Full List

Search

Recent Breaches

• Itron, Inc. April 13, 2026 • [ unauthorized access, corporate systems, energy management ] Itron, a provider of energy and water management solutions, detected unauthorized access to some corporate systems on April 13 2026; operations continued and no further unauthorized activity or customer impact was observed.
• Marcus & Millichap April 12, 2026 • [ hacking, extortion, data leak ] In April 2026, the commercial real estate brokerage firm Marcus & Millichap was named as one of multiple alleged victims of the ShinyHunters hacking and extortion group. Data alleged to have been obtained from the company was subsequently released publicly and included 1.8M unique email addresses, along with names, phone numbers and employment-related information including employer, job title and physical company address. In their disclosure notice, Marcus & Millichap advised that data which may have been accessed appeared limited to "company forms, templates, marketing materials, and general contact information".
• Spring Lake Park School District April 12, 2026 • [ ransomware, system shutdown, cyberattack ] Spring Lake Park Schools discovered on April 12, 2026 that an outside actor had accessed some district systems in a suspected ransomware incident; the district shut down systems defensively to prevent further access, causing class, childcare, community education, and after-school activity cancellations while recovery proceeded.
• Morocco’s Office of Vocational Training and Employment Promotion (OFPPT) April 12, 2026 • [ data leak, compromised account, user data ] OFPPT disclosed that data from about 100,000 MyWay platform users was leaked after likely misuse of a compromised account.
• Dialogue Logique April 12, 2026 • [ intrusion, datacenter infrastructure, data protection ] Dialogue Logique detected an intrusion in its datacenter infrastructure on April 12, 2026 and isolated its infrastructure from the internet to contain the incident and protect customer data.
• Mytheresa April 12, 2026 • [ extortion, data leak, ShinyHunters ] In April 2026, the luxury fashion e-commerce platform Mytheresa was listed as a victim of the ShinyHunters "pay or leak" extortion group. After the ransom deadline passed, the group publicly released the data which contained 84k unique email addresses. The exposed data also included names, phone numbers, physical addresses, purchases and partial credit card data including card type, last 4 digits and expiry date.
• Rockstar Games April 11, 2026 • [ data breach, third-party breach, SaaS breach ] ShinyHunters claimed it stole nearly 80 million business records from Rockstar Games through a third-party SaaS/Snowflake-related breach; Rockstar said only a limited amount of non-material company information was accessed and that there was no impact on operations or players.
• Autovista April 11, 2026 • [ ransomware, service disruption, containment ] Autovista reported a ransomware incident identified on April 11, 2026 that affected certain systems in Europe and Australia and caused service disruption for customers. The company implemented containment measures, worked with external forensic experts to validate systems before restoration, and later reported many products and services were partially or fully restored.
• McGraw Hill April 10, 2026 • [ data breach, extortion, misconfiguration ] In April 2026, education company McGraw Hill confirmed a data breach following an extortion attempt. Attributed to a Salesforce misconfiguration, the company stated the incident exposed "a limited set of data from a webpage hosted by Salesforce on its platform". More than 100GB of data was later publicly distributed, containing 13.5M unique email addresses across multiple files, with additional fields such as name, physical address and phone number appearing inconsistently across some records.
• CPUID (cpuid.com) April 9, 2026 • [ malware distribution, supply chain attack, api compromise ] CPUID confirmed that a secondary website/API feature was compromised between April 9 and April 10, 2026, causing official download links for CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor to redirect to attacker-controlled infrastructure serving malware; CPUID said its signed original files were not modified.
• Athénée Royal d'Izel April 9, 2026 • [ ransomware, encryption, service disruption ] The local server of Athne Royal d'Izel was encrypted during a ransomware attack on the morning of April 9, 2026, affecting the online school platform for meal payments and attendance; quick isolation prevented personal data theft and restoration from backups was underway.
• Saver April 9, 2026 • [ ransomware, personal data, operational disruption ] Saver was hit by ransomware on April 9, disrupting systems and phone lines while attackers accessed servers containing personal data.
• City of Ardmore April 8, 2026 • [ ransomware, phishing, data leak ] On April 8, 2026, ransomware encrypted Ardmore police/internal servers after a phishing email; the incident was contained within hours, and information tied to criminal complaints and investigations, including names, addresses, and phone numbers, may have been exposed.
• Rx Management April 8, 2026 • [ ransomware, data leak, healthcare ] INC Ransom listed Australian pharmacy management firm Rx Management on its leak site on April 8, 2026 and threatened to publish more than 180 GB of allegedly stolen data; the data types and full extent were not publicly verified.
• Commune d'Anderlues April 8, 2026 • [ cyberattack, data theft, IT shutdown ] Anderlues suffered a municipal cyberattack resulting in data theft and a broad shutdown of communal IT systems.
• Dígitro Tecnologia April 8, 2026 • [ database leak, source code leak, internal files ] CTIR Gov warned that databases, source-code repositories, and internal files from Dgitro Tecnologia were published by DDoSecrets.
• 7-Eleven April 8, 2026 • [ extortion, data leak, ShinyHunters ] In April 2026, 7-Eleven was the victim of a "pay or leak" extortion campaign by ShinyHunters, with the data later published that month. The incident exposed 185k unique email addresses, along with names, physical addresses, dates of birth and phone numbers. A small number of records also contained additional exposed data fields. The company later advised the breach was limited to "certain 7-Eleven systems used to store franchisee documents", a statement consistent with the exposed data.
• 7-Eleven April 8, 2026 • [ unauthorized access, data leak, ransom ] 7-Eleven discovered on April 8, 2026 that an unauthorized third party accessed systems used to store franchisee documents. ShinyHunters claimed responsibility, claimed theft of more than 600,000 Salesforce records, and leaked a 9.4 GB archive after ransom demands were not met; Have I Been Pwned identified 185,300 exposed individuals in the leaked data.
• At least one DAEMON Tools user in government, scientific, manufacturing, retail, or education sectors April 8, 2026 • [ supply chain attack, malware, trojanized installers ] Threat actors compromised official DAEMON Tools installers distributed from the vendor website beginning April 8, 2026. The trojanized installers executed malware on infected Windows hosts, collected system information, and in selected cases deployed additional backdoor payloads. Reporting identified second-stage payloads on roughly a dozen machines in government, scientific, manufacturing, and retail organizations in Russia, Belarus, and Thailand, and QUIC RAT on one Russian educational institution. The specific perpetrator was not publicly identified.
• Pitney Bowes April 8, 2026 • [ phishing, extortion, data leak ] Pitney Bowes identified unauthorized access to certain records in its Salesforce customer relationship management environment on April 9, 2026, after a phishing attack compromised an employee email account the previous night. ShinyHunters claimed to have obtained Pitney Bowes data as part of a broader extortion campaign and later released data containing 8.2 million unique email addresses, names, phone numbers, physical addresses, and some employee job-title records. Irish reporting separately confirmed that 137 Revenue Commissioners employees were affected through the Pitney Bowes supplier breach, with professional contact details exposed but no Revenue passwords or taxpayer data stolen.