Chief Electoral Officer – West Bengal
May 17, 2025
•[ data breach, insider threat, unauthorized access ]
A security breach led to deletion of at least 1,000 voters from the electoral roll in a West Bengal assembly constituency; subsequent reports cited misuse of AERO credentials.
Central Point School District 6
May 14, 2025
•[ data breach, unauthorized access ]
The Oregon district reported unauthorized access to its digital systems on May 14 and isolated affected systems while law enforcement and external experts investigated. No confirmed data types or quantities were disclosed at the time of reporting.
BitoPro Exchange
May 8, 2025
•[ cryptocurrency theft, unauthorized access, money laundering ]
Unauthorized access on May 8 2025 to BitoPro exchange hot wallets resulted in theft of about NT$345 million (US$11.5 million) in cryptocurrency; funds laundered via Tornado Cash, Thorchain, and Wasabi; attribution linked to North Koreas Lazarus Group (APT38); no operational disruption reported.
Harrods
May 1, 2025
•[ unauthorized access, security incident ]
Harrods reported attempts to gain unauthorized access and restricted internet access as a precaution; no confirmed breach or disruption attributable to attackers (not a successful cyber event).
Defense and critical-infrastructure entities in Ukraine
May 1, 2025
•[ phishing, unauthorized access, data leak ]
Rare Werewolf APT, a Russia-aligned espionage group, conducted spear-phishing and remote-administration toolbased intrusions in MayJune 2025 targeting defense and critical-infrastructure entities in Ukraine, resulting in unauthorized access and data exfiltration.
Cities of Palo Alto, Redwood City, and Menlo Park (Crosswalk systems)
April 21, 2025
•[ Hacktivism, Unauthorized Access, Deepfake ]
Hacktivists hijacked Bay Area pedestrian crosswalk systems in Palo Alto, Redwood City, and Menlo Park to broadcast deepfake audio messages impersonating Elon Musk and Mark Zuckerberg mocking billionaire culture; no data theft or operational outage beyond altered messages reported.
City of Seattle (Crosswalks system)
April 21, 2025
•[ hacktivism, unauthorized access, system compromise ]
Hacktivists compromised Seattle pedestrian crosswalk systems to broadcast spoofed audio announcements mocking technology billionaires; no evidence of data exfiltration or wider operational impact reported.
Bremanger Kraft AS
April 7, 2025
•[ hacktivism, unauthorized access, industrial control systems ]
On April 7 2025, hacktivists accessed a web-exposed control interface for Bremanger Kraft ASs hydroelectric dam in western Norway and opened a valve releasing 500 L/s of water for four hours; no casualties or structural damage reported; Norwegian authorities attributed the incident to pro-Russian hacktivists.
Ocuco, Inc.
March 28, 2025
•[ data leak, unauthorized access ]
Ireland-based eyecare software services provider Ocuco detected unauthorized actor access to two non-production servers between Mar 28Apr 1 2025; KillSec claims data theft; company review shows ~240,961 affected; investigation ongoing; no confirmed service outage or encryption.
Orthopaedic Specialists of Connecticut
March 2, 2025
•[ data leak, unauthorized access, personally identifiable information ]
Names, dates of birth, Social Security numbers, insurance and medical information for 22,541 individuals were exposed after an unauthorized third party accessed the practices network on March 2, 2025, per the provider notice and HHS filing.
Angel One Ltd.
February 27, 2025
•[ unauthorized access, data leak ]
Indian stock brokerage Angel One disclosed on February 27, 2025, that unauthorized actors accessed some of its Amazon Web Services (AWS) resources following a dark web alert. The company confirmed exposure of limited client information but no compromise of funds or credentials. Investigation and containment measures were initiated immediately.
City of Jasper
February 20, 2025
•[ unauthorized access, government ]
Unauthorized access identified around Feb 20; no evidence of citizen/employee personal data access; services largely unaffected.
Commvault
February 20, 2025
•[ vulnerability, unauthorized access ]
A zero-day vulnerability (CVE-2025-3928) in Commvaults cloud backup platform was exploited, allowing unauthorized access to internal systems and credentials. Commvault stated that customer backup data was not impacted, and no data theft has been confirmed.
Beverly Hills Oncology Medical Group
February 7, 2025
•[ data leak, unauthorized access ]
Beverly Hills Oncology Medical Group in California identified and blocked unauthorized access to parts of its network between February 7 and February 11, 2025, then engaged third-party cybersecurity experts to investigate. The review confirmed that an external actor had accessed and potentially removed files containing patient information. On October 13 the practice confirmed that exposed data included names, Social Security numbers, government ID numbers, financial account and credit/debit card details, health insurance information, and diagnostic, treatment, prescription and other clinical data, and on October 31 it filed breach notices and began notifying affected individuals while offering 12 months of complimentary credit monitoring.
St. Anthony Hospital (Chicago)
February 6, 2025
•[ data leak, healthcare, unauthorized access ]
St. Anthony Hospital in Chicago reported that on February 6, 2025 it discovered a data breach involving a small number of employee email accounts that had been accessed by an unauthorized actor. The compromised mailboxes contained personal and medical information such as names, addresses, dates of birth, Social Security numbers, medical record and account numbers, prescription details, and medical histories for roughly 6,679 individuals. The hospital engaged outside cybersecurity experts, reset credentials, and began notifying potentially affected patients and staff while offering guidance on credit monitoring. Officials said there was no evidence of misuse yet but warned people to remain vigilant for fraud or identity theft.
Baylor Scott & White Texas Spine & Joint Hospital
January 10, 2025
•[ Email Compromise, Data Leak, Unauthorized Access ]
Unauthorized access to O365 mailbox exposed patient demographic and treatment information.
UK Foreign, Commonwealth and Development Office (FCDO)
January 10, 2025
•[ data leak, unauthorized access, government ]
UK authorities investigated a cyber intrusion into the Foreign, Commonwealth and Development Office (FCDO) that was reportedly discovered during routine monitoring in October 2025. According to officials briefed on the matter, attackers accessed a segment of the foreign offices IT environment used for policy coordination and diplomatic communications and obtained sensitive but non-classified material. The reported accessed information included internal correspondence, briefing papers, and contact details related to overseas missions, while systems handling classified intelligence were described as segregated and unaffected. The incident prompted containment actions, server isolation, and a wider government security review led with support from the National Cyber Security Centre.
Byzfunder NY LLC
January 9, 2025
•[ data leak, unauthorized access ]
Byzfunder reported a security incident involving a cloud software solution. An unauthorized third party may have accessed or acquired certain files during the period 09/01/202509/20/2025, with the incident becoming known to the company on 09/19/2025. The company later reported the incident to the Maine Attorney General and began notifying affected individuals.
Fyzical Acquisition Holdings LLC
January 9, 2025
•[ unauthorized access, email compromise ]
Unauthorized access to FYZICALs email environment was detected on December 9 2024 triggering an investigation that concluded in November 2025 Breach notifications were issued to affected individuals and state authorities in December 2025
Ribbon Communications Inc.
January 1, 2025
•[ data leak, unauthorized access ]
U.S. telecom backbone provider Ribbon Communications reported that a nation-state actor infiltrated its environment around Jan 2025, maintaining persistence until discovery in Sept 2025; investigation confirmed unauthorized access to two employee laptops containing limited customer files; no material network breach or data destruction confirmed.
