Valencia Chamber of Commerce
January 7, 2025
•[ ransomware ]
Ransomware in July 2025 with ransom demand; Chamber says damage was minimal and it recovered using backups/security; plans further investment in prevention.
Pro Medicus
January 7, 2025
•[ data leak, email compromise, employee data ]
Pro Medicus disclosed that it investigated unauthorized access by an unknown third party to a single email inbox in July 2025. The company said it engaged external cybersecurity experts, secured the inbox, and contained the incident. Its analysis concluded the access was isolated to one mailbox and did not provide access to any client systems or patient data; it also stated there was no operational impact or financial loss. Pro Medicus reported that PII for approximately 100 current and former employees could potentially have been accessed and that the affected individuals were notified.
Argentina's airport security police (PSA)
January 6, 2025
•[ financial, hack, government ]
Argentina's airport security police (PSA) falls victim to a cyberattack that reportedly compromised the personal and financial data of its officers and civilian personnel.
Rosreestr
January 6, 2025
•[ hack, government ]
Silent Crow, a group of threat actors with unknown ties claims responsibility for breaching a Russian government agency, Rosreestr, which is responsible for managing property and land records.
Nodex
January 6, 2025
•[ hack, leak, technology ]
Ukrainian hacktivists, part of the Ukrainian Cyber Alliance group, announce they had breached Russian internet service provider Nodex's network and wiped hacked systems after stealing sensitive documents.
Eindhoven University of Technology
January 6, 2025
•[ hack, education ]
Eindhoven University of Technology cancels lectures and other educational activities following a cyberattack, although it is expected to have only a limited impact as teaching is reduced while students prepare for exams.
Green Bay Packers (Online Store)
January 6, 2025
•[ financial, hack, malware ]
The Green Bay Packers American football team notifies fans that a threat actor hacked its official online retail store in October and injected a card skimmer script to steal customers' personal and payment information.
South Portland Public Schools
January 6, 2025
•[ hack, education ]
South Portland Public Schools in Maine says it was forced to take its network after a cyberattack was discovered over the weekend.
Several Russian schools
January 6, 2025
•[ hack, ddos, education ]
{"richText":[{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"StormWall reports "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"hundreds of teen-run DDoS attacks"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" against Russian school IT systems in 2025 (peak MayJune), with "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"1020 Gbps"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" traffic causing "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"service disruptions"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" and aiming to "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"sabotage lessons/Unified State Exam"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"."}]}
City of Lubbock Utilities
January 6, 2025
•[ data leak, skimming ]
The City of Lubbock Utilities, Texas, reported that malicious code was injected into its third-party online utility payment portal between December 18, 2024 and January 6, 2025. The injected script presented a fake payment window that captured customers cardholder information. According to the Texas state breach portal and public notices, 12,503 Texans were affected. Compromised data included names, billing addresses, payment card numbers, expiration dates, and CVV codes. Officials confirmed no impact to internal systems or encryption of city data.
Towne Mortgage
January 6, 2025
•[ ransomware, data leak ]
Towne Mortgage disclosed that a June 2025 incident may have involved a hacker copying data from its network. Reporting on subsequent litigation stated that the lender did not publicly specify how many customers were impacted, but a disclosure referenced at least 474 Massachusetts residents and indicated that Social Security numbers and financial account information were compromised. The same report noted that some cybersecurity blogs attributed the attack to the BlackByte ransomware-as-a-service group, though the company itself did not confirm attribution. Multiple class action lawsuits were filed after the lenders breach announcement, alleging failure to protect sensitive borrower information.
Prosper Marketplace
January 6, 2025
•[ data leak, PII ]
The Record reported that fintech lender Prosper Marketplace disclosed a cyberattack that was initially discovered on September 1, 2025, with an investigation concluding that attackers accessed data between June and August 2025. The company stated there was no evidence of unauthorized access to customer accounts or funds, but reported that sensitive personal information and application-related data were accessed, ultimately affecting about 13.1 million people. The reported exposed elements included high-risk identifiers (SSNs and national IDs), banking details, and extensive identity and application documentation, creating significant fraud and identity-theft risk even without confirmed account takeover.
Japan Weather Association
January 5, 2025
•[ hack, technology ]
The Japan Weather Association said on Thursday it was hit by a cyberattack that rendered its information website inaccessible for over nine hours from around 7 a.m.
T1 Esports
January 5, 2025
•[ hack, ddos, technology ]
Recently, Team T1 has trended due to being targeted by DDoS attacks and targeted again in 2025.
Upper Canada District School Board (UCDSB)
January 5, 2025
•[ education ]
Board's Jan. 22 update reveals personal information about staff members, students, some donors, and bursary recipients was compromised.
Gravy Analytics
January 4, 2025
•[ leak, technology ]
Gravy Analytics, a major player in the location data broker market confirms to Norway's Data Protection Authority that it was breached by a threat actor who obtained an unknown number of files.
Triplegangers
January 4, 2025
•[ hack, misconfiguration, technology ]
OpenAI was sending tens of thousands of server requests trying to download Triplegangers' entire site which hosts hundreds of thousands of photos.
Gravy Analytics
January 4, 2025
•[ hack, technology ]
Gravy Analytics, a major player in the location data broker market confirms to Norway's Data Protection Authority that it was breached by a threat actor who obtained an unknown number of files.
Stroboertje Food Bank
January 4, 2025
•[ financial, phishing, healthcare ]
Voedselbank Stroboertje in Merksem, een van de grootste voedselbanken van Antwerpen, is slachtoffer geworden van phishing. De organisatie zag inmiddels al meer dan 20.000 euro van hun rekening verdwijnen en zit met de handen in het haar. Ik denk zelfs dat we ons personeel niet gaan kunnen betalen, we gaan mensen moeten ontslaan deze maand.
Black Hills Regional Eye Institute
January 4, 2025
•[ data leak ]
In early January 2025, the Black Hills Regional Eye Institute detected unauthorized access lasting five days (Jan 48). A forensic review confirmed exfiltration of patient and employee data including PII and PHI. The breach affected about 106 k individuals and was disclosed August 29 2025. No encryption reported; data stolen for likely financial gain.
