Search Results for "Data Leak"

Undisclosed Korean financial institutions November 25, 2025 • [ ransomware, supply-chain attack, data leak ] Bitdefender reported a targeted supply-chain attack in which the Qilin ransomware group compromised managed service providers to access numerous South Korean financial institutions. The attackers exfiltrated data and listed victims on their leak site, with at least 25 firms affected in a single month.

Dolar Financial Group November 25, 2025 • [ ransomware, data leak, extortion ] Money Mart (National Money Mart Company Database) was posted to the Everest ransomware groups leak site around Nov 25, 2025, with the attackers claiming they exfiltrated 80,000+ internal files and threatening to publish them by Nov 30. Reporting states Cybernews reviewed the leaked samples and observed multiple categories of data, including customer identification/contact details and identity documents, financial data (including partial credit card details and transaction-related records), and extensive employee information. The report describes the incident primarily as data theft/extortion, with no confirmed public statement from Money Mart included in the article and no operational outage details provided in the cited reporting.

Royal Borough of Kensington and Chelsea November 24, 2025 • [ data leak ] RBKC confirmed that attackers accessed council systems and copied data during a cyber incident identified on November 24. The council reports that only historical data was affected, though exfiltrated information may enter the public domain. Emergency plans were activated and some online services and phone lines were disrupted.

The Miller Financial Group November 24, 2025 • [ data leak ] Unauthorized access to internal systems at The Miller Financial Group exposed sensitive personal data for at least seven Massachusetts residents, including names, Social Security numbers, state-issued IDs, and financial institution information. TMFG notified the Massachusetts Attorney General on November 7, 2025 and issued consumer notification letters.

Iberia Líneas Aéreas de España S.A. November 23, 2025 • [ data leak ] Spanish flag carrier Iberia began notifying customers after discovering that unauthorized access to a suppliers systems had exposed limited loyalty-program data, including names, email addresses and Iberia Club card IDs, while emphasizing that passwords and payment information remained safe; the airline activated its security protocols, added additional protections around account email changes, notified regulators, and continues to investigate the vendor breach and a purported 77 GB data listing on hacker forums.

Department of the Interior and Local Government (DILG) November 23, 2025 • [ data leak, hacktivism ] Hacktivist group HappyGoLuckyPH claims to have infiltrated the Philippine Department of the Interior and Local Governments intranet and exfiltrated about 400GB of internal government data, including personal and financial details of roughly 10,000 employees and contractors, while DILG publicly states it is still verifying the alleged breach and says core systems remain stable; despite the ongoing verification, the combination of leaked samples and size claims is treated here as a successful cyberattack involving significant data theft.

Adda.io November 23, 2025 • [ data leak ] Data breach at Adda.io: a hacker using the alias Blinkers posted a dataset claiming to contain personal information for approximately 1.86 million users, including names, phone numbers, email addresses, owner IDs, and MD5-hashed passwords.

Precipio Inc. November 23, 2025 • [ unauthorized access, data leak, protected health information ] Precipio posted a Notice of Data Event stating it learned on or about November 25, 2025 that an unauthorized user accessed an employees cloud-based storage account. The companys investigation (with third-party cybersecurity specialists) determined the unauthorized access occurred on or around November 23, 2025 and that certain files in the account were copied without authorization. Precipio stated the impacted information varies by person but may include identifiers and protected health information such as names, addresses, MRNs, DOB, clinical/treatment and procedure information, provider name, prescription information, and health insurance information. The notice said law enforcement was notified and that additional notifications would follow after file review completion.

French Football Federation (FFF) November 22, 2025 • [ data leak, unauthorized access ] The French Football Federation disclosed that an unauthorized party accessed administrative software on November 22 and exfiltrated personal and membership information for registered members; no operational disruption or actor attribution was identified.

Resecurity honeypot November 21, 2025 • [ honeypot, data leak, threat intelligence ] Threat actors identifying as 'Scattered Lapsus$ Hunters' claimed they had gained full access to Resecurity systems and stolen employee data, internal chats/logs, threat intelligence reports, and client lists, posting screenshots on Telegram. Resecurity denied that its production environment was breached and said the actor interacted with an isolated honeypot account and systems populated with synthetic (fabricated) customer, employee, and payment data. Resecurity reported it first detected suspicious probing activity on November 21, 2025 and monitored subsequent automated extraction attempts against the decoy environment, treating the incident as an intrusion attempt rather than a confirmed compromise of real systems/data.

