Sistema Bancario Softbank
May 11, 2026
•[ data leak, source code exposure, dark web ]
Sistema Bancario Softbank was listed among the most severe Panamanian incidents in a Vecert Analyzer intelligence report cited by La Estrella de Panam. The incident was dated May 11, 2026 and described as compromising corporate and financial structures, with exposed data appearing in dark-web forums. Outside OSINT reporting attributed the leak to V0lt4r0x and referenced alleged source-code exposure for a Softbank banking system used in Latin America, but public reporting did not confirm the specific intrusion vector, encryption, data destruction, or operational disruption.
Adumo (Lesaka unit)
April 16, 2026
•[ source code leak, payment system data, dark web ]
Adumo investigated claims that technical payment-system data and source code were offered for sale on a dark-web forum.
Parque Eólico Toabré
March 31, 2026
•[ cyberattack, data leak, ransomware ]
Everest claimed responsibility for a cyberattack against Parque Elico Toabr on March 31, 2026 and threatened to release sensitive data. La Estrella de Panam later listed Parque Elico Toabr among Panamanian technology incidents dated May 9, 2026, and other dark-web monitoring reported an alleged 175GB database leak. Public reporting did not confirm encryption, data destruction, operational disruption, or compromise of wind-farm control systems.
Pick n Pay Stores Limited
March 23, 2026
•[ data breach, dark web, customer information ]
Pick n Pay confirmed a data breach involving customer information from an older version of its on-demand delivery platform, first known as Bottles and later Pick n Pay asap!. Reporting said the historical customer dataset had been offered for sale on a dark-web forum since March 23, 2026 and included names, contact details, residential addresses, dates of birth, partial payment-card information, encrypted passwords, and certain banking details. Public reporting did not identify the threat actor, encryption, data destruction, or operational disruption.
Odido
February 12, 2026
•[ data breach, extortion, data leak ]
In February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Shortly after, 1M records containing 317k unique email addresses were published, followed by further releases exposing an additional 371k and then 833k unique email addresses, with the latter also including passport, drivers licence and European national ID numbers. The exposed data includes names, physical addresses, phone numbers, bank account numbers and customer service notes. Odido has published a disclosure notice advising that impacted data may also include dates of birth and government-issued identity document numbers.
Odido
February 12, 2026
•[ data breach, extortion, PII ]
In February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Shortly after, a total of 6M unique email addresses were published across four separate data releases over consecutive days. The exposed data includes names, physical addresses, phone numbers, bank account numbers, dates of birth, customer service notes and passport, drivers licence and European national ID numbers. Odido has published a disclosure notice including an FAQ to support affected customers.
Lena Health
December 15, 2025
•[ data leak, healthcare, insecure server ]
AI digital helper Lena Health breach allegedly exposed sensitive Houston Methodist patient data on a dark web forum; access claimed via insecure server.
London Womens Clinic
October 19, 2025
•[ ransomware, data leak, dark web ]
Russian ransomware group Qilin reportedly broke into systems used by the London Womens Clinic which runs seventeen IVF and fertility centres across the United Kingdom and is believed to have exfiltrated large volumes of sensitive patient data after posting about the breach on dark web channels on October 19 2025 raising concerns for both private and NHS patients
Cox Enterprises, Inc.
August 9, 2025
•[ vulnerability, zero-day, data leak ]
Hackers exploited a zeroday vulnerability in Oracle EBusiness Suite, breached Cox Enterprises network, and exfiltrated personal data of about 9,479 individuals; Cl0p group later published stolen files on darkweb leak site
Toys “R†Us Canada
July 30, 2025
•[ data leak, phishing, dark web ]
Company confirmed a threat actor copied records from its customer database and later leaked them on the dark web; investigation verified the datas authenticity and regulators were notified. No payment credentials were exposed; customers warned about phishing.
Sam’s Club
March 28, 2025
•[ ransomware, data leak, cybersecurity investigation ]
Sams Club, a U.S. warehouse retail chain owned by Walmart Inc., is investigating claims by the ransomware group Clop that it breached the companys systems. Clop added Sams Club to its dark-web leak site but so far has not provided any proof of data exfiltration. Sams Club acknowledged awareness of the potential incident and emphasized protecting member information is a priority while its internal investigation continues.
