Full List

Search

Recent Breaches

• Doctors Hospital at Renaissance, Ltd. (DHR Health) May 15, 2025 • [ data leak, healthcare ] Doctors Hospital at Renaissance (DHR Health) notified the U.S. Department of Health & Human Services that it had experienced a data breach impacting sensitive personal and protected health information. An unauthorized party accessed systems storing patient records, potentially exposing names, Social Security numbers, clinical details, and insurance data for an undisclosed number of individuals. The hospital has since notified the Texas Attorney General and begun mailing breach letters, while law firm investigators explore potential compensation claims for patients whose information may be at heightened risk of identity theft and medical fraud.
• PDI Health May 14, 2025 • [ ransomware, leak, malware ] On May 14, 2025, PDI Health discovered a cyberattack when the Everest ransomware group infiltrated its internal systems and exfiltrated sensitive patient records. The group leaked samples and claimed responsibility on the dark web, revealing more than 373,000 records stolen. No evidence of encryption or service disruption was confirmed.
• Kurdish forces May 14, 2025 • [ espionage, vulnerability, zero-day ] Turkey-linked espionage operators exploited a zero-day in Output Messenger to surveil Iraq-based Kurdish forces, collecting communications and device data; Microsoft attributed the activity to a Turkey-aligned group focused on intelligence collection.
• Weis Markets May 14, 2025 • [ payment card theft, data leak ] Weis Markets completed its investigation and reported skimmers at multiple locations capable of capturing payment card track and PIN data; notices published to customers.
• Cellcom May 14, 2025 • [ cyberattack, service outage ] Cellcom confirmed a cyberattack caused widespread service outages impacting voice and SMS for customers in Wisconsin and Upper Michigan.
• Nucor Corporation May 14, 2025 • [ cybersecurity incident, operational disruption ] Nucor reported a cybersecurity incident and took parts of its network offline as containment, causing operational disruptions and delays.
• House of Dior May 14, 2025 • [ data leak ] Dior disclosed that an external party accessed a customer database in May; later breach notices warned affected customers about exposed personal data.
• Central Point School District 6 May 14, 2025 • [ data breach, unauthorized access ] The Oregon district reported unauthorized access to its digital systems on May 14 and isolated affected systems while law enforcement and external experts investigated. No confirmed data types or quantities were disclosed at the time of reporting.
• State of Alabama May 13, 2025 • [ service disruption, government ] Alabama announced a cybersecurity event and warned of possible website or service disruptions. Subsequent updates indicated limited impact with no specific primary effect confirmed.
• CCTV Pelintas, City of Pematangsiantar May 13, 2025 • [ website defacement ] City communications said a cyberattack began at 14:42 WIB on May 13, redirecting the public CCTV site to a gambling page; mitigation completed the same day with services restored after SSL propagation.
• Multiple Indian websites May 13, 2025 • [ cyberattack, hacktivism ] Maharashtra Cyber/press reports said Pakistan-allied hackers launched ~1.5 million attacks with ~150 successes.
• Central Coalfields Limited May 13, 2025 • [ website defacement, service disruption ] Indian media reported a breach at Coal India subsidiary CCL with a defacement message left on the official site and disruption while systems were secured. Officials worked to restore functionality.
• Tiffany & Co May 12, 2025 • [ leak, retail ] Tiffany determined on 09/09/2025 that an unauthorized party accessed gift cardrelated customer data from an incident occurring ~05/12/2025; 2,590 customers affected; exposed data include PII and gift card number + PIN; separate earlier Korea/vendor incident noted but relation unclear.
• Service public de Wallonie May 12, 2025 • [ government, unknown ] Belgian media reported a cyberattaque at SPW but authorities said the attackers objective is unknown and there was no evidence of massive data exfiltration at the time.
• Kerala State Film Development Corporation (KSFDC) May 12, 2025 • [ data leak, insider threat, surveillance ] Reporting described a major cybersecurity breach in which CCTV footage recorded inside government-owned theatres in Thiruvananthapuram (Kairali, Sree, and Nila) appeared on pornographic websites and then spread via Telegram/X and other channels. The leaked clips visibly displayed the KSFDC logo on seats, strongly indicating the source. Authorities opened a high-level inquiry and a cyber-cell investigation, with officials considering possibilities including insider misuse by staff with access to surveillance systems or an external intrusion into the CCTV network. No specific perpetrator, intrusion method, or exact timeframe for initial compromise was provided, but the incident resulted in non-consensual exposure of surveillance video of patrons.
• Rochester Public School listserv May 12, 2025 • [ misconfiguration, insider threat, email abuse ] Rochester School District officials reported that students and staff were bombarded with sexually explicit and threatening emails after a student exploited a misconfiguration in an email distribution list. The distribution list had been inadvertently configured with broader permissions than intended, allowing a student to send an unauthorized mass message to a large number of student accounts across grade levels. The districts technology team worked to identify the source, recall the messages, and correct the permission setting; students were then blocked from sending to distribution groups. The incident primarily affected communications integrity and student safety, rather than causing extended operational downtime.
• RTCG portal May 12, 2025 • [ ddos ] RTCG reported its news portal was hit by a series of DDoS attacks that made the site unavailable to users for a period during the evening. RTCG technical teams worked to repel the attacks so the portal could return online. The report characterized this as part of a broader pattern of attacks against the public broadcasters online services in recent years. No data theft was reported; the impact described was temporary loss of availability.
• Government of India websites May 10, 2025 • [ cyberattack ] Maharashtra Cyber reported cross-border attempts to target Indian government websites amid tensions.
• Anchorage Neighborhood Health Center May 9, 2025 • [ leak, healthcare ] Anonymous group claims theft of ANHC patient records (10k, later 60k); FBI aware; at least one patient contacted with personal data. ANHC initiated investigation and took systems offline; scope/details pending.
• SonicWall May 9, 2025 • [ hack, brute-force, technology ] Threat actors brute-forced the MySonicWall portal and accessed cloud backup firewall preference files for a subset of customers (<5%). SonicWall terminated access, issued Essential Credential Reset guidance, and involved law enforcement. Risk centers on reuse of secrets/config intelligence for follow-on compromises.