Canadian Tire
October 2, 2025
•[ data breach, retail, PII ]
In October 2025, retailer Canadian Tire was the victim of a data breach that exposed almost 42M records. The data contained 38M unique email addresses along with names, phone numbers and physical addresses. Passwords were stored as PBKDF2 hashes and for a subset of records, dates of birth and partial credit card data were also included (card type, expiry and masked card number). In its disclosure notice, Canadian Tire advised that the incident did not impact bank account information or loyalty program data.
Gulshan Management Services
September 25, 2025
•[ ransomware, phishing, data breach ]
SecurityWeek reported that Gulshan Management Services, associated with Gulshan Enterprises (operator of Handi Plus and Handi Stop locations in Texas), disclosed a ransomware-related data breach affecting more than 377,000 individuals via a filing with the Maine Attorney General. Gulshan detected unauthorized access in late September 2025 after an attacker gained entry through a successful phishing attack and maintained access for about 10 days. During that period, the threat actor stole personal data and then deployed ransomware that encrypted files on Gulshan systems. The compromised personal information was described as including names, contact details, Social Security numbers, and drivers license numbers.
Thayer Hotel at West Point
September 19, 2025
•[ unauthorized access, data breach, personally identifiable information ]
On 19 September 2025 the Thayer Hotel at West Point experienced unauthorized access to its computer systems, prompting a forensic investigation and containment measures. The hotel later confirmed that an Undetermined actor accessed systems holding data on roughly 33,053 individuals and that exposed information could include names, dates of birth, postal addresses, Social Security numbers, drivers license and passport numbers, state IDs, email addresses and some medical or financial data for guests and employees. A formal Notice of Data Security Incident dated 31 October 2025 describes the breach, and law firms have begun investigating potential claims while the hotel offers credit monitoring through Kroll.
Charlottesville Settlement Company
September 1, 2025
•[ data breach, network intrusion, data theft ]
WVIR (29News) reported that Charlottesville Settlement Company disclosed a September 2025 data breach that was discovered on March 10, 2026 and communicated to affected individuals in a letter dated March 18. The company said an unknown actor broke into its network and stole customers personal information, impacting 22,041 customers. The firm provides title insurance and settlement services for real estate transactions. The report did not enumerate specific data elements stolen, but stated affected individuals were offered credit monitoring and reimbursement coverage.
University of Hawaii Cancer Center
August 31, 2025
•[ ransomware, data breach, Social Security numbers ]
The University of Hawaii Cancer Center disclosed an August 2025 ransomware incident in which attackers gained unauthorized access to its network, encrypted files, and stole research files containing patient-related information. Reporting indicates the intrusion was discovered on or around August 31, 2025, after which affected servers were isolated and an investigation began. The Cancer Center stated its electronic medical record system was not impacted, but research datasets were affected and a subset of older records included Social Security numbers because they were historically used as identifiers in the 1990s. Due to the sensitivity of the data and the extent of encryption, the organization engaged external experts, obtained a decryption tool, and reported paying a ransom in exchange for a claimed promise by the attackers to delete stolen data, while continuing longer-term recovery and security hardening.
Shwapno
August 19, 2025
•[ ransomware, data breach, customer database ]
Shwapno said attackers accessed its customer database in August 2025, and outside reporting said Qilin claimed a $1.5 million ransom demand.
National prison management platform of the National Penitentiary Administration (ANP)
August 1, 2025
•[ insider threat, financial fraud, unauthorized access ]
A prisoner in the Dej hospital prison hacked tablet/kiosk systems used to access the national inmate-services portal, manipulating requests and financial accounts tied to commissary and sentence-credit workflows. Activity persisted for weeks across multiple institutions before detection; the union and national media detail platform misuse and credential abuse rather than broad IT outages.
Panera Bread
August 1, 2025
•[ data breach, unauthorized access, data leak ]
Panera Bread reportedly suffered a data breach that exposed approximately 14 million customer records after unauthorized access to an application database, with no evidence of operational disruption disclosed at the time of reporting.
