City of Forest Park
July 24, 2024
•[ data leak ]
City of Forest Park disclosed that a July 24, 2024 network intrusion led to unauthorized access and potential exposure of personal data; as of disclosure, no misuse or data volume reported and no encryption indicated.
Jewish Child Care Association of New York (JCCA)
July 21, 2024
•[ data leak ]
JCCA reported that an unauthorized party accessed certain systems between July 21 and August 1, 2024, exposing personal and health information for 23,646 individuals. The incident was reported to HHS OCR in February 2025 and publicized in June 2025 breach notices.
Phoenix Rehabilitation & Nursing Center
July 20, 2024
•[ data leak, third-party breach ]
Third-party vendor breach exposed PHI/PII for Phoenix Rehab; access confirmed July 20, 2024; notifications sent Jan 28, 2025.
Alera Group
July 19, 2024
•[ data leak ]
PlanSponsor reports Alera confirmed unauthorized access to its technology environment between July 19 and August 4, 2024; on April 28, 2025 it confirmed personal data may have been removed and disclosed a total of 10,874 affected individuals.
The Alcohol & Drug Testing Service (TADTS)
July 15, 2024
•[ ransomware, data leak ]
TADTS notifying ~750,000 people of compromise stemming from a July 2024 ransomware attack, per SecurityWeek.
Smart ERP Solutions
July 13, 2024
•[ data leak ]
Vermont notice shows July 2024 incident; breach letters mailed March 11, 2025.
Pennsylvania State Education Association
July 6, 2024
•[ ransomware, data leak ]
Teachers union reports july 2024 breach with rhysida claim and mass notifications.
Chapman & Roberts PA
July 1, 2024
•[ data leak, law firm, pii ]
Greensboro immigration law firm disclosed a breach dating back to July 2024 that exposed client/individual PII; notifications issued in May 2025.
Harbin Clinic
July 1, 2024
•[ data leak, third-party breach ]
Third-party breach at Nationwide Recovery Services (July 2024) led to theft of Harbin Clinic patient data; disclosures and notifications in May 2025.
University of Medicine and Pharmacy HCMC Hospital
July 1, 2024
•[ data leak ]
Hackers leaked personnel data and configuration lists from over 50 servers belonging to the University of Medicine and Pharmacy HCMC Hospital; the method of compromise was not disclosed and no encryption or ransom activity was reported.
Patelco Credit Union
June 29, 2024
•[ ransomware, data leak, regulatory action ]
Ransomware encrypted Patelco systems on June 29, 2024, causing a near-total outage of digital banking through mid-July and exposing substantial member PII; DFPI later issued a consent order and $100,000 fine with mandated cybersecurity improvements.
Humboldt Independent Practice Association (IPA)
June 26, 2024
•[ data leak, healthcare, unauthorized access ]
Between June 26 and July 1 2024, an unauthorized actor accessed a Humboldt Independent Practice Association email account containing protected health information. Exposed data may include patient names, contact details, birth dates, diagnoses, insurance, and identification numbers. No evidence of encryption or confirmed data exfiltration has been reported. The breach was disclosed to HHS in November 2024 and publicly announced on February 15 2025.
Ezynetic (IT vendor to Moneylenders Credit Bureau/ Credit Bureau Singapore)
June 24, 2024
•[ data leak ]
PDPC fined Ezynetic after breach impacting ~190,000 whose data, including credit reports, was put for sale; uncovered June 24, 2024.
Bitcoin Depot
June 23, 2024
•[ data leak ]
Bitcoin Depot reported a data breach that occured in June 2024 after completing an investigation on July 18, 2024. Customer data stolen affecting 27,000 individuals including personal information.
Catholic Charities of Southern Nevada
June 22, 2024
•[ data leak, PII/PHI exposure ]
Suspicious activity detected June 22, 2024; later notice confirms sensitive PII/PHI impacted.
NewsBank
June 20, 2024
•[ data leak, employee data, class action ]
Employee data breach at NewsBank discovered around July 1, 2024; investigation found unauthorized access June 20July 1, 2024 to systems holding employee PII (names, SSNs, DL, financial/credit-debit data; possible medical info). Class action reported Feb 20, 2025; no actor publicly identified.
Hong Ngoc General Hospital
June 15, 2024
•[ data leak ]
In June 2024 hackers advertised on cybercrime forums the sale of 112,000 patient and staff records stolen from Hong Ngoc General Hospital, including names, contact information, medical and financial data. The method of compromise was not disclosed, and no encryption was reported.
Community Dental Care, Inc.
June 12, 2024
•[ data leak, hacked ]
Community Dental Care (CDC), a Minnesota nonprofit dental healthcare provider, reported that an unauthorized third party may have viewed and obtained sensitive personal information and protected health information from its systems. CDC detected unauthorized activity on 12/20/2024 and investigated, later concluding that on or around 12/06/2024 an intruder may have accessed and acquired certain data. CDC performed a data review to determine what information was involved and identify affected individuals, completing that review on 03/24/2025, and posted a public notice on 03/28/2025. Potentially exposed information varied by person and could include names, Social Security numbers, addresses, dates of birth, drivers license or other government IDs, passport numbers, medical information, and health insurance information. CDC indicated it would update notices if additional information types were identified and offered guidance and services to affected individuals.
Ya-moon
June 1, 2024
•[ data leak ]
A hacker alias Valerie claims a breach of the Ya-moon forum in June 2024, publishing user data and chat logs.
