Bulgaria’s Permanent Representation to NATO
April 1, 2025
•[ ransomware ]
Novinite/BNR reported MP claims of an April ransomware incident at Bulgarias NATO mission.
Assa Abloy
March 31, 2025
•[ ransomware ]
Swedish lock manufacturer reported ransomware affecting operations; investigation and recovery ongoing.
Cincinnati Pain Physicians
March 31, 2025
•[ ransomware ]
Ransomware hit Blue Ash clinic; systems locked and records rebuilt manually.
Sam’s Club
March 28, 2025
•[ ransomware, data leak ]
Sams Club, a U.S. warehouse retail chain owned by Walmart Inc., is investigating claims by the ransomware group Clop that it breached the companys systems. Clop added Sams Club to its dark-web leak site but so far has not provided any proof of data exfiltration. Sams Club acknowledged awareness of the potential incident and emphasized protecting member information is a priority while its internal investigation continues.
Sensata Technologies
March 28, 2025
•[ ransomware, data leak ]
A ransomware attack between March 28 and April 6 2025 disrupted Sensata Technologies manufacturing, shipping, and support operations worldwide. The company confirmed that threat actors viewed and obtained internal files containing employee and personal data, including names, addresses, Social Security numbers, and financial and health information. Regulatory filings indicate at least 362 affected individuals (Maine AG notice). No ransomware group has claimed responsibility.
Sam’s Club
March 28, 2025
•[ ransomware, data leak, cybersecurity investigation ]
Sams Club, a U.S. warehouse retail chain owned by Walmart Inc., is investigating claims by the ransomware group Clop that it breached the companys systems. Clop added Sams Club to its dark-web leak site but so far has not provided any proof of data exfiltration. Sams Club acknowledged awareness of the potential incident and emphasized protecting member information is a priority while its internal investigation continues.
Lower Sioux Indian Community (Jackpot Junction Casino Hotel)
March 27, 2025
•[ ransomware ]
RansomHub ransomware encrypted internal systems belonging to the autonomous Lower Sioux Indian Community in the State of Minnesota, disrupting operations at the Jackpot Junction Casino Hotel, tribal health center, and government offices. Systems were taken offline for containment, affecting slot machines, kiosks, phones, and reservation functions. No confirmed data exfiltration was reported; encryption was the cause of the outage.
Holt Group
March 27, 2025
•[ ransomware, data leak, legal action ]
Holt Group breach tied to Cactus with large data leak; suit filed.
National Faster Payments System (Sbp)
March 26, 2025
•[ ransomware, denial of service ]
A large-scale hacker attack has hit Lukoil and its Faster Payment System. Users are complaining that they can't transfer money, and Lukoil employees have been unable to access their work computers since early morning.
WideOpenWest (Wow!)
March 26, 2025
•[ ransomware, data leak ]
Arkana security claims ransomware attack on wow with data theft.
Cobb County Government
March 22, 2025
•[ ransomware ]
Cobb County took servers offline after breach; online systems restored after several days.
Soco System
March 21, 2025
•[ ransomware ]
Danish production firm reported ransomware linked to a Russian gang
Office of the State’s Attorney for Baltimore City
March 19, 2025
•[ ransomware, data leak, unauthorized access ]
Following a March 2025 intrusion, the Kairos ransomware group stole internal legal and police records from the Baltimore City States Attorneys Office and later published portions online; the office reported no service disruption but confirmed investigation of unauthorized access.
Office of the State’s Attorney for Baltimore City
March 19, 2025
•[ ransomware, data leak ]
Following a March 2025 intrusion, the Kairos ransomware group stole internal legal and police records from the Baltimore City States Attorneys Office and later published portions online; the office reported no service disruption but confirmed investigation of unauthorized access.
Atchison County Government
March 18, 2025
•[ ransomware ]
Multiple us municipalities reported outages; Atchison County closed offices due to cyber incident.
Harcourts Prime Properties
March 18, 2025
•[ ransomware, data leak ]
Unauthorized access to Harcourts Prime Properties internal systems followed by ransom demand; investigation ongoing; no confirmed data volume or encryption reported.
Virgin Islands Lottery
March 17, 2025
•[ ransomware ]
Ransomware attack discovered March 17 2025 encrypted the Virgin Islands Lotterys servers, phones, and software, halting operations across both districts. Attackers demanded a $1 million ransom, which was not paid. Systems were rebuilt from backups and restored by May 31 2025. No confirmed data theft or group attribution publicly reported.
Ascom
March 16, 2025
•[ ransomware, data leak ]
Hellcat claims theft from ascom; company confirms ticketing system incident.
NASCAR
March 15, 2025
•[ ransomware, data leak ]
NASCAR confirmed a ransomware breach of internal systems in March 2025 attributed to Medusa; ~1 TB of sensitive data stolen with $4M ransom demand; notifications and protections offered.
Water & Sewerage Corporation
March 15, 2025
•[ ransomware, data leak ]
In mid-March 2025, the Water & Sewerage Corporation of the Bahamas experienced a ransomware attack targeting internal data systems. The utility confirmed unauthorized access but stated there was no evidence of customer data access or theft. While no encryption or operational outage has been verified, remediation efforts were ongoing as of April 2025.
