Outpost24
March 16, 2026
•[ phishing, DKIM, social engineering ]
SecurityWeek reported that a C-level executive at Outpost24 was targeted with a sophisticated phishing attempt that used a DKIM-signed email, trusted redirection infrastructure, compromised servers, and Cloudflare-protected phishing pages. Outpost24s subsidiary Specops Software said it detected and blocked the attack early before any systems were compromised or users impacted.
FBI surveillance system
March 6, 2026
•[ data breach, surveillance system, law enforcement sensitive information ]
Reporting stated the White House was working with the FBI, NSA, and CISA to respond to an apparent breach of an FBI surveillance system disclosed to Congress. The system is unclassified but contains law-enforcement sensitive information, including returns from legal process such as pen register and trap-and-trace surveillance returns, and personally identifiable information about subjects of FBI investigations. The report did not identify the attacker, intrusion vector, or the full scope/timeline of access.
Washington Hotel chain (Fujita Kanko)
February 13, 2026
•[ ransomware, unauthorized access, point-of-sale system issues ]
A ransomware incident impacted the Washington Hotel chain in Japan, with Fujita Kanko reporting that unauthorized access to some servers was detected on February 13, 2026. The company said it took protective measures to cut off attacker access, formed an internal task force, and engaged police and outside cybersecurity experts. The company confirmed unauthorized access to business data on servers, while stating customer information tied to the external Washington Net system was believed unaffected at the time. Some hotels experienced point-of-sale system issues, but the company reported no major business disruption overall.
Winona County
January 23, 2026
•[ ransomware, forensics, emergency services ]
Winona County, Minnesota reported responding to a ransomware incident that impacted its computer network. The county engaged third-party cybersecurity and forensics specialists and coordinated with local, state, and federal law enforcement. While emergency services such as 911, fire, and emergency response operations were reported to remain operational, the incident was significant enough that county leadership declared a local emergency. Further technical details, including the ransomware variant, extent of disruption across departments, and whether data was stolen, were not provided in the brief public update.
Heywood Hospital and Athol Hospital
October 15, 2025
•[ cybersecurity, healthcare, outage ]
Hospitals reported cybersecurity incident causing outages and Code Black ambulance diversion
Jeff “Jihoz†Zirlin
February 23, 2024
•[ cryptocurrency theft, personal account breach, digital assets ]
Jeff Jihoz Zirlin, one of the co-founders of the video game Axie Infinity and the related Ronin Network has nearly $10 million in cryptocurrency stolen from personal accounts.
