AUTOSUR
March 16, 2025
•[ data leak, phishing ]
In March 2025, the French vehicle inspection company AUTOSUR suffered a data breach exposing over 10M customer records, though only 487k unique email addresses were present. The compromised data included names, phone numbers, physical addresses, and vehicle details such as make and model, VIN, and registration plate. AUTOSUR later issued a disclosure notice with further details.
Cherokee County School District
March 15, 2025
•[ network security incident ]
District reported network security incident and system outages under investigation.
Water & Sewerage Corporation
March 15, 2025
•[ ransomware, data leak ]
In mid-March 2025, the Water & Sewerage Corporation of the Bahamas experienced a ransomware attack targeting internal data systems. The utility confirmed unauthorized access but stated there was no evidence of customer data access or theft. While no encryption or operational outage has been verified, remediation efforts were ongoing as of April 2025.
NASCAR
March 15, 2025
•[ ransomware, data leak ]
NASCAR confirmed a ransomware breach of internal systems in March 2025 attributed to Medusa; ~1 TB of sensitive data stolen with $4M ransom demand; notifications and protections offered.
Harvest
March 14, 2025
•[ cyberattack ]
French outlet reported cyberattack and service reassurance communications to clients.
Tj-Actions
March 14, 2025
•[ data leak, supply chain attack, credential exposure ]
A popular GitHub Action called tj-actions/changed-files was compromised: an attacker modified its code and version tags so that when used in CI/CD workflows it executed a script that dumped runner memory and exposed secrets (AWS keys, GitHub PATs, npm tokens, private RSA keys) in publicly accessible logs. The incident, tracked as CVE-2025-30066 (and linked to CVE-2025-30154 for a related Action), affected thousands of repositories across many organizations. Users are advised to stop using the impacted versions, rotate all credentials, and review any workflows that ran between March 1415, 2025.
City of Gloversville (NY)
March 14, 2025
•[ ransomware, data leak ]
City of Gloversville, New York, experienced a ransomware attack discovered on March 14, 2025. The incident encrypted municipal servers and exposed payroll and banking information. Attackers demanded $300,000, and the city paid $150,000 to regain access; no ransomware group has publicly claimed responsibility.
Union County Government
March 13, 2025
•[ ransomware, data leak ]
Ransomware hit Union County Pennsylvania with data theft affecting residents information.
AAylex One
March 13, 2025
•[ ransomware ]
Romanian poultry producer Cocorico operator reported ransomware severely affecting operations.
CareNexa dba Molecular Testing Labs
March 13, 2025
•[ ransomware, third-party ]
MTL disclosed that a data hosting/security vendor suffered a ransomware incident on or about March 13, 2025, potentially affecting information in MTLs possession; investigations and notifications initiated.
UAS Asset Management
March 13, 2025
•[ data leak ]
UAS Asset Management disclosed unauthorized access to its systems and began mailing breach notices on March 19, 2025.
Juniper Networks Routers
March 12, 2025
•[ backdoor ]
Chinese group UNC3886 deployed custom backdoors on outdated Juniper MX routers.
Leroy Merlin
March 12, 2025
•[ data leak, phishing ]
Leroy Merlin notified customers in France that a cyberattack targeted its information system and that some customers personal data may have leaked outside the company. The notification listed exposed data elements (identity/contact details, date of birth, and loyalty-program information) and stated that banking data and online account passwords were not included. The company said it took steps to block unauthorized access and contain the incident, and cautioned customers to watch for phishing attempts impersonating the brand.
Beppe Caccia
March 11, 2025
•[ spyware, targeted attack ]
Italian report described alleged surveillance using commercial spyware against a public figure.
Department Of Health Services Yap
March 11, 2025
•[ ransomware ]
Ransomware forced Yap health department to disconnect network and operate manually.
Uncle Henry’s
March 11, 2025
•[ ransomware, data breach ]
On March 11 2025, Maine-based classified ads publisher Uncle Henrys suffered a ransomware-style attack that deleted its primary website database and took the site offline until April 15. Attackers demanded Bitcoin. Management stated only a few advertisement entries were copied and no personal data compromise was confirmed.
OmniGPT Chatbot Platform
March 10, 2025
•[ data leak, data breach, hacking ]
A hacker known as Gloomer claimed to have breached the OmniGPT AI chatbot platform, stealing and leaking millions of user messages and account details. Data samples were posted on BreachForums and reported by multiple cybersecurity outlets, though OmniGPT has not confirmed the incident.
TerrePower, LLC
March 10, 2025
•[ data leak ]
TerrePower detected suspicious activity between December 12 and December 16, 2024. An unauthorized actor may have viewed and obtained files containing sensitive personal identifiers. Notifications began March 7, 2025.
X (Formerly Twitter)
March 10, 2025
•[ DDoS, service disruption, hacktivism ]
Social media platform X (formerly Twitter) suffered a massive cyberattack involving a large-scale DDoS assault that caused worldwide outages and service disruptions. The company activated additional defenses through Cloudflare to mitigate the impact. The hacktivist group Dark Storm claimed responsibility for the attack, while Elon Musk suggested possible involvement of state-sponsored actors after attack traffic was traced to IPs originating from Ukraine a claim the group denied. The disruption temporarily affected user access and platform functionality, marking one of the largest attacks against X since its rebranding.
City Of Sausalito
March 10, 2025
•[ hacking, government ]
Sausalito reported hacking targeting city systems, prompting meeting cancellation and recovery steps.
