Full List

Search

Recent Breaches

• CareCloud March 16, 2026 • [ unauthorized access, service disruption, electronic health record ] An unauthorized third party temporarily accessed part of CareCloud Health and partially disrupted functionality and data access in one electronic health record environment before service was restored the same evening.
• Roan and Eurocamp March 16, 2026 • [ data breach, phishing, supply chain attack ] Roan and Eurocamp disclosed that an unauthorized third party exploited a vulnerability in a third-party technology provider on March 16, 2026 and stole guest booking data later used in WhatsApp scam attempts; no encryption was reported.
• COMPAS (French Ministry of Education) March 15, 2026 • [ data leak, intrusion, personal information ] An intrusion into the French Education Ministry's COMPAS system exposed personal information linked to approximately 243,000 trainees and permanent education staff.
• Intoxalock March 14, 2026 • [ cyberattack, denial of service, DDoS ] DataBreaches summarized local reporting that a cyberattack shut down Intoxalocks nationwide breathalyzer interlock system, preventing affected drivers from starting vehicles because server-side systems were down. Intoxalock stated hackers were flooding its servers to stop them from functioning. The outage affected device-related services such as installations, removals, calibrations, and account access across 46 states. The company stated user data was secure and did not disclose whether a ransom demand was made; no public claim of responsibility was noted at publication.
• Divine Skins March 13, 2026 • [ data breach, unauthorised access, data leak ] In March 2026, the League of Legends custom skins service Divine Skins suffered a data breach. The incident was disclosed via the service's Discord server, where Divine Skins stated that an unauthorised third party accessed part of its systems, deleted all skins from the database and exposed email addresses and usernames. The data also contained a history of purchases made by users.
• Dekalb County March 13, 2026 • [ ransomware, email disruption, inmate booking systems ] A ransomware attack hit the DeKalb County Sheriffs Department and jail in Smithville, Tennessee, disrupting email and inmate booking systems. Officials said the booking program suddenly stopped during an intake early Friday morning, and the sheriff indicated the main server controlling departmental email and booking software (and other functions) was affected. The report did not specify the ransomware group, the intrusion vector, whether data was stolen, or how long services would remain disrupted.
• Romanian Ministry of Foreign Affairs March 13, 2026 • [ DDoS, cyberattack, service interruption ] Romanias Ministry of Foreign Affairs stated that a distributed denial-of-service (DDoS) attack targeted the eviza.mae.ro and econsulat.ro platforms on the afternoon of March 13 and into the start of the night of March 14, 2026. MAE said protective equipment and specialists significantly reduced the impact and that systems were functioning normally afterward. The ministry stated DDoS attacks do not imply data compromise and that no sensitive information was accessed, but services were slowed and briefly inaccessible.
• Companies House March 13, 2026 • [ data leak, PII exposure, broken access control ] Computer Weekly reported Companies House pulled its WebFiling service offline on Friday, March 13, 2026 after a security issue was discovered that exposed certain data to other logged-in users with an authorized code. Companies House said exposed data included dates of birth, residential addresses, and company addresses, and that it may have been possible to perform unauthorized actions such as changing directors or filing accounts. It stressed that credentials and identity verification data (e.g., passport information) were not exposed and that existing filed documents could not be altered. WebFiling was restored by Monday, March 16, and Companies House urged companies to review filings and report anomalies.
• Duffy’s Sports Grill March 13, 2026 • [ ransomware, system disruption, payment systems ] Duffys Sports Grill experienced system problems that disrupted card payments and its MVP rewards program at some Florida locations; outside reporting said Qilin claimed responsibility, but no data theft was confirmed publicly.
• Crunchyroll March 12, 2026 • [ data breach, data leak, PII ] In March 2026, the anime streaming service Crunchyroll suffered a data breach alleged to have impacted 6.8M users. The exposed data is reported to have originated from the company's Zendesk support system where "name, login name, email address, IP address, general geographic location and the contents of the support tickets" were exposed. A subset of 1.2M email addresses from an alleged 2M record dataset being sold was later provided to HIBP.
• Telus Digital March 12, 2026 • [ Data breach, Credential theft, Cloud security ] Telus Digital confirmed a security incident after ShinyHunters claimed it stole nearly 1 petabyte of data in a multi-month breach. Reporting stated ShinyHunters said it gained initial access using Google Cloud Platform credentials found in data stolen in the Salesloft/Drift breach, and that Telus was not negotiating. At publication, Telus Digital had not been added to the actors leak site in the cited report, and specific data categories and affected individuals were not publicly enumerated in the DataBreaches summary.
