Alternate Solutions Health Network, LLC
May 30, 2024
•[ phishing, data leak ]
On or around May 30 2024, an unauthorized actor accessed an employee email account at Alternate Solutions Health Network. The account was secured after discovery; investigation concluded February 14 2025 and confirmed exposure of PHI. Notifications were issued beginning April 14 2025.
Maryhaven, Inc.
May 30, 2024
•[ data leak, healthcare, unauthorized access ]
Maryhaven, a behavioral health and addiction treatment provider in Ohio, detected unauthorized access to its systems on June 1 2024. An unknown actor accessed and exfiltrated patient and employee PHI/PII data (~7,000 records). No encryption or operational disruption occurred. Disclosure issued April 11 2025 through Cyberscout/TransUnion.
RestorixHealth
May 29, 2024
•[ phishing, data leak ]
Investigation confirmed unauthorized access to one mailbox (May 729, 2024); notification letters commenced Feb 14, 2025.
The Cooper Health System
May 14, 2024
•[ data leak ]
Unauthorized access discovered May 14 2024 to Cooper Health file servers resulted in data exfiltration of 57,412 patient records; no service disruption reported; investigation closed Mar 26 2025.
Doctors Imaging Group
May 11, 2024
•[ ransomware, data leak ]
Radiology practice disclosed that attackers had network access Nov 511, 2024 and copied files with PHI/PII; 171k people impacted; ransomware attribution Undetermined.
San Francisco-Marin Food Bank
May 10, 2024
•[ data leak ]
Between May 10 and May 30 2024, unauthorized actors accessed the network of the San Francisco-Marin Food Bank, exposing personal data including Social Security numbers, IDs, and financial or medical details for approximately 60,180 individuals. The breach was discovered May 31 2024 and disclosed publicly in February 2025. The organization engaged cybersecurity experts and notified affected individuals; no misuse has been confirmed.
Abri Credit Union
May 3, 2024
•[ data leak ]
Abri Credit Union disclosed unauthorized access to its systems occurring in May 2024 that was discovered in December 2025. The incident may have exposed personal, financial, and limited medical information of members. The credit union notified affected individuals and offered credit monitoring services; no operational disruption was publicly reported.
Bağcılar Training and Research Hospital
April 12, 2024
•[ cyber attack, medical records, ransomware ]
A cyber attack on the Baclar Training and Research Hospital in Istanbul compromises the confidential medical records, including X-ray scans and test results, taken at the hospital since 2007. It is rumored that the attackers asked for 200,000 dollars in exchange for the medical records.
Gastroenterology Associates Of Central Florida
April 11, 2024
•[ data leak, unauthorized access ]
Orlando practice disclosed network intrusion exposing patient data including identifiers and health information.
Center For Digestive Health
April 11, 2024
•[ data leak ]
Center for Digestive Health disclosed network access and data exfiltration; notices mailed February 2025.
Radiology Associates of Richmond (RAR)
April 10, 2024
•[ data leak ]
RAR disclosed more than 1.4M affected after determining files with PHI/PII were present on systems accessed for several days in April 2024; HHS tracker shows 1,419,091.
The Watergate Hotel
April 6, 2024
•[ data leak ]
An unauthorized actor accessed and exfiltrated data from The Watergate Hotels network beginning April 6, 2024. The compromised information includes names, SSNs, drivers license numbers, and medical and financial data of approximately 2,220 people. No encryption or service disruption reported.
Prosecutor’s Office of the Russian Federation (epp.genproc.gov.ru)
April 6, 2024
•[ hacktivism, data leak, criminal cases ]
The RGB group, self-identifying as a hacktivist collective, also has asserts responsibility for breaching the Prosecutors Office of the Russian Federation (epp.genproc.gov.ru). To substantiate their claim, the group leaked an Excel file containing precisely 100,000 lines of information about criminal cases from 2013.
Russia’s prosecutor general
April 4, 2024
•[ hacktivism, data leak, criminal records ]
A group of hacktivists going by the name RGB-TEAM claims responsibility for hacking into the website of Russias prosecutor general, exposing data on criminal offenses committed in Russia over the past 30 years.
Lee University
March 22, 2024
•[ data leak, third-party breach ]
University filed notices after third-party software exploit enabled data access.
ALN Medical Management, LLC
March 18, 2024
•[ data leak, supply chain, healthcare ]
ALN Medical Management, LLC, a revenue-cycle management provider for healthcare practices, reported unauthorized access to third-party hosted systems between March 18 and 24, 2024, exposing sensitive patient and financial data.
Medical Express Ambulance Service
March 18, 2024
•[ ransomware, data leak, healthcare ]
Ransomware-linked intrusion in Mar 2024 gave unauthorized access to ambulance-service billing servers; data theft confirmed via Maine AG filing and HIPAA Journal report.
Lyon Management Group, Inc. (Lyon Living)
March 15, 2024
•[ data leak ]
Lyon Management Group, Inc. (doing business as Lyon Living) reported that an unauthorized third party gained access to its network between March 14 and March 15, 2024, and acquired files containing personal information. The company stated that the breach involved names and other PII belonging to tenants and employees. There was no evidence of encryption or disruption, and the number of affected individuals was not disclosed.
Stock Development LLC
March 2, 2024
•[ ransomware, data leak ]
Stock Development confirmed network intrusion spanning April 2023 to March 2024. LockBit claimed the breach, posting 1 TB of stolen data. Victims notified beginning January 2025; about 13,147 individuals confirmed. No public confirmation of encryption or forensic attribution beyond the claim.
Telefónica
March 1, 2024
•[ cyberattack, data leak, unauthorized access ]
Telefnica investigates the claims of a possible cyberattack occurred in March that allowed criminals to access more than 2 million records of clients and collaborators of the company.
