Mutua Madrileña
September 27, 2024
•[ cyber attack, data leak, third-party breach ]
Mutua Madrilea suffers a cyber attack on its home customer base, through an external provider, which affects thousands of customers.
AultCare Corporation
September 25, 2024
•[ phishing, data leak ]
An unauthorized party accessed an employee email account and a SharePoint instance on 2024-09-25. AultCare reviewed affected content and began notifying brokers and affected individuals by 2025-01-21.
Michigan Surgery Center
September 23, 2024
•[ data leak ]
Ambulatory surgery center reported unauthorized access to systems containing patient information.
Broadcom Inc
September 15, 2024
•[ ransomware, data leak ]
Ransomware on ADP partner Business Systems House led to theft of Broadcom employee data; leaks appeared in Dec 2024 and full impact was clarified to Broadcom in May 2025.
Grede Holdings LLC
September 12, 2024
•[ data leak ]
Grede Holdings mailed breach notices after unauthorized access exposed consumer information.
Nuna Baby Essentials
September 8, 2024
•[ data leak, payment card information ]
Company disclosed network intrusion exposing payment card information of customers.
Zenith American Solutions, Inc.
September 6, 2024
•[ phishing, data leak ]
Unauthorized access to Zenith American Solutions network discovered September 6 2024 after an employee email account was compromised via phishing; over 12,000 individuals names, dates of birth, Social Security numbers, and benefit-plan documents potentially accessed. The firm notified regulators January 2025 and publicly disclosed in June 2025. No actor attribution or ransom demand reported.
Plaisted Companies, Inc.
September 4, 2024
•[ data leak ]
On or around September 4 2024, Plaisted Companies, Inc. experienced unauthorized access to internal application servers storing personal data. The company reported potential exposure of files containing personally identifiable information and began notifications on March 26 2025. No encryption, data theft confirmation, or ransom activity was reported.
Numotion
September 2, 2024
•[ phishing, data leak ]
Email account compromises exposed customer information at numotion.
National Police
September 1, 2024
•[ data leak ]
Dutch intelligence services said a previously unknown Russian group (LAUNDRY BEAR) hacked multiple orgs including police; the police GAL was stolen in Sept 2024.
Northwest Retirement Plan Consultants
August 31, 2024
•[ data leak ]
NWRPC reported August 31, 2024 network access exposing sensitive information; notifications sent.
Port of Seattle
August 24, 2024
•[ ransomware, data leak ]
The Port of Seattle confirmed a ransomware-linked data breach attributed to the Rhysida group on August 24, 2024. Attackers exfiltrated approximately 90,000 records containing personal and employee data from legacy systems. No encryption or operational disruption occurred.
Chord Specialty Dental Partners
August 18, 2024
•[ email compromise, data leak ]
Email Account Compromise At Dental Service Organization Impacted Over 170,000 Individuals.
Obi Seafoods
August 16, 2024
•[ data leak ]
OBI Seafoods reported August 2024 incident; letters mailed March 12, 2025.
AOD Federal Credit Union
August 8, 2024
•[ data leak ]
AOD Federal Credit Union disclosed that an unauthorized actor accessed its network between Aug 89, 2024; on Mar 4, 2025 the investigation confirmed potential access/acquisition of personal data and consumer notifications began in late March 2025.
St. Anthony Hospital (SSM Health)
August 6, 2024
•[ malware, data leak, insider threat ]
On August 6 2024, Jeffrey Bowie, CEO of cybersecurity firm Veritaco, allegedly installed malware on computers at St. Anthony Hospital (SSM Health) in Oklahoma City. The malware took screenshots roughly every 20 minutes and transmitted them to an external address. The activity was detected and contained quickly, and hospital officials reported no patient or clinical data access. Bowie was arrested on April 16 2025.
City of Roseburg
August 4, 2024
•[ data leak ]
City reported an August 4, 2024 breach; forensic work through Jan 6, 2025 confirmed exposure and notices sent in late Feb 2025.
Life University
July 30, 2024
•[ data leak, ransomware ]
On July 30 2024, an unauthorized actor accessed portions of Life Universitys network in Marietta, Georgia, and obtained files containing personal and identification information. The breach was disclosed publicly on April 2 2025 through state regulatory filings and a JD Supra summary. While no actor was named, the activity reflects a financially motivated criminal intrusion typical of U.S. higher-education sector data thefts.
Connally Memorial Medical Center
July 29, 2024
•[ phishing, data leak ]
Unauthorized access to an employee email led to confirmation of broader file access; notice posted 27-09-2024; continued notifications.
Sax LLP
July 25, 2024
•[ data leak ]
Sax LLP disclosed that threat actors gained unauthorized access to its systems in late July 2024 and accessed files containing sensitive personal information; suspicious activity was detected on August 7, 2024.
