Full List

Search

Recent Breaches

• IMDataCenter July 15, 2025 • [ leak, hack, misconfiguration ] Unsecured AWS S3 bucket exposed ~38GB of records; hacker downloaded ~75GB, including ~20M emails, ~37M phone numbers, 50k SSNs/DOBs; affects multiple industries (healthcare, airlines, universities, dealerships). Bucket later secured; lawsuits pending.
• Haskar Integration (Russian military drone supplier) July 15, 2025 • [ data destruction, hacktivism, military ] Ukrainian cyber operators claimed access and subsequent wiping of 47TB of technical data from Haskar Integration, a major supplier to Russian forces; backups also deleted.
• Aunt Martha’s Health and Wellness July 15, 2025 • [ data leak ] Attackers accessed patient and employee information in July 2025; data exfiltrated but no encryption, actor attribution, or quantity of records reported.
• One undisclosed university in the United States July 15, 2025 • [ espionage, vulnerability exploitation, malware ] China-linked operators abused CVE-2025-53770 (ToolShell) weeks after Microsofts July patch to gain initial access at a telecom, escalate privileges (e.g., PetitPotam), harvest credentials, and deploy ShadowPad/Zingdoor/KrustyLoader for persistent espionage against telecom and government networks. Primary effect was covert access and collection, not service outage.
• Albemarle County, Virginia July 15, 2025 • [ ransomware, data leak ] Albemarle County said a specific ransomware group was responsible for a July attack that disrupted services and potentially accessed internal records.
• Undisclosed European telecommunications company July 15, 2025 • [ espionage, vulnerability exploitation, malware ] China-nexus operators breached a telecom by exploiting an edge service (e.g., NetScaler/SharePoint), then established persistence with SnappyBee-family tooling, harvested credentials and moved laterally to support systems for intelligence collection. No service interruption reported; primary effect is covert access and data staging.
• The TEAM Companies July 15, 2025 • [ data leak ] TTC reported a security incident on its internal network and an investigation found that an unauthorized third party accessed internal systems during the window 07/15/202507/26/2025. TTC later began sending notification letters to affected individuals. The incident involved exposure of personal information and protected health information as described in the notice summary.
• Ohio Medical Alliance (Ohio Marijuana Card) July 14, 2025 • [ leak, misconfiguration, healthcare ] Unsecured database exposed sensitive records of an estimated 30,00040,000 Ohio medical cannabis patients. Data included names, addresses, phone numbers, email addresses, medical marijuana card numbers, state ID numbers, and medical information. The database was discovered on July 14, 2025, by a security researcher and secured on July 15; no evidence of ransomware or encryption was found.
• WineLab (Novabev Group) July 14, 2025 • [ ransomware ] Ransomware attack shutdown 2041 WineLab stores and online services across Russia.
• Seoul Guarantee Insurance (SGI) July 14, 2025 • [ ransomware ] Ransomware attack began early Monday; joint investigation confirmed ransomware; SGI core systems offline for third day, causing widespread confusion.
• Crenshaw Community Hospital July 14, 2025 • [ ransomware, data leak ] Ransomware group PayoutsKing claimed responsibility for a July 14 2025 attack on Crenshaw Community Hospital, exfiltrating approximately 53 GB of data; encryption was not confirmed.
• Gravity Forms (Rocketgenius) July 14, 2025 • [ vulnerability, malware ] Patchstack reported malicious code in official Gravity Forms installers affecting versions 2.9.11.1 and 2.9.12, enabling command execution on sites using the installers.
• France Travail (French public employment service) July 12, 2025 • [ data leak ] France Travail reported unauthorized access to personal data, discovered July 12; employment portal was closed for analysis; at least 340,000 job seekers impacted, third such incident in <2 years.
• Wiley Rein LLP July 12, 2025 • [ espionage, unauthorized access, state-sponsored attack ] Firm notified clients that Microsoft 365 accounts of certain personnel were accessed in an apparent intelligence-gathering operation; suspected China-affiliated group.
• Healthcare Interactive Inc. (HCIactive) July 12, 2025 • [ data leak, unauthorized access ] Healthcare Interactive Inc. (HCIactive), a benefits and insurance administration technology provider, disclosed that an unauthorized actor accessed its network and copied certain files between July 8 and July 12, 2025. Suspicious activity was detected on July 22, triggering a forensic investigation that confirmed a data breach affecting at least 501 individuals, with exposed information including names, addresses, dates of birth, Social Security numbers, contact details, and health insurance enrollment data. The company notified regulators and consumers beginning in September 2025, offered credit monitoring, and stated that it had implemented additional technical safeguards. There is no indication of significant operational disruption, but the confidentiality impact for affected individuals is substantial.
• Workday Inc. (via undisclosed third-party CRM) July 10, 2025 • [ hack, technology ] Workday disclosed in Aug 2025 that hackers accessed a third-party CRM system, stealing personal data of ~1.6M people linked to enterprise customers; core HR/payroll systems were unaffected.
• Philadelphia Corporation for Aging July 10, 2025 • [ data leak, healthcare ] A data breach at the Philadelphia Corporation for Aging allowed unauthorized access to systems between July 10 and July 25, 2025, during which personal and protected health information for 19,820 individuals was copied. PCA filed notice on November 4, 2025.
• Multiple Russian Entitites July 9, 2025 • [ financial, ddos, technology ] A DDoS attack by Ukrainian military intelligence disabling fuel payment services (fuel cards), taking down infrastructure of Rostelecom, Lukoil, KCorp, etc., causing disruption in fuel card functionality; over 700 switches and 13 servers in two data centers disabled; financial damage estimated at US$13 million.
• Coos County Family Health Services July 9, 2025 • [ data leak ] Provider reported unauthorized server access on July 9; investigation indicates possible viewing or copying of patient data.
• Flutter Entertainment (Paddy Power and Betfair) July 9, 2025 • [ data leak ] Unauthorized third-party access to Flutter Entertainments Paddy Power and Betfair systems exposed personal account data of about 800,000 users; the company contained the breach and reported no financial data compromise.