Undisclosed Nigerian Telecom Firm
October 1, 2025
•[ cyber-enabled fraud, unauthorized access, billing system breach ]
The Nigeria Police uncovered a cyber-enabled fraud involving unlawful access to a telecom operators billing system, leading to ?7.7bn in diverted airtime and data; six suspects arrested.
Ministry of Higher Education, Research and Space (Parcoursup data-management module)
October 1, 2025
•[ unauthorized access, credential compromise, data leak ]
Fraudulent access using legitimate credentials to a Parcoursup data-management module for the Occitanie academic region in October 2025 resulted in unauthorized exfiltration of personal data for about 705,000 candidates from the 2023 and 2025 sessions.
Substack
October 1, 2025
•[ phishing, data leak, unauthorized access ]
Substack notified users of a data breach after it identified evidence on February 3, 2026 that an unauthorized third party accessed limited user data in October 2025. Substack stated that credit card numbers, passwords, and financial information were not accessed. The company did not disclose how access was obtained, but said it fixed the system issue that enabled it and warned users to be cautious of phishing. Reporting cited a database allegedly containing 697,313 records posted to a hacking forum, consistent with exposure of emails, phone numbers, and internal account metadata.
Gulshan Management Services
September 25, 2025
•[ ransomware, phishing, data breach ]
SecurityWeek reported that Gulshan Management Services, associated with Gulshan Enterprises (operator of Handi Plus and Handi Stop locations in Texas), disclosed a ransomware-related data breach affecting more than 377,000 individuals via a filing with the Maine Attorney General. Gulshan detected unauthorized access in late September 2025 after an attacker gained entry through a successful phishing attack and maintained access for about 10 days. During that period, the threat actor stole personal data and then deployed ransomware that encrypted files on Gulshan systems. The compromised personal information was described as including names, contact details, Social Security numbers, and drivers license numbers.
Thayer Hotel at West Point
September 19, 2025
•[ unauthorized access, data breach, personally identifiable information ]
On 19 September 2025 the Thayer Hotel at West Point experienced unauthorized access to its computer systems, prompting a forensic investigation and containment measures. The hotel later confirmed that an Undetermined actor accessed systems holding data on roughly 33,053 individuals and that exposed information could include names, dates of birth, postal addresses, Social Security numbers, drivers license and passport numbers, state IDs, email addresses and some medical or financial data for guests and employees. A formal Notice of Data Security Incident dated 31 October 2025 describes the breach, and law firms have begun investigating potential claims while the hotel offers credit monitoring through Kroll.
Insightin Health
September 17, 2025
•[ data leak, unauthorized access, zero-day vulnerability ]
Insightin Health disclosed that an unauthorized party gained access to its GoAnywhere file-transfer tool by exploiting an unknown design flaw, potentially accessing data on a subset of servers between 09/17/2025 and 09/23/2025. Insightin said it identified unusual activity on 09/23/2025, stopped further access, and reviewed impacted files. On 02/12/2026, a health plan confirmed some members information was included. The data involved included name, health care provider name, insurance information, and member ID; no Social Security numbers or financial information were reported involved in the notice excerpt.
DocketWise
September 1, 2025
•[ unauthorized access, third-party breach, credential theft ]
DocketWise discovered unauthorized access to a third-party partner repository used in a data migration pipeline; an unauthorized actor used valid credentials to clone repositories containing law-firm customer records and personal information of their clients.
Personic Management Company LLC
August 29, 2025
•[ data leak, unauthorized access, third-party breach ]
Personic reported unauthorized activity affecting a third-party software platform it used to process patient information. The company stated it became aware of the issue on September 1, 2025, and an investigation concluded an unauthorized actor accessed the platform on August 29, 2025 and obtained certain data. The public notice stated the impacted data may include names and protected health information. Personic reported filing a notice with the Maine Attorney Generals office and beginning notification of impacted individuals on November 18, 2025.
Saint Mary’s Home of Erie
August 26, 2025
•[ data leak, unauthorized access ]
A forensic investigation found that an unauthorized party accessed the Saint Marys Home of Erie network between August 26 and 28, 2025. Files and folders containing resident PII and PHI may have been exposed. The incident was reported to HHS OCR for at least 501 individuals while review continues.
