Obi Seafoods
August 16, 2024
•[ data leak ]
OBI Seafoods reported August 2024 incident; letters mailed March 12, 2025.
AOD Federal Credit Union
August 8, 2024
•[ data leak ]
AOD Federal Credit Union disclosed that an unauthorized actor accessed its network between Aug 89, 2024; on Mar 4, 2025 the investigation confirmed potential access/acquisition of personal data and consumer notifications began in late March 2025.
St. Anthony Hospital (SSM Health)
August 6, 2024
•[ malware, data leak, insider threat ]
On August 6 2024, Jeffrey Bowie, CEO of cybersecurity firm Veritaco, allegedly installed malware on computers at St. Anthony Hospital (SSM Health) in Oklahoma City. The malware took screenshots roughly every 20 minutes and transmitted them to an external address. The activity was detected and contained quickly, and hospital officials reported no patient or clinical data access. Bowie was arrested on April 16 2025.
City of Roseburg
August 4, 2024
•[ data leak ]
City reported an August 4, 2024 breach; forensic work through Jan 6, 2025 confirmed exposure and notices sent in late Feb 2025.
Life University
July 30, 2024
•[ data leak, ransomware ]
On July 30 2024, an unauthorized actor accessed portions of Life Universitys network in Marietta, Georgia, and obtained files containing personal and identification information. The breach was disclosed publicly on April 2 2025 through state regulatory filings and a JD Supra summary. While no actor was named, the activity reflects a financially motivated criminal intrusion typical of U.S. higher-education sector data thefts.
Connally Memorial Medical Center
July 29, 2024
•[ phishing, data leak ]
Unauthorized access to an employee email led to confirmation of broader file access; notice posted 27-09-2024; continued notifications.
Sax LLP
July 25, 2024
•[ data leak ]
Sax LLP disclosed that threat actors gained unauthorized access to its systems in late July 2024 and accessed files containing sensitive personal information; suspicious activity was detected on August 7, 2024.
City of Forest Park
July 24, 2024
•[ data leak ]
City of Forest Park disclosed that a July 24, 2024 network intrusion led to unauthorized access and potential exposure of personal data; as of disclosure, no misuse or data volume reported and no encryption indicated.
Jewish Child Care Association of New York (JCCA)
July 21, 2024
•[ data leak ]
JCCA reported that an unauthorized party accessed certain systems between July 21 and August 1, 2024, exposing personal and health information for 23,646 individuals. The incident was reported to HHS OCR in February 2025 and publicized in June 2025 breach notices.
Phoenix Rehabilitation & Nursing Center
July 20, 2024
•[ data leak, third-party breach ]
Third-party vendor breach exposed PHI/PII for Phoenix Rehab; access confirmed July 20, 2024; notifications sent Jan 28, 2025.
Alera Group
July 19, 2024
•[ data leak ]
PlanSponsor reports Alera confirmed unauthorized access to its technology environment between July 19 and August 4, 2024; on April 28, 2025 it confirmed personal data may have been removed and disclosed a total of 10,874 affected individuals.
The Alcohol & Drug Testing Service (TADTS)
July 15, 2024
•[ ransomware, data leak ]
TADTS notifying ~750,000 people of compromise stemming from a July 2024 ransomware attack, per SecurityWeek.
Smart ERP Solutions
July 13, 2024
•[ data leak ]
Vermont notice shows July 2024 incident; breach letters mailed March 11, 2025.
Pennsylvania State Education Association
July 6, 2024
•[ ransomware, data leak ]
Teachers union reports july 2024 breach with rhysida claim and mass notifications.
Harbin Clinic
July 1, 2024
•[ data leak, third-party breach ]
Third-party breach at Nationwide Recovery Services (July 2024) led to theft of Harbin Clinic patient data; disclosures and notifications in May 2025.
Chapman & Roberts PA
July 1, 2024
•[ data leak, law firm, pii ]
Greensboro immigration law firm disclosed a breach dating back to July 2024 that exposed client/individual PII; notifications issued in May 2025.
University of Medicine and Pharmacy HCMC Hospital
July 1, 2024
•[ data leak ]
Hackers leaked personnel data and configuration lists from over 50 servers belonging to the University of Medicine and Pharmacy HCMC Hospital; the method of compromise was not disclosed and no encryption or ransom activity was reported.
Patelco Credit Union
June 29, 2024
•[ ransomware, data leak, regulatory action ]
Ransomware encrypted Patelco systems on June 29, 2024, causing a near-total outage of digital banking through mid-July and exposing substantial member PII; DFPI later issued a consent order and $100,000 fine with mandated cybersecurity improvements.
Humboldt Independent Practice Association (IPA)
June 26, 2024
•[ data leak, healthcare, unauthorized access ]
Between June 26 and July 1 2024, an unauthorized actor accessed a Humboldt Independent Practice Association email account containing protected health information. Exposed data may include patient names, contact details, birth dates, diagnoses, insurance, and identification numbers. No evidence of encryption or confirmed data exfiltration has been reported. The breach was disclosed to HHS in November 2024 and publicly announced on February 15 2025.
