National Council of Notaries of Morocco (Tawtik.ma Platform)
June 2, 2025
•[ data leak, hacktivism ]
Hacktivist group Jabaroot DZ exfiltrated data from Moroccos Tawtik.ma platform used by the National Council of Notaries; DGSSI confirmed the breach was limited to this platform and did not affect ANCFCC; attackers claimed to have accessed 4 TB of non-classified notarial records.
Connex Credit Union systems
June 2, 2025
•[ data leak ]
An unauthorized access between June 23, 2025, allowed attackers to steal sensitive personal and financial data; no evidence of account compromise; notifications began late July into early August; credit monitoring offered
American Hospital Dubai
June 1, 2025
•[ ransomware, data leak ]
Ransomware group Gunra claimed on June 1 2025 to have breached AHDs Cerner Millennium EHR and exfiltrated a multi-terabyte dataset; figures include a claimed 450M records and 4,589,196 patients; no independent confirmation of volume or encryption.
City of Durant
June 1, 2025
•[ ransomware, data leak ]
City of Durant experienced a cyber intrusion on June 1 2025 attributed to INC
McDonald’s recruitment chatbot platform
June 1, 2025
•[ data leak ]
SecurityWeek reported that a recruitment chatbot platform used by McDonalds leaked data on approximately 64 million job applicants worldwide.
McDonald’s recruitment chatbot platform
June 1, 2025
•[ data leak, recruitment, chatbot ]
SecurityWeek reported that a recruitment chatbot platform used by McDonalds leaked data on approximately 64 million job applicants worldwide.
Gastroenterology Consultants of South Texas
May 31, 2025
•[ data leak ]
Gastroenterology Consultants of South Texas (Texas Digestive Specialists) detected unauthorized access to its IT systems in late May 2025.
The Salvation Army
May 29, 2025
•[ ransomware, data leak ]
Media cite Chaos ransomware listing The Salvation Army and claim of data exfiltration, but no verified confirmation from the organization at time of reporting.
UCLH & University Hospital Southampton NHS Trusts
May 29, 2025
•[ vulnerability exploit, data leak ]
Hackers exploited a critical Ivanti EPMM flaw affecting two NHS trusts; data theft involved staff device details, with no patient data accessed according to UCLH; NHSE investigating.
Legal Practice Board of Western Australia
May 28, 2025
•[ ransomware, data leak ]
The regulator confirmed a ransomware attack; threat actors claimed 300 GB exfiltration. The Board took some systems offline, investigated with external experts, and notified affected parties.
Scania AB
May 28, 2025
•[ data leak, extortion ]
Scania confirms insurance claim data breach in extortion attempt
McElroy & Associates, Inc.
May 28, 2025
•[ data leak, unauthorized access, HIPAA ]
McElroy & Associates, Inc., a professional services firm operating as a HIPAA-covered healthcare business associate, disclosed unauthorized access to an employee email account occurring between May 28 and May 30, 2025. A forensic investigation determined that personal and protected health information may have been exposed. The company notified affected individuals and regulators; no operational disruption was publicly reported.
Adidas
May 27, 2025
•[ data leak ]
Adidas disclosed that an unauthorized party accessed consumer data via a third-party customer service provider; impacted data is contact information of people who interacted with customer support.
York County
May 27, 2025
•[ data leak, third-party ]
County alerted residents to a possible data privacy event involving a vendor.
Tiffany & Co.
May 26, 2025
•[ data leak, third-party breach ]
Selected Tiffany Korea customers notified of unauthorized access to a vendor system used for customer data; reporting to date only confirms impact on Korean/Chinese customers and does not indicate EU/US exposure or operational disruption.
Income Insurance
May 25, 2025
•[ ransomware, data leak, third-party ]
Bonus statements of at least 146 policyholders compromised after ransomware at printing/mailing vendor DataPost; exposed data includes names, postal address, policy number/plan, and 2024 annual bonus; Income says its own systems remain secure and investigation continues.
Choksi Laboratories Limited
May 22, 2025
•[ ransomware, data leak ]
Indore pharma laboratory reported ransomware: servers breached, all data encrypted, ransom demanded; police case opened and investigation ongoing.
Undisclosed United States local governments
May 22, 2025
•[ data leak, zero-day exploit ]
Exfiltration via now-patched Trimble Cityworks zero-day; multiple U.S. local governments breached.
The Coca-Cola Company
May 22, 2025
•[ ransomware, data leak ]
Everest ransomware actors claimed theft of data on ~959 Coca-Cola employees in the Middle East (UAE, Oman, Bahrain); separate group also claimed a breach at Coca-Cola Europacific Partners. Coded as exploitive data theft based on reporting.
Keir Giles (UK academic)
May 22, 2025
•[ social engineering, phishing, data leak ]
Targeted social-engineering campaign impersonating U.S. State Department tricked Keir Giles into generating app-specific passwords, allowing a nation-state actor to access his Gmail account data stored on Google servers; no evidence of intrusion into affiliated institutional networks.
