Biopharma Company, Hinjewadi (Pune)
April 27, 2025
•[ ransomware, data leak ]
A ransomware attack discovered on April 27 2025 disrupted a biopharmaceutical company in Hinjewadi (Pune) after an unknown actor accessed internal servers, exfiltrated and encrypted data, and demanded USD 80,000 for decryption; the incident affected 15 on-premises research systems and is under investigation by Pune Cyber Cell.
Masimo Corporation
April 27, 2025
•[ cyberattack, operational disruption ]
Masimo reported a cyberattack breaching on-prem systems, isolating impacted systems and causing production delays in fulfilling orders.
Consero Global Solutions LLC
April 27, 2025
•[ data leak ]
A data breach at Consero Global Solutions LLC: unauthorized third-party access to internal systems between April 27 and July 4, 2025 resulted in possible acquisition of personal information (full name, SSN, other PII). Company has notified affected individuals and offered identity-protection services.
Hitachi Vantara
April 26, 2025
•[ ransomware, data leak ]
Akira ransomware infiltrated Hitachi Vantaras internal network, stealing corporate data and encrypting parts of its IT environment, prompting incident response and system restoration efforts.
Juan F. Luis Hospital
April 26, 2025
•[ ransomware, vulnerability ]
Ransomware accessed two local servers via an overlooked vulnerability and forced the hospital into prolonged downtime, manual workflows, and a wholesale technology rebuild. CEO reports weekly cash flow impact of $750k$800k due to delayed electronic billing yet maintains no patient or staff data was stolen; operations gradually restored as systems returned.
Dictation.ru (Total Dictation Project)
April 25, 2025
•[ ddos ]
Dictation.ru, the website for the Russian-language educational project Total Dictation, was targeted by two DDoS attacks on April 25, 2025, reaching 38,000 requests per second. All attacks were mitigated by Solar, and no data theft or service outage occurred.
Nova Scotia Power
April 25, 2025
•[ data leak ]
Sensitive customer data stolen in a cybersecurity incident disclosed on May 15, 2025; investigation ongoing and scope not fully detailed.
MTN Group
April 24, 2025
•[ data leak ]
On April 24 2025, Johannesburg-based telecommunications giant MTN Group disclosed a cybersecurity incident in which an unauthorized third party accessed personal information of some customers in unspecified African markets. The company confirmed that its core network, billing, and financial systems were not affected. Regulators and law enforcement were notified. The breachs timing and number of affected customers have not been disclosed.
Kintetsu World Express
April 23, 2025
•[ ransomware ]
Ransomware attack discovered April 23 2025 disrupted logistics processing across multiple global offices of Kintetsu World Express; several servers and workstations were encrypted, delaying shipments and customs documentation; no data theft confirmed.
Legal Aid Agency
April 23, 2025
•[ data leak, government ]
Breach of LAA digital services first detected April 23; by May 16 the scope was deemed far wider. Government confirms theft of sensitive data on applicants dating back to 2010; online services were shut down as a precaution while NCSC/NCA investigated.
Co-op (The Co-operative Group)
April 22, 2025
•[ data leak, social engineering ]
6.5M member records stolen following a social-engineering-enabled breach; AD password-hash database also taken; Co-op temporarily shut down some IT systems.
Groupe 3R (Réseau Radiologique Romand)
April 22, 2025
•[ data leak ]
Groupe 3R (Rseau Radiologique Romand), a network of medical imaging centers in western Switzerland, disclosed a cyberattack detected in early April 2025. According to the organization, no images or examination results were lost or encrypted, but attackers copied medical and administrative patient data. Operations continued normally, and a report was filed with Swiss authorities.
Barnstable County Sheriff’s Office
April 22, 2025
•[ insider threat, data leak ]
BCSO reported an intentional insider breach learned April 22, involving leaking of personal information of 100+ former employees and one current employee; the employee was placed on leave.
Aigües de Mataró
April 21, 2025
•[ ransomware ]
Ransomware encrypted Aiges de Matars corporate servers on April 21 2025, taking the website offline and delaying customer services. The utility reported no evidence of data exfiltration; water service and quality remained unaffected. No actor has claimed responsibility.
Cities of Palo Alto, Redwood City, and Menlo Park (Crosswalk systems)
April 21, 2025
•[ Hacktivism, Unauthorized Access, Deepfake ]
Hacktivists hijacked Bay Area pedestrian crosswalk systems in Palo Alto, Redwood City, and Menlo Park to broadcast deepfake audio messages impersonating Elon Musk and Mark Zuckerberg mocking billionaire culture; no data theft or operational outage beyond altered messages reported.
Adyen NV
April 21, 2025
•[ ddos ]
Dutch payment processor Adyen suffered three distributed denial-of-service (DDoS) attacks in April 2025 that disrupted payment services for several hours across Europe; no data theft or system breach reported.
City of Seattle (Crosswalks system)
April 21, 2025
•[ hacktivism, unauthorized access, system compromise ]
Hacktivists compromised Seattle pedestrian crosswalk systems to broadcast spoofed audio announcements mocking technology billionaires; no evidence of data exfiltration or wider operational impact reported.
Esse Health
April 21, 2025
•[ data leak ]
Cyberattack disrupted patientfacing network systems and phones and led to copying of files of 263,601 patients. Information includes personal and health data
SK Telecom
April 19, 2025
•[ malware, data leak ]
Malware on internal servers enabled theft of USIM identifiers and related network data over an extended period.
Joannenova.com.au (Jo Nova Blog)
April 19, 2025
•[ ddos, hacktivism ]
Joannenova.com.au, an independent Australian blog run by science commentator Jo Nova, reported a distributed denial-of-service (DDoS) attack beginning around Easter Saturday (April 19 2025). The site, known for climate-skeptic and political commentary, was flooded by traffic from hundreds of thousands of IPs mainly in China, the USA, Brazil, and Europe, causing intermittent outages for about two weeks. The politically charged nature of the site suggests a hacktivist protest motive.
