Full List

Search

Recent Breaches

• Arch Linux Project August 16, 2025 • [ hack, ddos, technology ] The Arch Linux Project has been under a sustained, volumetric Layer 3/4 DDoS attack since approximately August 16, 2025, impacting its main website, Arch User Repository, and forums. Mitigation tactics such as SYN authentication, rate limiting, and mirror redirects are in use; attacker identity remains unknown.
• Barrio Family Health Care Center August 16, 2025 • [ email compromise, unauthorized access, data leak ] KENS5 reported Barrio Comprehensive Family Health Care Center notified patients about a cybersecurity incident involving unauthorized access to employee email accounts. The clinic said it discovered the incident on Sept. 16, 2025 and later determined that up to 19,885 individuals may have been affected. The exposed information varied by individual and was contained in the compromised email accounts; the report frames the event as a successful email compromise leading to exposure of patient information.
• NGB 3rd Technical Surveillance Bureau (Kimsuky) August 15, 2025 • [ hack, leak, government ] Kimsuky, a DPRK-linked hacking group, was itself breached in Aug 2025; attackers exfiltrated and leaked internal communications, victim lists, source code, and operational tools. Attribution remains unclear but likely political/strategic in nature.
• Hitachi Energy August 15, 2025 • [ ransomware, malware, manufacturing ] Warlock ransomware group claimed responsibility for breaching Hitachi Energy in mid-August 2025, exfiltrating sensitive employee and corporate data and encrypting systems. Disruption lasted several days before partial recovery.
• Weymouth and Kingston Maurward College (Dorset College group) August 15, 2025 • [ social, phishing, education ] A phishing incident at Dorset Colleges Weymouth and Kingston Maurward campus resulted in the compromise of multiple staff email accounts around August 15, 2025. Spam was sent from affected accounts. Exposure may have included contact details of prior email correspondents. The breach was contained swiftly with minimal impact. Reported to the ICO.
• 300+ macOS end users worldwide August 15, 2025 • [ hack, malware, phishing ] Over 300 Macs were infected by the Shamos malware delivered via fake Apple Support websites shown in Google Search results. The malware bypassed macOS Gatekeeper and XProtect to steal passwords, personal notes, and cryptocurrency wallet data.
• Infoniqa August 15, 2025 • [ cyberattack, service disruption, IT security incident ] Heise reported that Infoniqa, a provider of payroll and HR software services, suffered an IT security incident described as a cyberattack that disrupted services. The companys customer communications described technical restrictions and noted that the ONE Start Cloud service was not usable, with operational alternatives offered while investigations continued. Infoniqa stated that technical restrictions were resolved by Tuesday August 12, 2025, but reporting also included claims that at least some customers were unable to use services for more than a week. Infoniqa said external cybersecurity and forensic specialists were analyzing the incident and that it was not yet able to say whether any data was leaked.
• Lotte Card August 14, 2025 • [ hack, leak, finance ] A cyber breach in mid-August 2025 led to Lotte Cards internal systems being accessed and ~1.7 GB of files stolen. Authorities ordered consumer protection measuresincluding compensation procedures and fraud monitoringwhile investigating whether sensitive customer data was impacted.
• Norway Savings Bank August 14, 2025 • [ data leak, supply chain ] Norway Savings Bank reported that a third-party data services provider suffered a security incident on August 14, 2025, allowing an external actor to access portions of its hosted environment that contained bank customer data. The breach potentially exposed personal and financial information for about 44,259 Maine residents, including identifiers and account details, although no misuse had been confirmed at the time of disclosure. The banks own systems were not directly compromised, but it engaged cybersecurity experts, reviewed transaction patterns, and began offering credit monitoring and identity-theft protection to affected customers.
• CoVantage Credit Union August 14, 2025 • [ data leak, third-party breach ] CoVantage reported a data breach originating at its third-party vendor, Marquis Software Solutions. CoVantage learned on 08/14/2025 that Marquis experienced a cybersecurity incident affecting its internal environment, and Marquis later determined that files containing CoVantage customer information had been accessed or acquired. CoVantage filed notice with the Maine Attorney General and began notifying affected individuals on 11/26/2025.