Almaviva S.p.A. November 20, 2025 • [ data leak ] Threat actor breached Almaviva (IT services provider for FS Italiane Group), exfiltrated about 2.3TB of internal data including technical documentation, contracts, accounting records, HR archives and multicompany repositories across several FS Group companies; data appears recently generated (Q3 2025); Almaviva confirmed a breach, isolated systems, and launched response procedures.

International Game Technology PLC (IGT) November 20, 2025 • [ ransomware, data leak ] Ransomware-as-a-service group Qilin added gambling-technology giant IGT to its data leak site and claims to have stolen about 10GB of data, roughly 21,600 files, from the companys systems; the archive is labeled as already published on the dark web, but no file samples or detailed data contents were shared publicly at the time of reporting, and IGT has not confirmed or denied the incident, so this entry treats the event as a threat-actor-claimed data-theft attack with the nature of the exposed information still undetermined.

4 Student Email Accounts at New Haven Public Schools November 20, 2025 • [ phishing, data leak ] A phishing campaign against New Haven Public Schools used compromised student email accounts to send more than 10,000 messages districtwide that spoofed legitimate requests for bank details. Over 1,000 students opened the emails and an unknown number submitted financial and personal information, putting families at immediate risk of fraud and identity theft. The districts IT team is resetting affected accounts, purging malicious messages, and warning students to contact their banks and avoid clicking suspicious links.

DocuBizz November 20, 2025 • [ ransomware, data leak ] A ransomware attack against Danish automotive IT provider DocuBizz resulted in theft of drivers license information, CPR numbers, bank account numbers, and other customer data belonging to car dealerships and their clients. No encryption or service disruption has been confirmed.

Heart of Texas Behavioral Health Network November 20, 2025 • [ data leak, physical security ] A local report stated that Heart of Texas Behavioral Health Network identified a privacy incident on November 20, 2025 after an unauthorized person broke into a McLennan County facility. The organization said paper patient records stored in the building may have been accessed or removed. The potentially involved information includes patient identifiers and protected health information such as names, addresses, dates of birth, Social Security numbers, medical record numbers, diagnoses, and treatment/procedure information, as well as Medicaid or other health insurance details.

Pajemploi November 19, 2025 • [ data leak ] French social security service Pajemploi reported that its systems suffered a theft of personal data belonging to professional caregivers registered with the program and estimates that information for about 1 point 2 million individuals may have been exposed according to an announcement by parent organisation URSSAF and coverage by DataBreaches

Doctor Alliance LLC November 18, 2025 • [ ransomware, data leak ] Ransomware actor Kazu again compromised Dallas-based healthcare document and billing platform Doctor Alliance, exploiting an unpatched vulnerability and reused admin credentials to access a high-privilege account and steal nearly 1.27 TB of medical documents and related files affecting potentially more than a million patients; the firm has acknowledged unauthorized access to at least one client account and faces multiple federal class actions while still providing limited public transparency.

Harvard University November 18, 2025 • [ phishing, vishing, data leak ] Harvard University reported that a voice-phishing attack against Alumni Affairs and Development staff on November 18, 2025 led to unauthorized access to its AAD information systems, exposing contact details, fundraising records and event data for alumni, donors, parents, some students and some faculty and staff; the university locked out the intruder, notified affected individuals beginning November 22, and is working with law enforcement and incident response specialists.

Coupang November 18, 2025 • [ data leak, phishing ] South Korean e-commerce firm Coupang reported that an unauthorized third party accessed a customer database and exfiltrated personal information on about 4,500 users. Exposed fields included names, contact details, shipping addresses, and information about recent purchases, raising the risk of targeted phishing and fraud using order history. Coupang says it blocked the intruders access as soon as the breach was detected and has notified regulators and customers while monitoring for signs of misuse of the stolen data.

Eurofiber France November 17, 2025 • [ data leak ] Eurofiber France confirmed that an unauthorized party accessed a customer account system and that verified customer data was offered for sale online; the company reported exposure of contact and account information but no operational disruption or compromise of passwords or payment data.

Search Results (Data Leak)