Saint Mary’s Home of Erie
August 26, 2025
•[ unauthorized access, PII, PHI ]
A forensic investigation found that an unauthorized party accessed the Saint Marys Home of Erie network between August 26 and 28, 2025. Files and folders containing resident PII and PHI may have been exposed. The incident was reported to HHS OCR for at least 501 individuals while review continues.
Barrio Family Health Care Center
August 16, 2025
•[ email compromise, unauthorized access, data leak ]
KENS5 reported Barrio Comprehensive Family Health Care Center notified patients about a cybersecurity incident involving unauthorized access to employee email accounts. The clinic said it discovered the incident on Sept. 16, 2025 and later determined that up to 19,885 individuals may have been affected. The exposed information varied by individual and was contained in the compromised email accounts; the report frames the event as a successful email compromise leading to exposure of patient information.
Expert MRI
August 14, 2025
•[ data breach, healthcare, data leak ]
Expert MRI determined that an unauthorized actor accessed and copied files between August 14 and August 24, 2025. PEAR later claimed responsibility and reportedly posted samples of stolen data, claiming 617GB of data. The official healthcare breach count was 209,560 affected individuals, while DataBreach indexed 442,753 rows. Public reporting did not confirm encryption, data destruction, or attacker-caused operational disruption.
Szczytno water treatment plant
August 12, 2025
•[ hacktivism, industrial control systems, critical infrastructure ]
CyberDefence24 reported pro-Russian hacktivists published another recording on Aug. 12, 2025 from the same Polish hydroelectric plant previously referenced in early July 2025 reporting. The outlet said the new video suggested the attackers accessed the control panel while the plant was operating (generator/rotor turning and current visible) and that this represented a more serious incident than the earlier case where the plant appeared off. The report stated attackers did not appear to have full control of the infrastructure, but the incident indicates unauthorized access to industrial control interfaces and potential cyber-physical risk.
Sterling Seacrest Pritchard, Inc.
August 12, 2025
•[ unauthorized access, email breach, data leak ]
Sterling Seacrest Pritchard disclosed unauthorized access to its email environment that may have exposed personal information.
Elmcrest Children’s Center, Inc.
August 12, 2025
•[ unauthorized access, data leak, health information ]
Elmcrest Childrens Center, Inc. detected unauthorized access to its computer network on August 12, 2025. The investigation determined that files containing information for approximately 23,500 individuals were accessed, including names, addresses, dates of birth, treatment details, and insurance information.
Cardinal Services, Inc.
August 8, 2025
•[ hacking, unauthorized access, data leak ]
Cardinal Services, Inc., Cardinal Employer Organization, and Preferred Employer Solutions reported an external system breach involving unauthorized access to systems during two periods, June 25-26, 2025 and August 8, 2025. The organization discovered the breach on May 12, 2026 and reported it to the Maine Attorney General on May 20, 2026. Public reporting described the incident as hacking affecting 142,323 individuals.
South Alabama Regional Planning Commission
August 6, 2025
•[ hacking, unauthorized access, protected health information ]
South Alabama Regional Planning Commission reported a hacking/IT incident involving unauthorized access to protected health information. Public reporting states that the substitute breach notice did not identify when access was detected or when unauthorized access occurred, but the investigation determined on August 6, 2025 that certain files had been copied from its systems. The incident affected 3,043 individuals.
National prison management platform of the National Penitentiary Administration (ANP)
August 1, 2025
•[ insider threat, financial fraud, unauthorized access ]
A prisoner in the Dej hospital prison hacked tablet/kiosk systems used to access the national inmate-services portal, manipulating requests and financial accounts tied to commissary and sentence-credit workflows. Activity persisted for weeks across multiple institutions before detection; the union and national media detail platform misuse and credential abuse rather than broad IT outages.
Panera Bread
August 1, 2025
•[ data breach, unauthorized access, data leak ]
Panera Bread reportedly suffered a data breach that exposed approximately 14 million customer records after unauthorized access to an application database, with no evidence of operational disruption disclosed at the time of reporting.
Radiology Associates of Richmond
July 25, 2025
•[ data breach, unauthorized access, protected health information (PHI) ]
An unauthorized actor accessed Radiology Associates of Richmond's network environment on or about July 25, 2025, and files containing protected health information were acquired. RAR began notifying affected individuals on May 21, 2026; filings reported 266,183 affected individuals.