• Marquis Software Solutions August 14, 2025 • [ ransomware, data leak ] Marquis Software Solutions detected suspicious activity on Aug. 14, 2025 and determined it was the victim of a ransomware attack. An unauthorized party accessed Marquis network via a SonicWall firewall and may have acquired files from Marquis systems. Marquis stated the incident was limited to its environment (customers internal banking systems were not impacted) and that it had no evidence of misuse at the time of the notice. The potentially affected personal information for Maine residents includes names, addresses, phone numbers, Social Security numbers/TINs, dates of birth, and financial account information without security/access codes.
• Industrial Credit Union of Whatcom County August 14, 2025 • [ data leak, third-party breach ] Industrial Credit Union of Whatcom County reported a data breach stemming from a security incident at a third-party communication delivery vendor that provides print and email services to financial institutions; the credit union stated its own systems were not breached. The potentially impacted data includes names, dates of birth, Social Security numbers, and financial/banking information. The credit union filed notice with the Washington State Attorney Generals office and began sending notification letters to impacted individuals on Nov. 26, 2025. Public reporting linked this incident to the Marquis Software Solutions vendor intrusion detected on Aug. 14, 2025.
• Box Elder County Government (Utah) August 13, 2025 • [ ransomware, malware, government ] Box Elder County was hit by a ransomware attack by the gang Interlock around August 13, 2025. Authorities confirmed the domestic breach disrupted operations; attackers released over 2 million stolen government files including law enforcement records, homicide case details, jail videos, and digital credentials. The FBI, Utah State Bureau of Investigation, and State Cyber Crimes Task Force are investigating.
• Rochester Schools (IN) August 13, 2025 • [ hack, education ] Investigation ongoing; small group of staff email accounts impacted.
• Austrian Federal Ministry for European and International Affairs (Foreign Ministry) August 13, 2025 • [ hack, government ] The Austrian Foreign Ministry reported a suspected data breach affecting its travel registration service and public website systems. Online services were shut down as a precaution, but as of the latest reporting no confirmation has been given on the quantity or type of data stolen, and no actor has been identified.
• Colt Technology Services August 12, 2025 • [ ransomware, leak, hack ] On August 12, 2025, Colt Technology Services experienced a cyberattack on internal support systems. The Warlock ransomware group stole and leaked up to 1 million documents, including employee salary information, customer contracts, network designs, and internal emails. Colt reported that customer-facing portals such as Colt Online and Voice API were taken offline proactively as a containment measure, not because of attacker disruption or encryption.
• F.C. Copenhagen live stream (Champions League vs Malmö FF) August 12, 2025 • [ hack, ddos ] F.C. Copenhagens Champions League stream was disrupted on August 12, 2025, by a large-scale DDoS attack that flooded its login system with traffic equal to six months usage in one hour. Fans were unable to access the match for 28 minutes until an alternate stream was activated. No data was stolen or encrypted.
• University of St. Thomas (Houston, TX) August 12, 2025 • [ ransomware, malware, education ] On August 12, 2025, the University of St. Thomas in Houston, Texas, detected unauthorized access and voluntarily shut down key systems for nine days. External sources confirmed the INC ransomware gang claimed responsibility, stating they stole 1.8 TB of sensitive university data. University operations including student portals, financial aid, and course scheduling were fully disrupted, though no encryption was reported. Public disclosure followed on August 25, 2025.
• Lycoming County Department of Public Safety August 12, 2025 • [ ransomware, government ] Drivers license numbers and other PII were exfiltrated from the Lycoming County Department of Public Safety during a ransomware attack detected on August 12, 2025. Officials confirmed cyber criminals stole data but have not reported any encryption. The number of affected individuals remains undisclosed.
• Elmcrest Children’s Center, Inc. August 12, 2025 • [ data leak ] Elmcrest Childrens Center, Inc. detected unauthorized access to its computer network on August 12, 2025. The investigation determined that files containing information for approximately 23,500 individuals were accessed, including names, addresses, dates of birth, treatment details, and insurance information.