Saint Mary’s Home of Erie
August 26, 2025
•[ unauthorized access, PII, PHI ]
A forensic investigation found that an unauthorized party accessed the Saint Marys Home of Erie network between August 26 and 28, 2025. Files and folders containing resident PII and PHI may have been exposed. The incident was reported to HHS OCR for at least 501 individuals while review continues.
Reno Department of Motor Vehicles
August 24, 2025
•[ ransomware, data leak ]
A ransomware attack against Nevada state government systems disrupted public services, and the Reno-area DMV continued to experience connectivity issues nearly two weeks later. DMV officials stated that drivers license transactions were impacted and first-time Real ID issuance was unavailable at the time of reporting, while some renewals and other transactions could proceed. State officials also publicly acknowledged evidence of some data being exfiltrated from the state network during the broader incident, though details were not tied to DMV systems in the sourced updates.
Miljödata (IT supplier for municipalities)
August 23, 2025
•[ ransomware, data leak, personal data ]
Suspected ransomware attack against Swedish IT supplier Miljdata disrupted critical services for ~200 municipalities starting August 23, 2025. Systems were encrypted, and attackers threatened to leak stolen personal and medical data unless paid 1.5 BTC.
Anchorage Neighborhood Health Cente
August 22, 2025
•[ ransomware, data leak ]
Anchorage Neighborhood Health Center disclosed that an unauthorized third party gained access to certain systems and that sensitive personal information and protected health information may have been exposed, including identifiers (such as Social Security numbers and state ID numbers) and medical/insurance information. Reporting around the incident also described operational impacts at the clinic, including phone lines being down and appointment scheduling disruptions for more than a week in late August 2025. The organization filed a public notice and began sending notification letters to impacted individuals on November 19, 2025.
Insight Hospital and Medical Center
August 22, 2025
•[ unauthorized network access, data leak, medical records breach ]
Insight Hospital and Medical Center issued a substitute notice stating it detected unusual network activity in September 2025 and determined an unauthorized individual accessed its network between August 22 and September 11, 2025. The notice stated affected individuals would be notified after completion of a file review and listed potentially involved data types, including identifiers (name, SSN, DOB), government IDs, financial account information, and treatment/insurance-related information. The DataBreaches post notes the incident after data was reported as leaked/appearing online.
Pittsburgh Gastroenterology Associates
August 20, 2025
•[ ransomware, data leak ]
A ransomware group known as Sinobi claimed on August 20, 2025, to have obtained data belonging to Pittsburgh Gastroenterology Associates. Reports indicate approximately 198GB of patient data were exfiltrated following unauthorized access to internal systems. The organization reported no service disruption or encryption, confirming only exfiltration of stored patient files.
Butler County
August 17, 2025
•[ ransomware, data leak ]
A cyberattack disrupted Middletown city services on or about Aug. 17, 2025. City staff reported email accounts were offline for weeks (some gradually restored), main phone lines remained down, and key functions such as generating new utility bills and accessing utility/tax account information were unavailable. Online public/police record requests and background checks were paused, and the city relied on backup processes while working with third-party specialists to investigate and restore systems. Preliminary findings indicated some city employee information may have been affected, but the investigation had not determined what personal information (if any) was impacted.
Barrio Family Health Care Center
August 16, 2025
•[ email compromise, unauthorized access, data leak ]
KENS5 reported Barrio Comprehensive Family Health Care Center notified patients about a cybersecurity incident involving unauthorized access to employee email accounts. The clinic said it discovered the incident on Sept. 16, 2025 and later determined that up to 19,885 individuals may have been affected. The exposed information varied by individual and was contained in the compromised email accounts; the report frames the event as a successful email compromise leading to exposure of patient information.
Norway Savings Bank
August 14, 2025
•[ data leak, supply chain ]
Norway Savings Bank reported that a third-party data services provider suffered a security incident on August 14, 2025, allowing an external actor to access portions of its hosted environment that contained bank customer data. The breach potentially exposed personal and financial information for about 44,259 Maine residents, including identifiers and account details, although no misuse had been confirmed at the time of disclosure. The banks own systems were not directly compromised, but it engaged cybersecurity experts, reviewed transaction patterns, and began offering credit monitoring and identity-theft protection to affected customers.
CoVantage Credit Union
August 14, 2025
•[ data leak, third-party breach ]
CoVantage reported a data breach originating at its third-party vendor, Marquis Software Solutions. CoVantage learned on 08/14/2025 that Marquis experienced a cybersecurity incident affecting its internal environment, and Marquis later determined that files containing CoVantage customer information had been accessed or acquired. CoVantage filed notice with the Maine Attorney General and began notifying affected individuals on 11/26/2025.
