Trio-Tech subsidiary
March 11, 2026
•[ ransomware, encryption, data breach ]
The Record reported that Trio-Tech International told regulators its subsidiary in Singapore suffered a ransomware attack discovered on March 11, 2026. The filing said the attack led to encryption of files within the subsidiarys network. Trio-Tech took the network offline, notified law enforcement in Singapore, and hired cybersecurity experts to respond. The company said it was still restoring systems and that it was unclear what data may have been taken, but that the subsidiary was in the process of notifying affected parties.
Lehigh Carbon Community College
March 4, 2026
•[ data breach, IT disruption, campus closure ]
Reporting stated that Lehigh Carbon Community College in Pennsylvania suffered a data breach that forced the college to close all campuses for more than a week in early March 2026. After reopening, IT disruptions reportedly persisted (including lack of Wi-Fi and phone service), indicating ongoing recovery and restoration of core services. A trustee publicly attributed the closures to a data breach, but the college did not disclose a threat actor, entry vector, or specific data types in the public reporting cited.
Livingston HealthCare
February 13, 2026
•[ cybersecurity incident, network disruption, system outage ]
Livingston HealthCare reported a potential cybersecurity incident that disrupted phone systems and network services and led the hospital to take certain systems offline while recovery continued.
Step Finance
January 31, 2026
•[ hacking, cryptocurrency theft, treasury breach ]
Step Finance reported that hackers compromised devices belonging to company executives and used that access to breach several treasury wallets, resulting in approximately $40 million in stolen digital assets. The platform detected the incident on January 31, 2026 and engaged cybersecurity researchers and partners; it reported partial recovery (including assets associated with Remora and other positions) and stated certain operations were halted to reinforce security. The incident affected treasury wallet holdings rather than user rTokens (reported as fully backed), and Step advised users to avoid interacting with the STEP token pending an outcome plan and snapshot process.
Missouri State Government Employee Self-Service
December 31, 2025
•[ unauthorized access, forensic investigation, financial fraud prevention ]
Missouris Office of Administration temporarily shut down the Employee Self-Service portal to contain suspicious activity and support a forensic investigation. The agency said the incident was highly localized and involved 47 accounts, and that fraud protection systems detected the unauthorized activity and prevented unauthorized transactions. Reporting noted the issue centered on an unauthorized attempt to access workers deferred savings account information and that the portal remained offline while the state worked to restore service before the next pay date, with contingency plans for pay stubs and W-2 access if downtime continued.
Leduc County
December 25, 2025
•[ ransomware, cybersecurity incident, IT systems outage ]
Leduc County in Alberta reported that it became aware on December 25, 2025 of a deliberate cybersecurity incident later identified as a ransomware attack. The county said the activity disabled some of its IT systems, and that other systems were proactively taken offline during an ongoing forensic investigation and recovery. Reporting noted that law enforcement and key stakeholders (including insurance and banking providers) were notified. Public reporting did not specify confirmed data theft, the number of affected endpoints, or a restoration date.
Attorney General’s Office of the State of Guanajuato (FGEG)
November 13, 2025
•[ ransomware, data leak, double-extortion ]
Mexico Business News reports Guanajuatos Attorney Generals Office confirmed a cybersecurity incident after a ransomware attack attributed to Tekir APT. Attackers claim they stole 250GB+ of confidential data, including judicial files and internal databases. Officials are reviewing controls, without confirming attribution or ransom payment. Hackmanac alleges subdomain encryption and double-extortion.
Valley View ISD
November 10, 2025
•[ cybersecurity incident, data theft, ransomware ]
Valley View ISD said it was experiencing a cybersecurity incident on November 10, 2025 that affected computer systems and phone lines while instruction continued; later, Inc claimed it stole 68 GB of data and issued a ransom demand.
Manassas City Public Schools
November 9, 2025
•[ cybersecurity incident, network disruption ]
Manassas City Public Schools in Virginia announced that all schools would be closed on Monday, November 10, 2025, after a cybersecurity incident disrupted phone and network systems across the district. According to statements from Superintendent Kevin Newman reported by WJLA and FOX 5, the breach was discovered over the weekend, more than 7,000 families were notified, and the district experienced significant connectivity and telephone outages while physical school security remained unaffected. Schools were already scheduled to be closed Tuesday for a holiday, and officials used the extended break to give IT staff time to investigate and restore systems so normal operations could resume on Wednesday.
Kaplan
October 30, 2025
•[ data leak, unauthorized access, personally identifiable information ]
The Record reported Kaplan notified regulators and individuals about a fall 2025 cybersecurity incident in which an unauthorized actor accessed Kaplans servers for 19 days (Oct. 30 to Nov. 18, 2025) and leaked/removed personal data. Kaplans notifications across several states totaled at least 230,941 people in states that publish counts, and an update said Kaplan later informed Oregon that 1.4 million people were affected. The exposed data included Social Security numbers and drivers license numbers (and related identifiers). The report did not name the attacker or provide a detailed intrusion method, but confirmed the access window and sensitive identifiers involved.
Delfingen Industry
July 31, 2025
•[ cybersecurity incident ]
Company notice references a cybersecurity incident affecting IT systems; details limited pending investigation.
Nucor Corporation
May 14, 2025
•[ cybersecurity incident, operational disruption ]
Nucor reported a cybersecurity incident and took parts of its network offline as containment, causing operational disruptions and delays.
Storage Durango Blue Diamond
August 31, 2024
•[ data breach, cybersecurity incident ]
Company reported data breach under investigation following cybersecurity incident disclosure.
