Full List

Search

Recent Breaches

• LG Energy Solution January 11, 2025 • [ ransomware, data leak, supply chain attack ] LG Energy Solution confirmed that an overseas facility was hit by a ransomware incident in November 2025, which briefly affected operations before systems were restored. The Akira ransomware group listed LG on its leak site, claiming to have stolen around 1.7 TB of data, including corporate documents and an employee database with personal information. LG stated that the incident was contained to the single facility and that production had resumed, while it continued to investigate the scope of the data theft. The case underscores the risk to global manufacturing supply chains from targeted ransomware operations.
• Bangalore Airport January 11, 2025 • [ GPS spoofing ] Reports described GPS spoofing signals detected near major Indian airports, including Delhi, with contingency procedures used during GPS-based landing approaches. Government statements said conventional navigation systems remained active and flight operations were not affected; the separate incident involving delays for 400+ flights at Delhi airport was attributed to an Air Traffic Control technical system snag rather than the GPS spoofing. Based on the reporting, this does not provide clear evidence of a successful cyberattack causing operational disruption or confirmed data compromise.
• SmartTube January 11, 2025 • [ malware, supply chain attack, data leak ] Reporting indicates SmartTubes build/signing environment was compromised, allowing attackers to distribute officially signed builds containing malware (notably in versions identified in coverage). The malware was described as collecting device and app telemetry including IP addresses, and the project took affected builds offline while issuing a newly signed clean version. The incident reflects a supply-chain style compromise with malicious code distributed to users, with no confirmed account credential capture in the cited reporting.
• At least one telecom operator in Russia January 11, 2025 • [ DDoS, telecom ] A Russian tech-news report citing Roskomnadzor/GRFC monitoring stated that in November 2025 the regulator recorded and mitigated a record-long DDoS attack targeting telecommunications operators systems, with a maximum duration reported as 3 days 22 hours 20 minutes. The same regulatory summary reported peak attack power around 1.93 Tbps and very high packet rates during the period, with the telecom sector described as a primary focus of attack vectors. The report did not identify a specific threat group or provide victim-by-victim service impact details, but characterized the episode as an unusually prolonged and powerful DDoS campaign against telecom infrastructure.
• At least one individual in Singapore January 11, 2025 • [ malware, extortion, data leak ] Singapore Police warned of a malware-enabled sextortion scam in which victims were lured via social media offers of online sexual services and deceived into downloading a malicious application. Police said the malware enabled scammers to remotely access victims photo galleries and contact lists, and in some cases capture or retrieve compromising content. Attackers then threatened to send the images to the victims contacts unless payments were made. Police reported at least six cases since November 2025 with total losses of at least S$20,000.
• Agfa January 11, 2025 • [ ransomware, data leak ] Agfa-Gevaert faced public claims from the Everest ransomware group alleging the theft of Agfa data. Subsequent public reporting indicates Agfa conducted an internal investigation and concluded in early December 2025 that its IT systems were operational and that the data at issue was limited to older, non-sensitive information. Agfas communications emphasized that there was no indication that critical or current sensitive data was compromised. Details such as the initial access vector, the precise systems affected, and whether any encryption or operational disruption occurred were not publicly disclosed in accessible reporting. This entry codes the incident as an unauthorized access/data exposure event based on the companys statement about what information was involved after its probe.
• Ungava Tulattavik Health Centre (UTHC) January 11, 2025 • [ data leak, phishing ] Ungava Tulattavik Health Center in Kuujjuaq (Nunavik, Quebec) disclosed it was the victim of a cyberattack in November 2025. The centre said the attack was blocked upon detection, but warned that files containing clinical and administrative information related to some people who use the health centre and some employees may have been stolen. The centre established a crisis unit, deployed enhanced surveillance/security tools, and worked with the Sret du Qubec, the Nunavik Regional Board of Health and Social Services, and Sant Qubecs Cyber Defence Operational Centre during the investigation. Officials advised users and employees to monitor bank accounts and watch for suspicious emails or calls while the incident response and review continued.
• Committee on Foreign Investment in the United States (CFIUS) January 10, 2025 • [ espionage, government ] Silk Typhoon Chinese state-backed threat actors reportedly breach the Committee on Foreign Investment in the United States (CFIUS), a Treasury Department office that reviews foreign investments for national security risks.
