekom August 21, 2025 • [ hack, ddos, technology ] Azerbaijans primary internet backbone operator, Delta Telekom, was targeted with a massive DDoS attack that caused temporary internet delays, which were mitigated by rerouting traffic through alternative backbone providers and fully restored within hours
• Multiple Italian Hotels (via booking platform) August 20, 2025 • [ leak, retail ] A massive data breach hit multiple Italian hotels in Aug 2025 through a centralized booking platform, exposing customer PII, payment card data, and stay details; no ransomware encryption or disruption reported.
• Multiple critical infrastructure sectors (via Cisco devices) August 20, 2025 • [ espionage, technology ] FBI and Cisco warn of ongoing Russian FSB Center 16 campaign exploiting CVE-2018-0171 in Cisco Smart Install, compromising thousands of network devices across critical infrastructure globally for reconnaissance and persistent access.
• EastIdahoNews.com August 20, 2025 • [ social, malware, technology ] Fake virus scanner pop-ups served via third-party ads disrupted user experienceno evidence of data theft or system compromise.
• Gosuslugi (Russian e-Government Portal) August 20, 2025 • [ hack, ddos, government ] Gosuslugi, Russias national e-government portal, was hit by a large-scale DDoS attack in August 2025, causing temporary outages and degraded access to online public services. Authorities reported no compromise of personal data or backend systems.
• Pittsburgh Gastroenterology Associates August 20, 2025 • [ ransomware, malware, healthcare ] On August 20, 2025, the Sinobi ransomware group hacked Pittsburgh Gastroenterologys internal systems, exfiltrating sensitive medical and personal information. The practice is involved in notifications and legal investigations following the breach.
• Pittsburgh Gastroenterology Associates August 20, 2025 • [ ransomware, data leak ] A ransomware group known as Sinobi claimed on August 20, 2025, to have obtained data belonging to Pittsburgh Gastroenterology Associates. Reports indicate approximately 198GB of patient data were exfiltrated following unauthorized access to internal systems. The organization reported no service disruption or encryption, confirming only exfiltration of stored patient files.
• The Rural Municipality of Woodlands in Manitoba August 19, 2025 • [ hack, government ] The Rural Municipality of Woodlands in Manitoba reported an email security breach and issued a warning to residents. No details on the type or amount of data accessed were released.
• Motility Software Solutions August 19, 2025 • [ ransomware, malware, technology ] Motility Software Solutions detected suspicious activity on Aug 19 2025 and confirmed ransomware deployment and data theft impacting about 760,000 individuals. Stolen data included names, birthdates, drivers license numbers, and SSNs. No threat actor attribution was disclosed.
• Nigerian National Identity Management Commission (NIMC) August 17, 2025 • [ insider, government ] Insider breach at Nigerias digital ID system (NIMC) on August 17, 2025 involved a staff member abusing access to extract sensitive personal data tied to national identity numbers. No disruption or encryption reported, only data exfiltration.
• Middletown, Ohio Municipal Services August 17, 2025 • [ ransomware, malware, government ] Middletown, Ohio suffered a cyberattacklikely ransomwarethat began around Aug 17, 2025. Multiple city service systems remained offline for weeks; some employee information may have been affected (per preliminary findings), but no definitive evidence of data exfiltration. No actor has been identified.
• Butler County August 17, 2025 • [ ransomware, data leak ] A cyberattack disrupted Middletown city services on or about Aug. 17, 2025. City staff reported email accounts were offline for weeks (some gradually restored), main phone lines remained down, and key functions such as generating new utility bills and accessing utility/tax account information were unavailable. Online public/police record requests and background checks were paused, and the city relied on backup processes while working with third-party specialists to investigate and restore systems. Preliminary findings indicated some city employee information may have been affected, but the investigation had not determined what personal information (if any) was impacted.
• Nissan Creative Box Inc. (Design Studio) August 16, 2025 • [ ransomware, malware, automotive ] Nissan Creative Box, a Tokyo-based Nissan design subsidiary, confirmed unauthorized access on August 16, 2025. Qilin ransomware claimed exfiltration of about 4 TB of sensitive intellectual property and design files, releasing samples as proof and threatening full disclosure. No encryption of systems has been reported.
• Bragg Gaming Group August 16, 2025 • [ hack ] Hackers gained unauthorized access using what appeared to be valid credentials into internal systems of Bragg Gaming Group. The incident was contained quickly with no disruption to operations and no evidence of customer or partner data compromise.
• TPG Telecom (iiNet) August 16, 2025 • [ leak, technology ] TPG Telecom confirmed extraction of those contact and setup details, no financial or ID documents exposed, incident response activated, external cybersecurity teams engaged, customers being notified.
• Data I/O Corporation (electronics manufacturing) August 16, 2025 • [ ransomware, misconfiguration, manufacturing ] Ransomware incident on August 16 due to third-party firewall vulnerability disrupted internal and operational systems. Contained and fully remediated by September 4 with no customer impact or data theft; remediation cost ~$180K against $300K in annual savings. Actor remains unknown.
• Arch Linux Project August 16, 2025 • [ hack, ddos, technology ] The Arch Linux Project has been under a sustained, volumetric Layer 3/4 DDoS attack since approximately August 16, 2025, impacting its main website, Arch User Repository, and forums. Mitigation tactics such as SYN authentication, rate limiting, and mirror redirects are in use; attacker identity remains unknown.
• NGB 3rd Technical Surveillance Bureau (Kimsuky) August 15, 2025 • [ hack, leak, government ] Kimsuky, a DPRK-linked hacking group, was itself breached in Aug 2025; attackers exfiltrated and leaked internal communications, victim lists, source code, and operational tools. Attribution remains unclear but likely political/strategic in nature.
• Hitachi Energy August 15, 2025 • [ ransomware, malware, manufacturing ] Warlock ransomware group claimed responsibility for breaching Hitachi Energy in mid-August 2025, exfiltrating sensitive employee and corporate data and encrypting systems. Disruption lasted several days before partial recovery.