Full List

Search

Search Results (Email Compromise)

• Village of Chase May 19, 2026 • [ Business Email Compromise (BEC), Fraud, Financial Loss ] A vendors email account was compromised, causing the Village of Chase to send a payment to fraudulent bank details, resulting in a loss of $44,536; most of the funds were recovered and the loss was covered by prioryear surplus.
• 170 Ukrainian prosecutors and investigators March 1, 2026 • [ espionage, email compromise, state-sponsored ] Russia-linked hackers compromised Ukrainian prosecutors and investigators email accounts as part of a broader email-espionage campaign involving at least 284 inboxes.
• Hutt City Council March 1, 2026 • [ phishing, unauthorized access, email compromise ] Hutt City Council experienced a malicious phishing attack in March 2026 that resulted in unauthorized access to a number of email accounts. The council determined that five individuals had identity information compromised and 732 people may have had financial information exposed through email correspondence.
• Portland Public Schools February 3, 2026 • [ phishing, email compromise, unauthorized access ] A phishing email offering a fake part-time job opportunity was sent to students after a staff email account (reported as a teacher account) was compromised. Because the message originated from an internal staff account, it bypassed normal restrictions and reached many student inboxes across the district. The district technology department removed copies of the email from the school system and issued guidance for students who submitted information to the linked form. The confirmed effect is unauthorized use of an internal account to distribute phishing content; the report does not confirm broader system compromise or data exfiltration beyond what students may have submitted to the scam.
• Town of La Hague January 13, 2026 • [ intrusion, email compromise, unauthorized access ] The municipality of La Hague (France) announced it was the victim of an intrusion into its information system that impacted internal email accounts. Upon learning of the incident, the commune reported immediate actions including changing passwords for affected and administrator accounts, temporarily suspending email sending for impacted users, notifying relevant authorities (including ANSSI, CERT-FR, DINUM, CNIL, and local digital authorities), informing partners, and filing a formal complaint with the gendarmerie. Specialized law enforcement units began investigating the incident and its consequences while technical teams and service providers conducted parallel analysis. The announcement emphasized heightened vigilance against suspicious links/attachments and stated the municipality was working to restore system security.
• Congressional Staff email platform January 11, 2026 • [ cyber intrusion, state-backed hacking, email compromise ] TechStory reported that a cyber intrusion linked to the China-associated group known as Salt Typhoon compromised email systems used by staff supporting multiple powerful U.S. House committees (including foreign affairs, intelligence, and defense-related panels). The report said the intrusions were detected in December 2025, but investigators were still determining how long access persisted, what data was viewed or extracted, and whether any lawmakers personal accounts were affected. U.S. agencies and House offices were described as offering limited public comment while investigations continued, and China was reported as denying allegations of state-backed hacking.
• Venezuelan Ministry of Foreign Affairs January 1, 2026 • [ espionage, state-sponsored attack, data breach ] The same China-linked espionage campaign that compromised the Cuban Embassy in Washington D.C. also reportedly exploited Microsoft Exchange servers used by Venezuelas Ministry of Foreign Affairs and accessed officials email communications during the same January 2026 regional campaign.
• Southern Oregon Neurosurgery December 30, 2025 • [ email compromise, hacking, data leak ] Southern Oregon Neurosurgery (Southern Oregon Neurosurgical and Spine Associates, PC) disclosed a hacking incident that stemmed from an email breach and affected at least 1,000 individuals. According to reporting, the incident occurred in November 2025; the organization said its IT staff isolated the issue immediately once identified. The breach was reported to HHS as a hacking/IT incident involving email, indicating unauthorized access to email content (and potentially attachments) that contained patient-related information. While public reporting did not enumerate every exposed field, the confirmed impact is unauthorized access via email compromise with resultant exposure risk to individuals whose information was present in the affected mailbox(es).
• New York Life Insurance Company December 2, 2025 • [ unauthorized access, email compromise, personally identifiable information ] New York Life Insurance Company discovered unauthorized access to one of its agents' email accounts on December 2, 2025. After securing the account and completing its investigation, the company confirmed on April 8, 2026 that the compromised account contained some clients' personal information, including identifiers, financial information, medical information, and health insurance information. Public reporting did not identify a responsible actor, data volume, ransomware, or operational disruption.
