Toys “R†Us Canada
July 30, 2025
•[ data leak, phishing, dark web ]
Company confirmed a threat actor copied records from its customer database and later leaked them on the dark web; investigation verified the datas authenticity and regulators were notified. No payment credentials were exposed; customers warned about phishing.
Albavision (Albavisión)
July 28, 2025
•[ ransomware, data leak, business disruption ]
GlobalGroup ransomware group alleged breach and data theft at media giant Albavision affecting broadcast operations, with data samples posted.
Aeroflot
July 28, 2025
•[ hacktivism, data leak, data destruction ]
Two hacktivist groups claim to have gained access to 122 hypervisors, 43 ZVIRT virtualization installations, approximately 100 iLO interfaces used for server management, and four Proxmox clusters. They say they exfiltrated all databases from flight history and employee workstations (including of top executives), wiretapping servers containing phone call recordings, and personnel monitoring systems. Claim to have wiped 7,000 physical and virtual servers hosting 12TB of databases, 8TB of Windows Share files, and 2TB of corporate email. Resulted in the cancellation of more than 60 flights and severe delays on additional flights.
City of Nitro, West Virginia
July 26, 2025
•[ data leak ]
Following a data breach, Nitro city employees faced uncertainty over tax withholdings and filings; investigation ongoing and guidance pending.
Everglades Correctional Institution (Florida Department of Corrections)
July 26, 2025
•[ data leak, exposed PII ]
Personal contact information from visitor applications at Everglades Correctional Institution was exposed to all inmates at the facility after a breach reported the prior weekend.
Tea App
July 25, 2025
•[ data leak, misconfiguration ]
Tea, a women-focused dating and safety app, suffered a breach via a misconfigured Firebase storage bucket, exposing ~72,000 images and up to 1.1M private DMs, later leaked on 4chan; users who signed up before Feb 2024 were affected.
Sotheby’s
July 24, 2025
•[ data leak ]
Breach detected July 24; investigation found SSNs and financial details impacted employees
Naval Group
July 23, 2025
•[ data leak, extortion ]
Threat actor leaked 1TB of alleged Naval Group data after an extortion attempt. Naval Group says no intrusion confirmed and operations unaffected.
AMEOS Group
July 22, 2025
•[ data leak ]
AMEOS disclosed a security incident and took IT systems offline while investigating possible data exposure of patient, employee, and partner data.
UK Ministry of Defence (Special Air Service personnel)
July 21, 2025
•[ data leak ]
Army ordered an immediate review after media reports that identities of at least 20 SAS soldiers were publicly available online; follows earlier MoD ARAP leak revelations.
Waveny LifeCare
July 20, 2025
•[ data leak ]
A cyber intrusion in July 2025 exposed resident and patient data from Waveny LifeCares network; no encryption or quantitative data reported, actor unconfirmed.
Toptal
July 20, 2025
•[ data leak, source code leak, supply chain attack ]
73 repositories made available, exposing private projects and source code. Attackers hijacked Toptals GitHub organization and published 10 malicious npm packages before takedown. Later updates indicated minimal impact to external users.
National Institutes of Health; National Nuclear Security Administration
July 20, 2025
•[ data leak, vulnerability ]
NIH and the National Nuclear Security Administration were impacted in a global Microsoft SharePoint breach; no classified information reported compromised; scope and severity under investigation.
UK Ministry of Defence (ARAP applicants)
July 19, 2025
•[ data leak ]
Article discusses government response to the previous ARAP data breach; thousands at risk; records of 18,714 applicants exposed; coding reflects exposure context.
Neblio Technologies Pvt Ltd
July 19, 2025
•[ insider threat, data leak ]
Company reported approximately Rs 384 crore (~$44M) in cryptocurrency transferred from a company wallet around 2:37 am on July 19 to six accounts; internal probe suggested an employee laptop compromise and potential insider involvement.
Canopy Healthcare
July 18, 2025
•[ unauthorized access, data breach, data leak ]
DataBreaches summarized RNZ reporting that Canopy Health said it identified on July 18, 2025 that an unknown person temporarily obtained unauthorized access to part of its systems used by its administration team. Canopy said forensic review indicated unauthorized access to one of its servers likely occurred and that some data may have been copied. The provider stated the incident was contained, that an investigation was ongoing, and that it sought and obtained an urgent High Court injunction to prevent use or publication of any information that may have been accessed. The report did not enumerate specific data elements or counts of affected individuals.
Claro Argentina
July 17, 2025
•[ data leak ]
Local outlet reports a claim that Claro Argentinas database was hacked and is for sale on the dark web.
Visiting Nurse Association of Texas
July 17, 2025
•[ unauthorized access, email compromise, PII ]
Visiting Nurse Association of Texas identified suspicious network activity on July 17, 2025; an unauthorized actor accessed employee email accounts and potentially compromised personal and health-related data belonging to thousands of individuals, per notice and investigation.
Allianz Life Insurance Company of North America
July 16, 2025
•[ data leak ]
Allianz Life confirmed that a threat actor accessed a third-party cloud CRM on July 16, exposing PII for most of its 1.4M customers.
Aunt Martha’s Health and Wellness
July 15, 2025
•[ data leak ]
Attackers accessed patient and employee information in July 2025; data exfiltrated but no encryption, actor attribution, or quantity of records reported.
