Real Academia Española
February 28, 2025
•[ ransomware ]
Spains language academy confirmed a ransomware attack affecting its systems.
Whitman Hospital & Medical Clinics
February 28, 2025
•[ ransomware ]
Hospital Reported Internal Electronic Systems Down Following Cyberattack; Care Continued With Delays.
City Of Fort St. John
February 25, 2025
•[ ransomware ]
Ransomware confirmed; data restored and most services back online.
Brydens Lawyers
February 25, 2025
•[ ransomware, data leak ]
Sydney law firm reported ransomware with alleged 600GB data leak under investigation.
Hometeamns
February 25, 2025
•[ ransomware ]
Ransomware hit Singapores HomeTeamNS; no evidence of data extraction.
Cleveland Municipal Court
February 23, 2025
•[ ransomware, data leak ]
Cleveland Municipal Court experienced a full shutdown beginning 2025-02-23 due to a Qilin ransomware attack that encrypted court systems and exfiltrated roughly 44 GB of data. Operations were halted for about 17 days. The attacker demanded $4 million and threatened to leak stolen court documents.
Invest Hong Kong
February 22, 2025
•[ ransomware, data leak ]
Follow-up coverage of InvestHK ransomware; checking possible client/staff info exposure; later update: no evidence of leakage.
LANIT Group
February 21, 2025
•[ ransomware ]
On 2025-02-21, LANIT Group, a major Russian IT service provider, suffered a cyber incident that encrypted portions of its internal infrastructure and prompted a national warning to financial institutions using its subsidiaries. Authorities confirmed encryption and service isolation but no verified data exfiltration.
HCRG Care Group
February 20, 2025
•[ ransomware, data leak ]
Medusa ransomware group claimed theft of ~2.275 TB from HCRG and demanded $2m by Feb 27, leaking sample files; HCRG says containment measures are in place and services remain operational; reports indicate exposure of sensitive medical, personal and financial records
Supreme Administrative Court of Bulgaria
February 20, 2025
•[ ransomware, data leak ]
RansomHouse used White Rabbit ransomware against Bulgarias Supreme Administrative Court on Jan 27, encrypting ~140 computers; group posted employee-related files as proof of data theft. Court remained operational via paper processes; investigation into data leakage ongoing.
the private provider (contractor) supplying NHS services
February 20, 2025
•[ ransomware, data leak ]
A private provider serving the NHS was hit by ransomware, disrupting network operations and potentially exposing patient or internal data, causing service interruptions in NHS operations dependent on it.
Raymond Lifestyle Ltd
February 20, 2025
•[ ransomware ]
Raymond reported a cybersecurity incident on Feb 20, 2025 that impacted some IT assets. In its Q4 FY25 results on May 13, the firm cited the ransomware attack and weak demand as factors weighing on total income and profit, indicating a disruptive event without confirmed exfiltration details.
Pulmonary Physicians Of South Florida
February 19, 2025
•[ ransomware, data leak ]
Ransomware Group Listed Provider And Posted Screenshots Suggesting Patient Records Exposure.
Ministry of Health and Human Services (Palau)
February 17, 2025
•[ ransomware, data leak ]
The Ministry of Health and Human Services of Palau suffered a ransomware-attributed data breach by the Qilin group on February 17, 2025. The attackers exfiltrated patient and hospital data from internal servers but no encryption of systems was confirmed. Authorities reported service restoration and an investigation into the scope of data theft.
Goshen Medical Center
February 15, 2025
•[ ransomware, leak, malware ]
BianLian-attributed intrusion at Goshen Medical Center; files accessed on 02/15/2025, detected 03/04/2025; 456,385 affected with PHI/PII including SSNs and DL numbers; listed on BianLians leak site in March; no outage confirmed.
City Of Mission
February 15, 2025
•[ ransomware ]
Ransomware significantly disrupted municipal services; recovery expected to last months.
Genea
February 14, 2025
•[ ransomware, data leak ]
Genea suffered a ransomware/data-theft incident attributed to Termite. Attackers had access from Jan 31 and exfiltrated data on Feb 14, prompting days of system disruption. Sensitive patient information was later posted to the dark web.
Undisclosed Riyadh-based real estate and construction company
February 14, 2025
•[ ransomware, data leak ]
The DragonForce ransomware group attacked a major Riyadh-based real estate and construction firm, exfiltrating over 6 TB of internal corporate data and encrypting systems as part of a double-extortion campaign. The group demanded ransom payment by February 27, 2025, ahead of Ramadan, and later leaked the stolen data when unpaid.
Urban One, Inc.
February 13, 2025
•[ ransomware, social engineering, data leak ]
Ransomware group Cactus gained access to Urban Ones internal HR and payroll servers via social-engineering intrusion beginning February 2025, exfiltrating employee PII and financial data; company confirmed breach and notified affected staff.
Baltimore City Public Schools
February 13, 2025
•[ ransomware, data leak ]
The Cloak ransomware group exfiltrated sensitive personal and student data from Baltimore City Public Schools in February 2025. While the attack was ransomware-related, no encryption or service disruption occurred; over 31,000 people were notified of data theft.
