Lower Sioux Indian Community (Jackpot Junction Casino Hotel)
March 27, 2025
•[ ransomware ]
RansomHub ransomware encrypted internal systems belonging to the autonomous Lower Sioux Indian Community in the State of Minnesota, disrupting operations at the Jackpot Junction Casino Hotel, tribal health center, and government offices. Systems were taken offline for containment, affecting slot machines, kiosks, phones, and reservation functions. No confirmed data exfiltration was reported; encryption was the cause of the outage.
Holt Group
March 27, 2025
•[ ransomware, data leak, legal action ]
Holt Group breach tied to Cactus with large data leak; suit filed.
Health New Zealand (Te Whatu Ora) Central Region
March 27, 2025
•[ data leak ]
Health New Zealand said a malicious actor accessed staff safety records.
TehetségKapu
March 26, 2025
•[ leak, education ]
In March 2025, almost 55k records were breached from the Hungarian education office website TehetsgKapu. The data was subsequently published to a popular hacking forum and included email addresses, names and usernames.
WideOpenWest (Wow!)
March 26, 2025
•[ ransomware, data leak ]
Arkana security claims ransomware attack on wow with data theft.
Nsw Online Registry (Department Of Communities And Justice)
March 26, 2025
•[ data leak ]
Major breach led to downloads of sensitive court files including Avos and affidavits.
Square Enix
March 26, 2025
•[ ddos ]
Ffxiv servers were targeted by Ddos around the 7.2 update release.
National Faster Payments System (Sbp)
March 26, 2025
•[ ransomware, denial of service ]
A large-scale hacker attack has hit Lukoil and its Faster Payment System. Users are complaining that they can't transfer money, and Lukoil employees have been unable to access their work computers since early morning.
Troy Hunt's Mailchimp List
March 25, 2025
•[ hack, phishing, technology ]
In March 2025, a phishing attack successfully gained access to Troy Hunt's Mailchimp account and automatically exported a list of people who had subscribed to the newsletter for his personal blog. The exported list contained 16k email addresses and other data automatically collected by Mailchimp including IP address and a derived latitude, longitude and time zone.
Abracadabra Finance
March 25, 2025
•[ cryptocurrency theft, exploit, DeFi ]
Hackers exploited Abracadabra cauldrons leading to multimillion-dollar cryptocurrency theft.
Spyx
March 25, 2025
•[ data leak, stalkerware ]
Stalkerware service reportedly leaked user data including iCloud credentials and device identifiers.
Belgian Government Websites
March 25, 2025
•[ ddos, hacktivism ]
Pro-Russian group claimed DDoS causing availability issues on Belgian government sites.
Argeweb
March 25, 2025
•[ DDoS ]
The Dutch web hosting provider Argeweb experienced a sustained distributed denial-of-service (DDoS) attack beginning around March 25, 2025, which disrupted DNS resolution and access to numerous customer websites for over a week. Reports indicate intermittent outages and degraded service across hosted platforms. There was no data theft, encryption, or compromise of internal systems reported, and no actor has been identified.
Lighthouse Wealth Partners
March 25, 2025
•[ data leak ]
Lighthouse Wealth Partners, recently disclosed that it suffered a data breach that compromised the sensitive personal data of individuals.
Troy Hunt / Have I Been Pwned Mailing List
March 25, 2025
•[ phishing, data leak, account takeover ]
Phishing led to Mailchimp account takeover and export of subscriber list.
Anne Arundel Dermatology
March 25, 2025
•[ data leak ]
Practice disclosed a data breach impacting about 1.9 million individuals, following an intrusion earlier in 2025; investigation and notifications ongoing.
Undisclosed European drone manufacturer
March 25, 2025
•[ phishing, social engineering, malware ]
North Korean operators approached European defense engineers with fake job offers, delivering loaders that sideloaded ScoringMathTea and BinMergeLoader/MISTPEN to exfiltrate proprietary UAV designs and manufacturing know-how. Intelligence-collection focus; campaign targets several firms rather than one discrete victim record.
Ukrzaliznytsia
March 24, 2025
•[ cyberattack ]
Ukraine state railway restored online ticketing after major cyberattack that downed digital services.
Grove City
March 24, 2025
•[ cyber attack ]
Yahoo item references a cyber attack hits Grove City .
Access Financial Services Limited
March 24, 2025
•[ data leak ]
Jamaica lender addressed recent cybersecurity incident and reassured stakeholders.