• Bank of America January 10, 2025 • [ leak, finance ] Bank of America notifies 414 individuals that their names, addresses, phone numbers, passport numbers, Social Security numbers, and their mortgage load numbers might have been compromised in a data breach at an unnamed third-party provider.
• Wolf Haldenstein Adler Freeman & Herz January 10, 2025 • [ leak ] Wolf Haldenstein Adler Freeman & Herz LLP ("Wolf Haldenstein") a U.S. Law Firm, reports it has suffered a data breach that exposed the personal information of nearly 3.5 million individuals to threat actors.
• Slovakian Geodesy, Cartography and Cadastre Office (UGKK) January 10, 2025 • [ ransomware, malware, government ] A cyber attack targets the Slovakian Geodesy, Cartography and Cadastre Office (UGKK), which manages land and property data. The agencys systems are shut down, and its physical offices closed following an alleged ransomware attack. According to local media reports, the attackers are demanding millions of euros in ransom.
• Swiss Federal Administration January 10, 2025 • [ hack, government ] Beeintrchtigt gewesen sind unter anderem die Telefonie, Outlook sowie verschiedene Webseiten und Fachanwendungen des Bundes. Daten seien keine abgeflossen, hiess es vom Bund.
• Centre des technologies de l’information de l’État' (CTIE) January 10, 2025 • [ hack, ddos, government ] Mehrere von der Regierung betriebene und vom Centre des technologies de linformation de ltat (CTIE) gehostete Internetseiten waren am Freitag zwischen 13:05 und 14:55 Uhr nicht erreichbar. Ursache dafr war eine DDOS-Attacke, die zahlreiche Webseiten lahmlegte, darunter men.public.lu und 112.public.lu. Das besttigte eine Sprecherin des CTIE gegenber dem Tageblatt. Der Angriff habe kurz nach 13 Uhr...
• Lifebridge Health January 10, 2025 • [ hack, phishing, healthcare ] LifeBridge Health sent letters to patients and families about an email phishing incident that was discovered on Nov. 12.
• Crimean Telecom Operators January 10, 2025 • [ hack, ddos, technology ] A massive DDoS attack is targeting major fixed-line and mobile network operators in Crimea, according to the Ministry of Internal Policy, Information and Communications... RIA Novosti, January 11, 2025
• UFCW Local 7 (United Food & Commercial Workers) January 10, 2025 • [ data leak ] On December 10, 2024, an unauthorized actor accessed and copied data from UFCW Local 7s network, compromising the personal information of approximately 55,747 union members. Data was later reported on dark web leak sites. No encryption was used, and no perpetrator has been identified.
• Baylor Scott & White Texas Spine & Joint Hospital January 10, 2025 • [ Email Compromise, Data Leak, Unauthorized Access ] Unauthorized access to O365 mailbox exposed patient demographic and treatment information.
• UK Foreign, Commonwealth and Development Office (FCDO) January 10, 2025 • [ data leak, unauthorized access, government ] UK authorities investigated a cyber intrusion into the Foreign, Commonwealth and Development Office (FCDO) that was reportedly discovered during routine monitoring in October 2025. According to officials briefed on the matter, attackers accessed a segment of the foreign offices IT environment used for policy coordination and diplomatic communications and obtained sensitive but non-classified material. The reported accessed information included internal correspondence, briefing papers, and contact details related to overseas missions, while systems handling classified intelligence were described as segregated and unaffected. The incident prompted containment actions, server isolation, and a wider government security review led with support from the National Cyber Security Centre.
• Bangladesh e-Apostille service (MyGov) - impersonated portal January 10, 2025 • [ phishing, data leak, identity theft ] A fraudulent website mimicking Bangladeshs official e-apostille platform exposed sensitive personal documents belonging to more than 1,100 citizens. The fake portal generated fabricated apostille certificates with QR codes that redirected users to a sequentially ordered database where changing digits in the URL revealed other applicants scanned records, a weakness consistent with insecure direct object reference (IDOR). Leaked materials reportedly included national ID cards, passports, academic and marriage certificates, trade licences, business agreements, and other private records that could enable identity theft and targeted fraud. Officials indicated the fraud operation appeared to have been active since October 2025.
• Louisiana Office of Student Financial Assistance (LOFSA) January 10, 2025 • [ data leak ] The Louisiana Office of Student Financial Assistance (LOSFA) sent letters to students warning of a data security incident involving their information, according to reporting summarized by DataBreaches.net. The letter dated December 5, 2025 stated the agency was investigating an incident affecting LOSFA systems and that an unauthorized party accessed or removed certain files. The letter indicated the affected files contained student names and Social Security numbers, while stating the START Saving Program and 529 savings accounts were not involved.