• French Ministry of the Interior November 12, 2025 • [ government, data leak, email compromise ] Frances Interior Minister confirmed that the Ministry of the Interior experienced a cyberattack affecting its email servers. The intrusion was detected overnight between 12/11/2025 and 12/12/2025 and enabled the threat actors to access the ministrys email infrastructure and some document files. At the time of public confirmation, officials had not confirmed whether data was exfiltrated. In response, the ministry reported implementing standard containment procedures, tightening security protocols, and strengthening access controls. French authorities opened an investigation to determine the origin, intent, and full scope of the breach; possible explanations cited publicly included foreign interference, activists, or cybercriminals. The ministry is a high-value target given its responsibility for police forces, internal security, and immigration services.
• Barrio Family Health Care Center August 16, 2025 • [ email compromise, unauthorized access, data leak ] KENS5 reported Barrio Comprehensive Family Health Care Center notified patients about a cybersecurity incident involving unauthorized access to employee email accounts. The clinic said it discovered the incident on Sept. 16, 2025 and later determined that up to 19,885 individuals may have been affected. The exposed information varied by individual and was contained in the compromised email accounts; the report frames the event as a successful email compromise leading to exposure of patient information.
• JFS Wealth Advisors LLC July 30, 2025 • [ email compromise, data leak ] An unauthorized third party accessed a JFS Wealth Advisors corporate email account between July 30 and August 19, 2025, viewing messages containing names and Social Security numbers. JFS secured the account, investigated with third-party experts, and filed notice with state authorities.
• Visiting Nurse Association of Texas July 17, 2025 • [ unauthorized access, email compromise, PII ] Visiting Nurse Association of Texas identified suspicious network activity on July 17, 2025; an unauthorized actor accessed employee email accounts and potentially compromised personal and health-related data belonging to thousands of individuals, per notice and investigation.
• Laurel Health Centers July 11, 2025 • [ unauthorized access, email compromise, data leak ] Laurel Health Centers identified unauthorized access to portions of its email system during July 2025, which resulted in the potential exposure of personal and protected health information belonging to patients, as later disclosed in a public notice.
• Cetera Financial July 7, 2025 • [ unauthorized access, email compromise, PII ] Cetera Financial disclosed that an unauthorized person accessed a single employee email account between July 7 and August 21, 2025. A review completed around January 30, 2026 found that client information, including names, Social Security numbers, drivers license numbers, and financial account details, may have been compromised; affected individuals were notified beginning March 25, 2026.
• Williams Hart & Boundas June 30, 2025 • [ phishing, unauthorized access, personal information ] Williams Hart & Boundas discovered that a firm email account had sent and received phishing emails and determined the account had been accessed by an unauthorized individual; review found personal information in the account, and a Texas filing reported 7,844 affected Texas residents.
• The Washington Post June 13, 2025 • [ data leak, espionage, email compromise ] A targeted intrusion discovered on June 13 2025 compromised a limited number of Washington Post journalist email accounts, exposing internal correspondence and attachments. The publication stated no subscriber or HR data was affected. Investigation remains ongoing with indications of potential state-sponsored activity.
• Cardiovascular Medicine Associates, PA (MyCardiologist) June 12, 2025 • [ data leak, healthcare, email compromise ] Hackers accessed MyCardiologists email environment between May 30 and June 12 2025, exfiltrating patient information including medical and insurance details; no encryption or quantitative data reported.
• Office of the Comptroller of the Currency (OCC) February 11, 2025 • [ data leak, email compromise, espionage ] In February 2025, the U.S. Department of the Treasurys Office of the Comptroller of the Currency detected unauthorized access to its Microsoft 365 email environment. The compromise, which persisted for months before discovery, exposed roughly 103 mailboxes and more than 150,000 emails containing sensitive financial supervisory information. No attribution has been made public, but the incident exhibited characteristics of an espionage-focused breach. No encryption, ransom demand, or operational disruption was reported.
• Baylor Scott & White Texas Spine & Joint Hospital January 10, 2025 • [ Email Compromise, Data Leak, Unauthorized Access ] Unauthorized access to O365 mailbox exposed patient demographic and treatment information.