Spyx
March 25, 2025
•[ data leak, stalkerware ]
Stalkerware service reportedly leaked user data including iCloud credentials and device identifiers.
Belgian Government Websites
March 25, 2025
•[ ddos, hacktivism ]
Pro-Russian group claimed DDoS causing availability issues on Belgian government sites.
Argeweb
March 25, 2025
•[ DDoS ]
The Dutch web hosting provider Argeweb experienced a sustained distributed denial-of-service (DDoS) attack beginning around March 25, 2025, which disrupted DNS resolution and access to numerous customer websites for over a week. Reports indicate intermittent outages and degraded service across hosted platforms. There was no data theft, encryption, or compromise of internal systems reported, and no actor has been identified.
Lighthouse Wealth Partners
March 25, 2025
•[ data leak ]
Lighthouse Wealth Partners, recently disclosed that it suffered a data breach that compromised the sensitive personal data of individuals.
Troy Hunt / Have I Been Pwned Mailing List
March 25, 2025
•[ phishing, data leak, account takeover ]
Phishing led to Mailchimp account takeover and export of subscriber list.
Anne Arundel Dermatology
March 25, 2025
•[ data leak ]
Practice disclosed a data breach impacting about 1.9 million individuals, following an intrusion earlier in 2025; investigation and notifications ongoing.
Undisclosed European drone manufacturer
March 25, 2025
•[ phishing, social engineering, malware ]
North Korean operators approached European defense engineers with fake job offers, delivering loaders that sideloaded ScoringMathTea and BinMergeLoader/MISTPEN to exfiltrate proprietary UAV designs and manufacturing know-how. Intelligence-collection focus; campaign targets several firms rather than one discrete victim record.
Ukrzaliznytsia
March 24, 2025
•[ cyberattack ]
Ukraine state railway restored online ticketing after major cyberattack that downed digital services.
Grove City
March 24, 2025
•[ cyber attack ]
Yahoo item references a cyber attack hits Grove City .
Access Financial Services Limited
March 24, 2025
•[ data leak ]
Jamaica lender addressed recent cybersecurity incident and reassured stakeholders.
ADDA
March 24, 2025
•[ data leak ]
In March 2025, data allegedly breached from the ADDA housing societies service was posted to a public hacking forum. The data contained over 1.8M unique email addresses along with names, phone numbers and MD5 password hashes.
Sansone Group
March 22, 2025
•[ leak ]
A data breach at Sansone Group LLC in late March 2025 exposed sensitive PIIfull names and SSNs of an unknown number of individuals. Notifications were sent on July 21; the state AG was notified on August 21. Levi & Korsinsky LLP is investigating possible legal claims.
Cobb County Government
March 22, 2025
•[ ransomware ]
Cobb County took servers offline after breach; online systems restored after several days.
New York University
March 22, 2025
•[ data leak ]
Data reportedly leaked on nyu website exposing millions of applicants.
Lovit
March 22, 2025
•[ ddos, hacktivism ]
Ukrainian It Army claimed sustained ddos disrupting Russian Isp Lovit services.
Fundamental Administrative Services, LLC
March 21, 2025
•[ hack, healthcare ]
On March 21, 2025, Fundamental Administrative Services, a healthcare management company based in Maryland, confirmed a data breach after discovering unauthorized access. Sensitive PII and PHI belonging to 56,235 patients was stolen, including SSNs, medical, and insurance data. No encryption or service disruption was reported.
National Iranian Tanker Company
March 21, 2025
•[ hacktivism, sabotage ]
Hacktivists Claimed Cyber Sabotage Targeting Vsat Systems On 116 Iranian Ships.
Soco System
March 21, 2025
•[ ransomware ]
Danish production firm reported ransomware linked to a Russian gang
Presidency Of Costa Rica (YouTube Account)
March 21, 2025
•[ account takeover, cryptocurrency scam ]
Costa Rica presidencys YouTube account was hijacked and posted crypto content.
Delta Dental of Virginia
March 21, 2025
•[ phishing, data leak ]
An unauthorized actor accessed a Delta Dental of Virginia employee email account between March 21 and April 23, 2025, viewing or acquiring emails and attachments containing personal, financial, and protected health information for 145,918 individuals. Notification letters were issued on November 21, 2025.
