Harbor (Ohio mental health and substance use provider)
July 25, 2025
•[ leak, healthcare ]
An unauthorized actor accessed Harbors network between July 25 and August 1, 2025, and exfiltrated files containing patient, employee, and board member information. The organization disclosed the breach on September 30, 2025.
Hello Cake
July 25, 2025
•[ leak, healthcare ]
In July 2025, the sexual healthcare product maker Hello Cake suffered a data breach. The data was subsequently posted on a public hacking forum and included 23k unique email addresses along with names, phone numbers, physical addresses, dates of birth and purchases.
Tea App
July 25, 2025
•[ data leak, misconfiguration ]
Tea, a women-focused dating and safety app, suffered a breach via a misconfigured Firebase storage bucket, exposing ~72,000 images and up to 1.1M private DMs, later leaked on 4chan; users who signed up before Feb 2024 were affected.
City of Saint Paul, Minnesota
July 25, 2025
•[ cyberattack, government, service disruption ]
A cyberattack on Saint Paul led to widespread service disruptions; Minnesota activated the National Guard to support response and recovery.
Polish Air Navigation Services Agency (PANSA)
July 25, 2025
•[ cyberattack, sabotage, service disruption ]
Polish authorities opened an investigation into potential sabotage affecting air traffic control systems; disruptions triggered review of cyber causes.
Orange
July 25, 2025
•[ data breach, service disruption ]
Orange detected a breach of one information system on July 25; isolating affected services caused disruptions for some business and consumer services in France. Company reports no evidence of data exfiltration as of reporting.
Cisco.com Registered Users
July 24, 2025
•[ social, phishing, technology ]
A voice phishing (vishing) call tricked a Cisco representative into granting access to a third-party CRM system on July 24, 2025. Attackers exfiltrated basic profile information of Cisco.com users (names, emails, phones, addresses, account metadata). No passwords or sensitive data affected; actor remains unknown. Breach discovered by August 5, 2025.
Curaçao Tax & Customs Administration
July 24, 2025
•[ ransomware, malware, government ]
Ransomware attack on July 24, 2025 encrypted and paralyzed systems of Curaaos Tax & Customs Administration, disabling counters, phone lines, and internal operations. Online tax filing remained active. Services restored by August 4. No perpetrator identified; no data exfiltration reported.
Brightstar Lottery Group
July 24, 2025
•[ hack ]
Unauthorized access to Brightstar Lottery Groups corporate network occurred July 24 2025 and was discovered July 25 2025. The Rhode Island-based vendor notified affected individuals in September after confirming that roughly 550 Connecticut residents personal information was compromised. No operational disruption or encryption reported.
Sotheby’s
July 24, 2025
•[ data leak ]
Breach detected July 24; investigation found SSNs and financial details impacted employees
North St. Paul Police Department
July 23, 2025
•[ phishing, government, hack ]
A phishing email compromised a single business email account in the North St. Paul Police Department around July 23 2025. The incident was swiftly contained with no service disruption and no confirmed data exfiltration, though data compromise is being investigated. Disclosed August 5 2025.
Joint Court of Justice (Dutch Caribbean)
July 23, 2025
•[ hack, malware, government ]
A malware infection on July 23, 2025 forced the shutdown of the Joint Court of Justices entire IT network across six islands. Judicial case management, filings, and email were fully disrupted until restoration began around July 28. No group has claimed responsibility; no data exfiltration confirmed.
POST Luxembourg (national telecommunications infrastructure)
July 23, 2025
•[ cyberattack, outage, critical infrastructure ]
Cyberattack targeting Huawei telecommunications equipment caused a nationwide outage of 4G and 5G mobile networks in Luxembourg, disrupting emergency services, internet access, and electronic transactions for several hours.
Naval Group
July 23, 2025
•[ data leak, extortion ]
Threat actor leaked 1TB of alleged Naval Group data after an extortion attempt. Naval Group says no intrusion confirmed and operations unaffected.
Leading fixed-line operators in Crimea
July 23, 2025
•[ ddos ]
Distributed denial-of-service (DDoS) attack disrupted major fixed-line telecommunications operators across Crimea for several days, causing intermittent outages for subscribers; mitigation measures underway.
AMEOS Group
July 22, 2025
•[ data leak ]
AMEOS disclosed a security incident and took IT systems offline while investigating possible data exposure of patient, employee, and partner data.
UK Ministry of Defence (Special Air Service personnel)
July 21, 2025
•[ data leak ]
Army ordered an immediate review after media reports that identities of at least 20 SAS soldiers were publicly available online; follows earlier MoD ARAP leak revelations.
Schools in Shropshire (11 schools)
July 21, 2025
•[ ransomware ]
Local council committee informed that a ransomware cyberattack impacted 11 schools in Shropshire.
Pandora (jewelry retailer)
July 20, 2025
•[ leak, retail ]
Pandora confirmed that a third-party vendor holding marketing/customer data was compromised, exposing PII of around 30,000 individuals; no passwords, financial, or payment data stolen.
Waveny LifeCare
July 20, 2025
•[ data leak ]
A cyber intrusion in July 2025 exposed resident and patient data from Waveny LifeCares network; no encryption or quantitative data reported, actor unconfirmed.