Marquis Software Solutions
August 14, 2025
•[ ransomware, data leak ]
Marquis Software Solutions detected suspicious activity on Aug. 14, 2025 and determined it was the victim of a ransomware attack. An unauthorized party accessed Marquis network via a SonicWall firewall and may have acquired files from Marquis systems. Marquis stated the incident was limited to its environment (customers internal banking systems were not impacted) and that it had no evidence of misuse at the time of the notice. The potentially affected personal information for Maine residents includes names, addresses, phone numbers, Social Security numbers/TINs, dates of birth, and financial account information without security/access codes.
Industrial Credit Union of Whatcom County
August 14, 2025
•[ data leak, third-party breach ]
Industrial Credit Union of Whatcom County reported a data breach stemming from a security incident at a third-party communication delivery vendor that provides print and email services to financial institutions; the credit union stated its own systems were not breached. The potentially impacted data includes names, dates of birth, Social Security numbers, and financial/banking information. The credit union filed notice with the Washington State Attorney Generals office and began sending notification letters to impacted individuals on Nov. 26, 2025. Public reporting linked this incident to the Marquis Software Solutions vendor intrusion detected on Aug. 14, 2025.
Elmcrest Children’s Center, Inc.
August 12, 2025
•[ data leak ]
Elmcrest Childrens Center, Inc. detected unauthorized access to its computer network on August 12, 2025. The investigation determined that files containing information for approximately 23,500 individuals were accessed, including names, addresses, dates of birth, treatment details, and insurance information.
Church of Scientology
August 12, 2025
•[ ransomware, data leak ]
heise reported that the ransomware-as-a-service group Qilin listed Scientology as a new victim on its darknet leak site and claimed to have stolen data from Scientologys UK IT systems. The article notes that screenshots suggest exposure of documents tied to UK visa cost approvals as well as lists of members including account balances and level within the organization, with entries not limited to the UK. No ransom demand amount or operational impacts were confirmed in the reporting, and the consequences for the organization were described as unclear.
Quasar Inc
August 12, 2025
•[ extortion, data leak ]
Hackread reported that the Space Bears extortion group claimed it obtained Comcast-related technical documentation via a breach at Quasar Inc. and threatened to publish it after a countdown timer. The article states the group did not provide file samples for the Comcast-related claim, making independent verification impossible at the time of publication; the leak site also listed Quasar as a separate victim. Because the only available evidence in the source is a threat-actor claim without proof or victim confirmation, this should be treated as an unverified claim rather than a confirmed cyber event record.
Madison County Health Department (Kentucky)
August 12, 2025
•[ data leak ]
This item concerns a reported data breach affecting the Madison County Health Department in Kentucky, with public reporting indicating that the personal information of 71 individuals was exposed. Due to access restrictions/timeouts when retrieving the primary notice and the original local-news article, the available sources do not provide reliable, verifiable detail on the exact intrusion method, the precise dates of unauthorized access, or the specific categories of personal information involved. The event is coded as an exploitive incident (data breach) because a breach with exposed personal information is reported, but the record-level details remain undetermined based on the accessible evidence.
Elmcrest Children’s Center, Inc.
August 12, 2025
•[ unauthorized access, data leak, health information ]
Elmcrest Childrens Center, Inc. detected unauthorized access to its computer network on August 12, 2025. The investigation determined that files containing information for approximately 23,500 individuals were accessed, including names, addresses, dates of birth, treatment details, and insurance information.
Pornhub
August 11, 2025
•[ extortion, phishing, data leak ]
Cybercriminal group ShinyHunters claimed theft of a 94GB dataset containing about 201 million records tied to Pornhub Premium user activity and launched an extortion campaign demanding payment in Bitcoin. Reporting linked the compromise to third-party analytics provider Mixpanel, where access allegedly began on November 8, 2025 after a smishing attack harvested employee login credentials. Samples reviewed by journalists reportedly included email addresses, approximate location (city/country), video titles and URLs, search keywords, and timestamps for watches/downloads. Pornhub stated its internal systems were not directly hacked and that sensitive items such as passwords and credit card details remained secure, while Mixpanel later suggested some access may have involved a legitimate employee account associated with Pornhubs parent company, Aylo.
BreachForums (2025)
August 11, 2025
•[ data leak, hacking, law enforcement takedown ]
In October 2025, a reincarnation of the hacking forum BreachForums, which had previously been shut down multiple times, was taken offline by a coalition of law enforcement agencies. In the months leading up to the takedown, the site itself suffered a data breach that exposed 324k unique email addresses, usernames, and Argon2 password hashes.
BreachForums (2025)
August 11, 2025
•[ data leak, hacking forum, law enforcement action ]
In October 2025, a reincarnation of the hacking forum BreachForums, which had previously been shut down multiple times, was taken offline by a coalition of law enforcement agencies. In the months leading up to the takedown, the site itself suffered a data breach that exposed a total of 672k unique email addresses across all tables, including within forum posts and private messages. The users table alone contained 324k unique email addresses, usernames, and Argon2 password hashes.
