Laborers’ International Union of North America (LIUNA) Local 1184
November 17, 2024
•[ ransomware, data breach ]
On March 31, 2025, Laborers International Union of North America Local 1184 (LiUNA) filed a notice of data breach with the Attorney General of California after discovering that the organization was the target of a November 2024 ransomware attack.
Eckerd Youth Alternatives Inc
November 11, 2024
•[ unauthorized access, network intrusion, data breach ]
Eckerd Connects reported that it observed suspicious activity within its network environment on or around November 11, 2024. In response, it took steps to mitigate the threat (including taking certain systems offline) and engaged outside specialists to investigate. Following an extensive forensic investigation and manual document review, Eckerd Connects determined on November 17, 2025 that personal information may have been accessed or acquired by an unauthorized party during the period from November 3, 2024 through November 11, 2024. Potentially involved data elements include first/last name, address, date of birth, Social Security number, drivers license/state ID number, tax identification number, and medical information.
ARC Community Services
November 4, 2024
•[ unauthorized activity, data breach, protected health information ]
ARC Community Services disclosed it became aware of unauthorized activity in its network on November 4, 2024 and initiated incident response actions, including taking systems offline until operations could be safely restored. During the ensuing investigation and data review, ARC determined that files containing protected health information (PHI) were taken from its network. The potentially affected PHI varies by individual but may include contact information (name/address), date of birth, medical record number, health information, drivers license number, and financial account information.
At least one undisclosed government and/or tech company
November 4, 2024
•[ state-sponsored, malware, backdoor ]
Government cybersecurity reporting described PRC state-sponsored actors using BRICKSTORM malware to maintain long-term persistence in victim environments, primarily affecting government services/facilities and IT sector organizations. In a documented case, actors accessed a DMZ web server (with a web shell present), moved laterally using service account credentials, copied Active Directory databases, pivoted into VMware vCenter, accessed domain controllers and an ADFS server, and exported cryptographic keys. BRICKSTORM provided stealthy backdoor access for command-and-control and remote operations and was used for persistence from at least April 2024 through at least September 3, 2025. The specific victim organization name was not disclosed in the reporting.
Muah.AI
September 17, 2024
•[ data breach, PII leak, AI prompts ]
In September 2024, the "AI girlfriend" website Muah.AI suffered a data breach. The breach exposed 1.9M email addresses alongside prompts to generate AI-based images. Many of the prompts were highly sexual in nature, with many also describing child exploitation scenarios.
Boston Children’s Health Physicians
September 10, 2024
•[ ransomware, cyber attack, data breach ]
Boston Childrens Health Physicians (BCHP) discloses to have suffered a cyber attack The BianLian ransomware operation claims responsibility for the attack.
Boulanger
September 6, 2024
•[ data breach, PII, retail ]
In September 2024, French electronics retailer Boulanger suffered a data breach that exposed over 27M rows of data. The data included 2M unique email addresses along with names, physical addresses, phone numbers and latitude and longitude. The data was later publicly published to a popular hacking forum.
Storage Durango Blue Diamond
August 31, 2024
•[ data breach, cybersecurity incident ]
Company reported data breach under investigation following cybersecurity incident disclosure.
Fidelity Brokerage Services LLC
August 17, 2024
•[ unauthorized access, fraudulent requests, internal database ]
An unauthorized third party accessed and obtained information from Fidelity's computer network between August 17 and August 19, 2024, using two recently established customer accounts to submit fraudulent requests to an internal database that housed document images. Massachusetts regulators later fined Fidelity Brokerage Services LLC $1.25 million over cybersecurity-control and notification failures tied to the breach.
Former President Donald Trump’s campaign
August 1, 2024
•[ hack, cyberattack, foreign interference ]
The FBI is investigating the alleged hack of former President Donald Trumps campaign, days after the campaign blamed Iran for a breach.
OCAT, LLC dba Evoke Wellness at Hilliard
July 7, 2024
•[ insider threat, data breach, healthcare ]
DataBreaches reported that Evoke Wellness at Hilliard updated its breach reporting about an insider-related patient-data incident. The post notes law enforcement investigated a former employee accused of misusing access to obtain patient information and sell or misuse it, with the employee working there from 2021 to July 2024 and the case surfacing after police found suspicious documents in 2024. Evokes amended patient notice listed many possible exposed data elements (including SSNs and detailed treatment/insurance information) and the post highlights inconsistencies in public filings about discovery dates and affected counts.
Ladies.com
July 3, 2024
•[ data breach, exposed database, cloud misconfiguration ]
In 2024, the lesbian dating website ladies.com suffered a data breach. Attributed to an exposed Firebase database, the breach included extensive personal information on 119k users of the service including email addresses, photos, sexual orientation, genders, dates of birth and precise latitude and longitude, among other personal attributes. The website was shut down in mid-2024 and the breach later acknowledged by the site operator in December, along with a breach of the "Senior Dating" website run by the same organisation.
Town of Apex
June 23, 2024
•[ ransomware, unauthorized access, data breach ]
The Town of Apex experienced a ransomware event in which unauthorized actors accessed town systems from June 23 to July 2, 2024, uploaded town data to a cloud storage provider, and potentially affected personal information of about 22,000 residents; Apex later recovered the data through court action.
Woodfords Family Services
April 8, 2024
•[ unauthorized access, personal information, protected health information ]
Woodfords Family Services reported that after discovering suspicious activity in its network on April 8, 2024, it determined that certain files and folders were subject to unauthorized access and that personal and protected health information may have been compromised.
Medios de Prevención Externos Sur SL
March 22, 2024
•[ ransomware, LockBit, medical ]
Medios de Prevencin Externos Sur SL, a medical company servicing Spain's Guardia Civil, is hit with a LockBit ransomware attack.
Citta� Nuova
July 14, 2023
•[ ransomware, publishing, data breach ]
The Rhysida ransomware gangs hits Citta Nuova, an Italian publishing house.
Tesorer�a General de la Republica (TGR)
January 30, 2023
•[ unauthorized access, hacking forum, credential sale ]
Access to Tesorer''a General de la Rep''blica, the General Treasury of the Republic of Chile (TGR) may be up for sale on a popular hacking forum.
County of�Tehama
November 17, 2022
•[ data security incident, unauthorized access, data breach ]
The county of'Tehama'announces that it has addressed a data security incident that resulted in unauthorized access to files on its systems.
