Black Hills Regional Eye Institute
January 4, 2025
•[ data leak ]
In early January 2025, the Black Hills Regional Eye Institute detected unauthorized access lasting five days (Jan 48). A forensic review confirmed exfiltration of patient and employee data including PII and PHI. The breach affected about 106 k individuals and was disclosed August 29 2025. No encryption reported; data stolen for likely financial gain.
Alchip
January 3, 2025
•[ hack, manufacturing ]
On the afternoon of January 3, Qingyun Technology, Alchip, Popular Computer, and Formosa Plastics released important information, saying that their websites had been attacked. After they noticed the incident, they had activated relevant defense mechanisms and recovery operations. The website has resumed normal operation. At present, it is assessed that there is no impact on the company's operations. Qingyun and Alchip further mentioned that they initially assessed that no personal information or internal documents had been leaked.
Google Play Users
January 3, 2025
•[ state-sponsored, infiltration ]
Report said North Korean hackers infiltrated Google Play to target users.
NTT Docomo
January 2, 2025
•[ hack, technology ]
Japan's largest mobile carrier, NTT Docomo, reports that it is working to restore services after a cyberattack temporarily disrupted operations.
Kong Inc.
January 2, 2025
•[ hack, malware, technology ]
An attacker accesses Kong's DockerHub account and replaces the legitimate Kong Ingress Controller v.3.4.0 image with a malicious version containing malicious code that enabled cryptojacking.
Community Health Center (CHC)
January 2, 2025
•[ leak, healthcare ]
Community Health Center (CHC), a leading Connecticut healthcare provider, notifies over 1 million patients of a data breach that impacted their personal and health data.
InfoCert via Third Party Ticketing Vendor
January 2, 2025
•[ hack, leak, technology ]
I dati sottratti messi in vendita sul dark web. L'azienda provider di servizi di identit digitale rassicura:Informazioni sottratte sono quelle delle richieste di assistenza clienti, i dati di accesso a InfoCert non sono stati compromessi
Chipson Electronics
January 2, 2025
•[ ddos, manufacturing ]
Chipson Electronics released important information on the stock market public observatory, stating that their website was attacked by a distributed denial of service (DDoS) attack.
First International Computer, Inc.
January 2, 2025
•[ hack, ddos, manufacturing ]
NoName057(16) claims responsibility for DDOS against several Taiwanese entities
Unnamed high-profile Ukrainian entities
January 2, 2025
•[ espionage, malware, government ]
{"richText":[{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"ESET observed coordination where "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"Gamaredon tools (PteroGraphin/PteroOdd/PteroPaste)"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" deployed or restarted "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"Turlas Kazuar"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" on Ukrainian systems during "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"FebApr 2025"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":", marking the first documented collaboration between these FSB-linked groups; focus is "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"espionage access"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" rather than disruption."}]}
Health Service Executive (HSE) – primary care services, Midlands (third-party processor)
January 2, 2025
•[ ransomware, data breach, third-party breach ]
DataBreaches summarized reporting that the Irish Health Service Executive confirmed a second ransomware attack occurred in February 2025, targeting a third-party processor and resulting in a data protection breach reported by HSE primary care services in the Midlands. The HSE stated there was no evidence that patients data was stolen in the incident, and the brief report did not describe prolonged operational disruption or specify what systems were encrypted. Based on the confirmation of a ransomware incident affecting a processor, this is coded as a disruptive event with limited publicly available detail on scope and duration.
Health Service Executive (HSE) – primary care services, Midlands (third-party processor)
January 2, 2025
•[ ransomware, third-party processor, data protection breach ]
DataBreaches summarized reporting that the Irish Health Service Executive confirmed a second ransomware attack occurred in February 2025, targeting a third-party processor and resulting in a data protection breach reported by HSE primary care services in the Midlands. The HSE stated there was no evidence that patients data was stolen in the incident, and the brief report did not describe prolonged operational disruption or specify what systems were encrypted. Based on the confirmation of a ransomware incident affecting a processor, this is coded as a disruptive event with limited publicly available detail on scope and duration.
Habib Bank Limited
January 1, 2025
•[ hack, finance ]
hacked
Federal Board of Revenue
January 1, 2025
•[ hack, finance ]
hacked
Resona Bank
January 1, 2025
•[ hack, ddos, finance ]
Osaka-based Resona Bank says a DDoS attack resulted in a network malfunction and impacted the functioning of its customer-facing My Gate application. The parent company Resona Holdings confirms the incident temporarily disrupted services at other company-owned banks, including Minato Bank, Kansai Mirai Bank and Saitama Resona Bank.
Mizuho Bank
January 1, 2025
•[ financial, hack, ddos ]
Mizuho Bank, Japan's third largest financial company, suffers a denial-of-service attack that disrupts online banking services for three hours.
City of Winston-Salem
January 1, 2025
•[ hack, government ]
Winston-Salem, North Carolina, residents are not able to pay their utility bills online after a post-Christmas cyberattack knocked the city's systems offline.
MedSave Health Insurance
January 1, 2025
•[ leak, healthcare ]
A threat actor with the Moniker 0mid16B claims to have breached MedSave Health Insurance TPA Ltd (MedSave), stealing 561 gigabytes of databases, containing data of 10,617,943 people.
