French Ministry of the Interior
November 12, 2025
•[ government, data leak, email compromise ]
Frances Interior Minister confirmed that the Ministry of the Interior experienced a cyberattack affecting its email servers. The intrusion was detected overnight between 12/11/2025 and 12/12/2025 and enabled the threat actors to access the ministrys email infrastructure and some document files. At the time of public confirmation, officials had not confirmed whether data was exfiltrated. In response, the ministry reported implementing standard containment procedures, tightening security protocols, and strengthening access controls. French authorities opened an investigation to determine the origin, intent, and full scope of the breach; possible explanations cited publicly included foreign interference, activists, or cybercriminals. The ministry is a high-value target given its responsibility for police forces, internal security, and immigration services.
JFS Wealth Advisors LLC
July 30, 2025
•[ email compromise, data leak ]
An unauthorized third party accessed a JFS Wealth Advisors corporate email account between July 30 and August 19, 2025, viewing messages containing names and Social Security numbers. JFS secured the account, investigated with third-party experts, and filed notice with state authorities.
The Washington Post
June 13, 2025
•[ data leak, espionage, email compromise ]
A targeted intrusion discovered on June 13 2025 compromised a limited number of Washington Post journalist email accounts, exposing internal correspondence and attachments. The publication stated no subscriber or HR data was affected. Investigation remains ongoing with indications of potential state-sponsored activity.
Cardiovascular Medicine Associates, PA (MyCardiologist)
June 12, 2025
•[ data leak, healthcare, email compromise ]
Hackers accessed MyCardiologists email environment between May 30 and June 12 2025, exfiltrating patient information including medical and insurance details; no encryption or quantitative data reported.
Office of the Comptroller of the Currency (OCC)
February 11, 2025
•[ data leak, email compromise, espionage ]
In February 2025, the U.S. Department of the Treasurys Office of the Comptroller of the Currency detected unauthorized access to its Microsoft 365 email environment. The compromise, which persisted for months before discovery, exposed roughly 103 mailboxes and more than 150,000 emails containing sensitive financial supervisory information. No attribution has been made public, but the incident exhibited characteristics of an espionage-focused breach. No encryption, ransom demand, or operational disruption was reported.
Baylor Scott & White Texas Spine & Joint Hospital
January 10, 2025
•[ Email Compromise, Data Leak, Unauthorized Access ]
Unauthorized access to O365 mailbox exposed patient demographic and treatment information.
Fyzical Acquisition Holdings LLC
January 9, 2025
•[ unauthorized access, email compromise ]
Unauthorized access to FYZICALs email environment was detected on December 9 2024 triggering an investigation that concluded in November 2025 Breach notifications were issued to affected individuals and state authorities in December 2025
Pro Medicus
January 7, 2025
•[ data leak, email compromise, employee data ]
Pro Medicus disclosed that it investigated unauthorized access by an unknown third party to a single email inbox in July 2025. The company said it engaged external cybersecurity experts, secured the inbox, and contained the incident. Its analysis concluded the access was isolated to one mailbox and did not provide access to any client systems or patient data; it also stated there was no operational impact or financial loss. Pro Medicus reported that PII for approximately 100 current and former employees could potentially have been accessed and that the affected individuals were notified.
Georgia Urology
October 25, 2024
•[ email compromise, healthcare, data leak ]
Georgia Urology disclosed unauthorized access to two employee Microsoft 365 email accounts that exposed patient PII/PHI; notification letters began March 27 2025.
Hillcrest Convalescent Center
October 15, 2024
•[ email compromise, data leak ]
Hillcrest reported email account breach affecting over one hundred thousand individuals.
Chord Specialty Dental Partners
August 18, 2024
•[ email compromise, data leak ]
Email Account Compromise At Dental Service Organization Impacted Over 170,000 Individuals.
John P. Meehan Agency
February 7, 2024
•[ email compromise, data leak ]
John P. Meehan Agency disclosed that it discovered unusual network activity on July 8, 2024 and later confirmed unauthorized access to a single employee email account between July 2 and July 8, 2024, during which data on the account was acquired. The agency reported that impacted information varied by individual and could include highly sensitive identifiers (SSNs and government IDs), financial account/payment card data, dates of birth, and medical information. Affected individuals began receiving notice in November 2025, more than a year after the email account compromise was discovered.
