Full List

Search

Recent Breaches

• MacKay Memorial Hospital February 6, 2025 • [ ransomware, data leak ] Ransomware attack by Chinese actor CrazyHunter encrypted hospital systems and exfiltrated 32.5 GB of patient data; over 500 computers crashed, disrupting clinical services for several days; attacker linked to other Taiwanese targets.
• American Israel Public Affairs Committee (AIPAC) February 6, 2025 • [ data leak, third-party breach ] AIPAC reported that a criminal cyberattack on a third party led to unauthorized access to files on its own information systems from October 2024 through February 2025 and a review later determined that personal identifiers for 810 individuals had been taken prompting notification letters and additional security controls
• St. Anthony Hospital (Chicago) February 6, 2025 • [ data leak, healthcare, unauthorized access ] St. Anthony Hospital in Chicago reported that on February 6, 2025 it discovered a data breach involving a small number of employee email accounts that had been accessed by an unauthorized actor. The compromised mailboxes contained personal and medical information such as names, addresses, dates of birth, Social Security numbers, medical record and account numbers, prescription details, and medical histories for roughly 6,679 individuals. The hospital engaged outside cybersecurity experts, reset credentials, and began notifying potentially affected patients and staff while offering guidance on credit monitoring. Officials said there was no evidence of misuse yet but warned people to remain vigilant for fraud or identity theft.
• Islamic Emirate of Afghanistan – Ministries and Agencies February 6, 2025 • [ data leak, confidential records, government breach ] Hackers breached Taliban-run Afghan government systems (TalibLeaks) and published tens of gigabytes of confidential records from 21 ministries online.
• University end-users via cloned site February 5, 2025 • [ malvertising, phishing, malware ] Malvertising campaign cloning a German university website to distribute a fake Cisco AnyConnect installer which installed NetSupport RAT on victim machines.
• Chemical, Food, and Pharmaceutical Enterprises in Russia February 5, 2025 • [ infostealer, phishing, data leak ] Nova Infostealer campaign led by Rezet, also known as Rare Wolf, targeted Russian chemical, food, and pharmaceutical firms, harvesting credentials and internal documents through phishing and malicious installers.
• Russian Organizations Across Various Industries February 5, 2025 • [ malware, phishing, data leak ] Nova Infostealer malware campaign targeting Russian organizations across multiple industries collected credentials and files via phishing and malicious installers.
• Russian Industrial Facilities February 5, 2025 • [ infostealer, phishing, malware ] Nova Infostealer was deployed by the threat group NGC4020 in Russian industrial facilities, stealing host credentials and files from infected endpoints through phishing and malicious installer packages.
• Gregory & Appel Insurance February 5, 2025 • [ phishing ] Insurance firm reported unauthorized access linked to suspicious email purporting to be the Cfo.
• Hewlett Packard Enterprise February 5, 2025 • [ data leak ] HPE filed notice with MA AG after a cybersecurity incident allowed access to consumer data; notification letters sent Feb 5, 2025.
• Ntt Communications Corporation February 5, 2025 • [ data leak ] Data exfiltration impacted thousands of corporate customers at ntt communications.
• Professional Finance Company February 5, 2025 • [ ransomware, data leak ] A ransomware attack detected February 5 2025 disrupted Professional Finance Companys billing and collection systems and resulted in confirmed theft of patient financial and medical data for roughly 125,000 individuals. The firm disclosed the incident publicly in April 2025 and reported it to HHS as both a ransomware and data-exfiltration event.
• SimonMed Imaging February 5, 2025 • [ ransomware, data leak, healthcare ] Medusa claimed theft of 212GB of data impacting 1.2M patients after JanuaryFebruary attack window.
• Jefferson School District 251 February 4, 2025 • [ ransomware, data leak ] Ransomware was discovered on Jefferson School Districts computer systems in early February 2025, leading to the cancellation of classes across all 11 schools in the district while networks were rebuilt. About 5,000 student devices were affected, and the FBI and third-party forensic teams were engaged. No evidence of student data theft or exfiltration has been reported.
• 163.com Users February 4, 2025 • [ phishing, espionage ] The Taiwanese-linked espionage group GreenSpot APT (aka PoisonVine / APT-Q-20) created spoofed 163.com domains and fake download pages to harvest email credentials from users in mainland China, Hong Kong, and Taiwan. Hunt.io attributed the campaigns infrastructure to Taiwan but no government department link has been identified.
• Ionic Money February 3, 2025 • [ DeFi exploit, impersonation, protocol manipulation ] On February 3 2025, attackers exploited Ionic Money on the Mode Network by impersonating members of Lombard Finance and convincing the project to list a fake token (LBTC). They minted counterfeit collateral, borrowed legitimate assets, and drained about $8.6 million in funds, later laundering part of it through Tornado Cash. The incident was a decentralized finance exploit involving protocol manipulation, with no system encryption or service disruption.
• Lee Enterprises February 3, 2025 • [ ransomware, data leak ] On February 3, 2025, Lee Enterprises suffered a ransomware attack that encrypted multiple critical applications and exfiltrated files. The Qilin group claimed responsibility, asserting theft of about 350 GB of data. The incident caused partial but significant disruption of operations for roughly one week, affecting printing, billing, and vendor systems. Approximately 39,779 individuals had personal information compromised.
• News.bg and other Bulgarian media outlets February 2, 2025 • [ denial of service, hacktivism ] Massive SSL-based distributed denial-of-service (DDoS) attacks targeted News.bg and several other Bulgarian media websites beginning on February 2, 2025. The attacks, described as large-scale and difficult to trace, disrupted access for several days until at least February 6, 2025. Mitigation involved blocking international traffic. Attribution remains undetermined; motive appears protest-related.
• University of The Bahamas February 2, 2025 • [ ransomware ] The University of The Bahamas suffered a ransomware attack starting on 2025-02-02 that disrupted online systems including email, telephone, and academic platforms while in-person classes persisted. The school serves ~5,000 students across three campuses.
• Rubrik February 2, 2025 • [ data leak ] Rubrik disclosed on February 2, 2025, that an unauthorized actor accessed a log server containing telemetry data. The company rotated all authentication keys, confirmed no customer data or source code was affected, and reported the incident to authorities.