Port of Seattle
August 24, 2024
•[ ransomware, data leak ]
The Port of Seattle confirmed a ransomware-linked data breach attributed to the Rhysida group on August 24, 2024. Attackers exfiltrated approximately 90,000 records containing personal and employee data from legacy systems. No encryption or operational disruption occurred.
Horizon View Medical Center
August 22, 2024
•[ ransomware, malware, healthcare ]
The Everest ransomware team lists on its data leak site the Nevada-based Horizon View Medical Center and claims to have stolen medical record information, including test results and other sensitive patient data.
City of Flint
August 14, 2024
•[ ransomware, malware, government ]
Phones and computers used by government workers in Flint, Michigan are facing outages due to a ransomware attack.
Schlatter Group
August 9, 2024
•[ ransomware, malware, manufacturing ]
Schlatter Group, a Swiss manufacturing company, suffers a ransomware attack.
Evolution Mining
August 8, 2024
•[ ransomware, malware, energy ]
Evolution Mining informs that it has been targeted by a ransomware attack, which impacted its IT systems.
OnePoint Patient Care
August 8, 2024
•[ ransomware, malware, healthcare ]
OnePoint Patient Care (OPPC) informs customers about a data breach impacting their personal information. The Inc Ransom ransomware group takes credit for the attack. The impact is bigger than initially believed, with over 1.7 million people affected
City of Killeen
August 7, 2024
•[ ransomware, malware, government ]
The city of Killeen, Texas reveals to be recovering from a BlackSuit ransomware attack.
McLaren Health Care
August 6, 2024
•[ ransomware, malware, healthcare ]
IT and phone systems at McLaren Health Care hospitals are disrupted following an attack linked to the INC Ransom ransomware operation.
Florida’s Sumter County Sheriff’s Office
August 6, 2024
•[ ransomware, malware, government ]
Floridas Sumter County Sheriffs Office confirms that it experienced a Rhysida ransomware attack.
Florida’s Sumter County Sheriff’s Office
August 6, 2024
•[ ransomware, Rhysida ransomware attack, cyberattack ]
Floridas Sumter County Sheriffs Office confirms that it experienced a Rhysida ransomware attack.
Brontoo Technology Solutions
July 31, 2024
•[ ransomware, technology ]
A RansomEXX ransomware attack on Brontoo Technology Solutions, a partner of C-Edge Technologies, a technology service provider, forces payment systems across nearly 300 small local banks in India to shut down temporarily.
Bayhealth Hospital
July 31, 2024
•[ ransomware, malware, healthcare ]
The Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware and offers alleged stolen data for 25 BTC.
Life University
July 30, 2024
•[ data leak, ransomware ]
On July 30 2024, an unauthorized actor accessed portions of Life Universitys network in Marietta, Georgia, and obtained files containing personal and identification information. The breach was disclosed publicly on April 2 2025 through state regulatory filings and a JD Supra summary. While no actor was named, the activity reflects a financially motivated criminal intrusion typical of U.S. higher-education sector data thefts.
Community Care Alliance
July 29, 2024
•[ ransomware, leak, malware ]
Community Care Alliance is listed in the Rhysida ransomware leak site.
OneBlood
July 29, 2024
•[ ransomware, malware, healthcare ]
OneBlood, a large not-for-profit blood center that serves hospitals and patients in the United States, is dealing with an IT systems outage caused by a ransomware attack.
Delhi Hospital
July 29, 2024
•[ ransomware, leak, malware ]
Delhi Hospital (also known as Richard Parish Hospital) in Louisiana is added to the RADAR and DISPOSSESSORs (R&D) ransomware leak site.
Millinocket Regional Hospital
July 25, 2024
•[ ransomware, malware, healthcare ]
Millinocket Regional Hospital (MRHME) suffers a RansomHub ransomware attack. The threat actors claim to have exfiltrated 10 GB of files.
Intendencia de Paysandú
July 24, 2024
•[ ransomware ]
On July 24 2024, the Paysand Department (Uruguay) suffered a ransomware attack that encrypted all servers and backups, paralyzing municipal operations for several days. Hackers demanded about USD 650 000 in bitcoin; AGESICs forensic investigation confirmed no evidence of data exfiltration or intellectual-property theft.
Intendencia de Paysandú
July 24, 2024
•[ ransomware, encryption, government ]
On July 24 2024, the Paysand Department (Uruguay) suffered a ransomware attack that encrypted all servers and backups, paralyzing municipal operations for several days. Hackers demanded about USD 650 000 in bitcoin; AGESICs forensic investigation confirmed no evidence of data exfiltration or intellectual-property theft.
Split St Jerome Airport
July 22, 2024
•[ ransomware, malware ]
The Split St Jerome Airport is hit with an Akira ransomware attack.