• England Hockey March 12, 2026 • [ ransomware, data leak, extortion ] England Hockey said it is investigating after the AiLock ransomware group listed the organization on its leak site and claimed it stole 129GB of data. England Hockey stated it is working with internal teams and external experts to determine what occurred. Public reporting did not confirm encryption or service disruption; the confirmed effect at reporting time was a data-theft/extortion claim under investigation.
• An undislcosed organization March 12, 2026 • [ ransomware, social engineering, data theft ] IBM X-Force described a case where a threat actor remained on a compromised server for more than a week and stole data during an Interlock ransomware intrusion. The attack began with ClickFix social engineering and later deployed a PowerShell backdoor called Slopoly (likely AI-assisted), alongside other components such as NodeSnake and InterlockRAT. The article is a case-study/campaign description and does not name the victim organization or quantify the affected records beyond describing persistence and data theft.
• Iraqi Ministry of Foreign Affairs email account March 12, 2026 • [ cyber espionage, phishing, intelligence collection ] Proofpoint reported a surge in Iran-linked and conflict-themed cyber espionage activity targeting governments, diplomats, and organizations across the Middle East, often using compromised government email accounts to deliver phishing lures and collect intelligence. Check Point analysis cited overlaps between Iran-linked actors (including MuddyWater and Void Manticore/Handala) and cybercrime tools and infrastructure. This is campaign-level reporting without a single named victim incident and bounded primary-effect metrics.
• Crunchyroll March 12, 2026 • [ data leak, malware, third-party risk ] The Record reported an unidentified threat actor claimed to have breached a Telus employee account in India (a business process vendor for Crunchyroll with access to support tickets). The attacker said they infected the employee device with malware and stole about 100GB of data from Crunchyrolls ticketing system. The outlet reported samples included IP addresses, email addresses, and other information related to customer service tickets. Screenshots showed access to Crunchyrolls platforms including Slack, Zendesk, and Google Workspace; the hacker claimed the breach occurred on March 12, 2026 and that access was revoked within 24 hours.
• Verifone March 11, 2026 • [ hacktivism, data breach claim, cyber attack ] Cybernews reported that the pro-Iranian hacktivist group Handala claimed it attacked two US multinationals with ties to Israelpayments firm Verifone and medical technology firm Strykerframing the actions as retaliation. Verifone denied the breach claims. The article describes actor claims and escalation risk, but does not provide independently verified evidence of successful compromise or confirmed stolen data for either company in the reporting.
• Michelin March 11, 2026 • [ data breach, zero-day exploitation, hacking campaign ] Michelin confirmed it was impacted by the Oracle E-Business Suite (EBS) hacking campaign, which SecurityWeek reports was claimed by Cl0p and involved exploitation of an Oracle EBS zero-day. Michelin stated that hackers accessed some files, but said only a small, localized volume of data was affected and it contained no sensitive or technical IT information; the company also said there was no ransomware and no impact on its global systems, and that corrective actions were effective. SecurityWeek reported the cybercriminals publicly released more than 315GB of archives allegedly stolen from Michelin, with a file-tree review indicating at least some data originated from an Oracle EBS environment.
• Trio-Tech subsidiary March 11, 2026 • [ ransomware, encryption, data breach ] The Record reported that Trio-Tech International told regulators its subsidiary in Singapore suffered a ransomware attack discovered on March 11, 2026. The filing said the attack led to encryption of files within the subsidiarys network. Trio-Tech took the network offline, notified law enforcement in Singapore, and hired cybersecurity experts to respond. The company said it was still restoring systems and that it was unclear what data may have been taken, but that the subsidiary was in the process of notifying affected parties.
• Albania’s parliament March 10, 2026 • [ cyberattack, email disruption, system compromise ] The Record reported Albanias parliament said it was targeted by a sophisticated cyberattack intended to delete data and compromise internal systems. Parliament stated its main systems and website remained operational, but internal email services used by the parliamentary administration were temporarily suspended, disrupting both incoming and outgoing communications. Local media reported staff and lawmakers could not access computers and email systems for several hours. The report does not confirm data theft; the confirmed primary effect is temporary internal email disruption.
• Loblaw March 10, 2026 • [ data breach, unauthorized access, customer information ] Canadian retailer Loblaw disclosed a data breach after a criminal third party accessed basic customer information. The company said the accessed data included names, email addresses and phone numbers. Loblaw stated its investigation indicated passwords, health information, and credit card data were not compromised, and PC Financial was not impacted. The company did not provide the number of affected customers, the intrusion vector or evidence of ransomware. The confirmed primary effect is unauthorized access to limited customer contact information.