Full List

Search

Recent Breaches

• Artists&Clients August 31, 2025 • [ ransomware, leak, technology ] In August 2025, the "marketplace that connects artists to prospective clients" Artists&Clients, suffered a data breach and subsequent ransom demand of US$50k. The data was subsequently leaked publicly and included 95k unique email addresses alongside usernames, IP addresses and bcrypt password hashes.
• University of Hawaii Cancer Center August 31, 2025 • [ ransomware, data breach, Social Security numbers ] The University of Hawaii Cancer Center disclosed an August 2025 ransomware incident in which attackers gained unauthorized access to its network, encrypted files, and stole research files containing patient-related information. Reporting indicates the intrusion was discovered on or around August 31, 2025, after which affected servers were isolated and an investigation began. The Cancer Center stated its electronic medical record system was not impacted, but research datasets were affected and a subset of older records included Social Security numbers because they were historically used as identifiers in the 1990s. Due to the sensitivity of the data and the extent of encryption, the organization engaged external experts, obtained a decryption tool, and reported paying a ransom in exchange for a claimed promise by the attackers to delete stolen data, while continuing longer-term recovery and security hardening.
• Artists&Clients August 30, 2025 • [ ransomware, leak, technology ] LunaLock breached Artists&Clients around Aug 30, encrypting and stealing data. They demanded $50K payment, threatening to expose data publicly and submit artworks to AI training datasets if unpaid.
• Wealthsimple August 30, 2025 • [ hack, misconfiguration, finance ] A third-party software component was compromised, leading to unauthorized access to sensitive data of a small subset of Wealthsimple clients. Accounts and funds remained secure. Incident was rapidly contained and clients notified.
• Vibra Hospital of Sacramento August 30, 2025 • [ data leak, PHI ] Attack on Vibra Hospital of Sacramentos network occurred between August 30 and September 5, 2025. The breach exposed protected health information, including medical and insurance details but no financial or Social Security data. No ransomware or encryption occurred, and no threat group has publicly claimed responsibility.
• Federal Emergency Management Agency (FEMA) August 29, 2025 • [ hack, insider, misconfiguration ] DHS revealed on Aug 29, 2025 that a threat actor gained unauthorized access to FEMAs IT systems by exploiting unpatched vulnerabilities, outdated protocols, and lack of multi-factor authentication. No citizen data was stolen or exfiltrated. As a result, 24 FEMA IT employees, including the CIO and CISO, were terminated for negligence in cybersecurity oversight.
• Jaguar Land Rover August 29, 2025 • [ ransomware, malware, manufacturing ] Jaguar Land Rover faced a severe disruption to retail and production operations after a ransomware attack forced the automaker to shut down systems proactively.
• Kerrville Independent School District August 29, 2025 • [ ransomware, malware, education ] Qilin ransomware group infiltrated Kerrville ISD systems, accessed and copied sensitive personnel and student information. District secured its network, reported to FBI, and provided credit protection to affected individuals.
• Sinqia August 29, 2025 • [ financial, hack, finance ] On Aug 29, 2025, attackers used stolen vendor credentials to breach Sinqia's access to Brazils Pix system, attempting $130M in fraudulent transfers. Immediate action halted operations; some funds recovered. No data breach occurred.
• Personic Management Company LLC d/b/a Personic Health August 29, 2025 • [ data leak, healthcare, third-party breach ] Healthcare management firm Personic Management Company (Personic Health) reported that an unauthorized actor accessed a third-party software platform used to process patient information on August 29, 2025. The intrusion, discovered on September 1, enabled the attacker to obtain data containing patients names and associated protected health information from Personic-affiliated providers. After engaging external cybersecurity experts and notifying law enforcement, Personic filed breach notices with state regulators and began sending letters to impacted individuals, warning them about identity-theft risks and the potential misuse of their medical data.
• Personic Management Company LLC August 29, 2025 • [ data leak, unauthorized access, third-party breach ] Personic reported unauthorized activity affecting a third-party software platform it used to process patient information. The company stated it became aware of the issue on September 1, 2025, and an investigation concluded an unauthorized actor accessed the platform on August 29, 2025 and obtained certain data. The public notice stated the impacted data may include names and protected health information. Personic reported filing a notice with the Maine Attorney Generals office and beginning notification of impacted individuals on November 18, 2025.
• Conifer Value-Based Care, LLC August 28, 2025 • [ business email compromise, data leak ] Conifer Value-Based Care, LLC disclosed unauthorized access to a Microsoft 365 business email account on August 2829, 2025. The incident may have exposed personal and health-related information contained in emails. Core systems were not compromised and the account was secured after discovery.
• Surbhi Chandna Productions August 27, 2025 • [ hack ] Surbhi Chandnas official production accounts were hacked, disrupting operations and delaying the release of her upcoming production. The breach caused reputational and scheduling setbacks but no personal or customer data theft was reported.
• Salesloft August 26, 2025 • [ hack, technology ] Breach of Salesloft allowed attackers to steal OAuth tokens, which were then used to access Salesforce data across hundreds of customer organizations, including major tech and cybersecurity companies.
• West Chester Township August 26, 2025 • [ leak, government ] Claimants say ~2 TB of personal information (residents & employees) stolen, email server targeted and isolated; systems taken offline as precaution, critical services (e.g., 911) unaffected; FBI and IC3 engaged.
• Auchan August 26, 2025 • [ hack, retail ] French retailer Auchan suffered a cyberattack that resulted in unauthorized access to loyalty account data of several hundred thousand customers, including names, postal and email addresses, phone numbers, and loyalty card numbers. Financial data such as banking details, passwords, and PINs were not compromised. Auchan notified affected individuals, deactivated cards, and reported the breach to CNIL.
• Github August 26, 2025 • [ hack, leak, malware ] Malicious versions of Nx packages on npm deployed AI-powered "telemetry.js" malware to harvest credentials and secrets via AI-assistant agents. Data exfiltrated to public GitHub repos. Widespread impact on developer workstations and CI systems.
• Maryland Transit Administration (MDOT) August 26, 2025 • [ ransomware, malware, government ] Attack by Rhysida ransomware group disrupted Maryland Transit Administrations MobilityLink systems and exfiltrated internal and personal data. Group demanded 30 BTC ransom.
• Unity Technologies (SpeedTree website) August 26, 2025 • [ payment skimmer, data leak ] A malicious payment skimmer was injected into the checkout page of Unity Technologies SpeedTree website, harvesting customer payment and personal data. The compromise, discovered on August 26 2025, affected 428 individuals according to regulatory filings. Impacted users were offered identity protection and credit monitoring.
• Marshfield Clinic Health System August 26, 2025 • [ data leak ] Marshfield Clinic Health System reported that an unauthorized party accessed certain systems on August 26 and may have viewed personal and clinical information; the organization noted no operational disruption, no misuse evidence, and no confirmed actor attribution.