99 Cents Only Stores (data linked to Dollar Tree acquisition context)
July 30, 2025
•[ ransomware, data leak ]
HackRead reports INC claimed 1.2TB of Dollar Tree data; company statements elsewhere indicate samples match data tied to defunct 99 Cents Only Stores.
Origin Energy
July 30, 2025
•[ insider threat, data leak ]
Encrypted credit/debit card details for 732 customers (plus associated account data) exfiltrated to a personal email account on the employees last day; company disclosed the insider-led breach and began notifications.
JFS Wealth Advisors LLC
July 30, 2025
•[ email compromise, data leak ]
An unauthorized third party accessed a JFS Wealth Advisors corporate email account between July 30 and August 19, 2025, viewing messages containing names and Social Security numbers. JFS secured the account, investigated with third-party experts, and filed notice with state authorities.
City of Erfurt
July 29, 2025
•[ ddos ]
Welt reports the city of Erfurts website was temporarily paralyzed by a cyber incident, likely DDoS-related.
Sesame Workshop (Elmo account)
July 29, 2025
•[ account takeover ]
Sesame Workshop said it regained control of the Elmo X account after it was hijacked and used to post racist content; company apologized and removed the posts.
Undisclosed Canadian electric utility
July 29, 2025
•[ cyberattack, service disruption, critical infrastructure ]
Canadian utility reported a cyberattack that disrupted smart/power meters and required onsite remediation to restore accurate billing and service.
Undisclosed gaming mouse manufacturer (download site)
July 29, 2025
•[ malware, supply chain attack ]
PCWorld reports a gaming mouse vendors download page hosted malware for weeks, infecting users who downloaded driver/software packages.
Belk, Inc.
July 29, 2025
•[ ransomware ]
Ransomware group INC claimed an attack on Belk; the retailer's confirmation and scope had not been disclosed at report time.
Air France/ KLM
July 28, 2025
•[ leak ]
In August 2025, KLM confirmed that a third-party customer service system it used had been breached, exposing passenger data. The stolen information included names, contact details, and travel information of customers, though no internal KLM operational or financial data was reported compromised. The airline did not disclose how many individuals were affected, but emphasized that flight operations were not disrupted.
Pi-hole (donations site)
July 28, 2025
•[ phishing, misconfiguration, technology ]
Donor names/emails shown in page source due to GiveWP plugin flaw; donors began reporting phishing on July 28; Pi-hole post-mortem confirms exposure and no payment data affected.
TransUnion
July 28, 2025
•[ hack, misconfiguration, finance ]
Unauthorized access via third-party contractor application used in U.S. consumer support operations enabled viewing and copying of files.
Albavision (Albavisión)
July 28, 2025
•[ ransomware, data leak, business disruption ]
GlobalGroup ransomware group alleged breach and data theft at media giant Albavision affecting broadcast operations, with data samples posted.
Aeroflot
July 28, 2025
•[ hacktivism, data leak, data destruction ]
Two hacktivist groups claim to have gained access to 122 hypervisors, 43 ZVIRT virtualization installations, approximately 100 iLO interfaces used for server management, and four Proxmox clusters. They say they exfiltrated all databases from flight history and employee workstations (including of top executives), wiretapping servers containing phone call recordings, and personnel monitoring systems. Claim to have wiped 7,000 physical and virtual servers hosting 12TB of databases, 8TB of Windows Share files, and 2TB of corporate email. Resulted in the cancellation of more than 60 flights and severe delays on additional flights.
Gloucester County, Virginia
July 27, 2025
•[ ransomware ]
Gloucester County reported responding to a ransomware attack that impacted county systems and public access to some services.
City of Nitro, West Virginia
July 26, 2025
•[ data leak ]
Following a data breach, Nitro city employees faced uncertainty over tax withholdings and filings; investigation ongoing and guidance pending.
Everglades Correctional Institution (Florida Department of Corrections)
July 26, 2025
•[ data leak, exposed PII ]
Personal contact information from visitor applications at Everglades Correctional Institution was exposed to all inmates at the facility after a breach reported the prior weekend.
Chanel
July 25, 2025
•[ social, retail ]
Threat actors accessed Chanels Salesforce-hosted database at a third-party provider via social-engineering/OAuth tactics; data theft detected July 25, 2025; U.S. customer contact details exposed; no operational disruption reported.
Government servers of Russian-occupied Crimea
July 25, 2025
•[ hack, government ]
Ukraines military intelligence agency said it hacked into government servers in Russian-occupied Crimea that allegedly contained evidence of Russias forced deportation of Ukrainian children from occupied territories.
Parliament of Aruba
July 25, 2025
•[ hack, government ]
Parliamentary email systems in Aruba were hacked in late July 2025, compromising official accounts. The attack affected email communications but did not disrupt broader parliamentary operations. No attribution or data theft has been confirmed.
Harbor Behavioral Health
July 25, 2025
•[ leak, healthcare ]
Harbor reported that suspicious activity was identified on Aug 1, 2025; investigation determined an unauthorized party accessed and took files from the network between late July and Aug 1. Notifications were issued Sept 30; no encryption or operational disruption reported.