Colombian Justice Minister Andres Idarraga
August 1, 2025
•[ spyware, Pegasus, surveillance ]
Colombias justice minister stated that forensic evidence indicates his phone was hacked using Israeli Pegasus spyware during the second half of 2025 while he was investigating alleged corruption in the military. He alleged the operation was ordered through the Defense Ministry using state counterintelligence structures and confidential funds. According to his statement, investigators found his phone was taken over more than 8,700 times and that 2.3 GB of data were downloaded, including sensitive corruption complaints, and that the camera/microphone were illicitly activated on numerous occasions. The incident is characterized as a targeted spyware intrusion against a senior government official with alleged state involvement.
Orange
July 25, 2025
•[ data breach, service disruption ]
Orange detected a breach of one information system on July 25; isolating affected services caused disruptions for some business and consumer services in France. Company reports no evidence of data exfiltration as of reporting.
U.S. National Nuclear Security Administration (NNSA)
July 18, 2025
•[ data breach, vulnerability, zero-day ]
Breach of NNSA systems through a Microsoft SharePoint zero-day vulnerability. DOE stated a small number of systems were impacted and are being restored. Attack was later linked to Chinese state hacking groups Linen Typhoon and Violet Typhoon.
Canopy Healthcare
July 18, 2025
•[ unauthorized access, data breach, data leak ]
DataBreaches summarized RNZ reporting that Canopy Health said it identified on July 18, 2025 that an unknown person temporarily obtained unauthorized access to part of its systems used by its administration team. Canopy said forensic review indicated unauthorized access to one of its servers likely occurred and that some data may have been copied. The provider stated the incident was contained, that an investigation was ongoing, and that it sought and obtained an urgent High Court injunction to prevent use or publication of any information that may have been accessed. The report did not enumerate specific data elements or counts of affected individuals.
Netherlands Public Prosecution Service (Openbaar Ministerie)
July 17, 2025
•[ cyberattack, vulnerability exploit, state-sponsored attack ]
Strong indications that Russia was behind a cyberattack exploiting a Citrix vulnerability; the OM took systems offline on July 17 as a response; extent of data access not yet disclosed.
Atlas Transfer and Storage
July 15, 2025
•[ unauthorized access, data breach, PII ]
Atlas Transfer & Storages notice states it identified suspicious activity on July 15, 2025 and launched an investigation. The investigation concluded that an unauthorized party copied certain files on the same date. Atlas reviewed the impacted files and stated the affected information varied by individual but could include identifiers and financial/health insurance information such as SSNs, tax IDs, drivers license/state IDs or other government IDs, payment card numbers, health insurance and medical information, and financial account information. Atlas stated it notified individuals and offered complimentary credit monitoring services.
woom GmbH
July 11, 2025
•[ cyberattack, data breach, incident response ]
woom stated that on Friday November 7, 2025 it was affected by a cyberattack in which an internationally operating hacker group gained access to parts of the companys systems despite security measures. woom said it immediately initiated incident response with external experts, contained and processed the incident, and restored systems as quickly as possible. The company said there were indications that some customer information may have been affected, but it reported no sensitive customer data exposure and emphasized ongoing investments in security improvements.
Sentinel Security Life and Atlantic Coast Life
July 4, 2025
•[ unauthorized access, personally identifiable information, social security numbers ]
Sentinel Security Life Insurance Co. and Atlantic Coast Life Insurance Co. disclosed a cyber incident involving unauthorized access that occurred between April 7 and April 15, 2025. The companies reported that personally identifiable information associated with policyholders, beneficiaries, and other individuals connected to the firms may have been exposed. Potential data elements cited in reporting include names, Social Security numbers, taxpayer identification numbers, financial account information, dates of birth, medical records, and health insurance details; the companies stated they were unaware of misuse at the time of reporting.
Hawaiian Airlines
June 23, 2025
•[ unauthorized access, data breach, threat actor attribution ]
On June 23 2025, Hawaiian Airlines detected unauthorized access affecting certain IT systems; flights and safety operations were unaffected. The company reported the breach in an SEC 8-K filing and began investigation with external experts and the FBI. No confirmed data-theft volume or ransom demand disclosed; security researchers suspect the Scattered Spider threat group, but attribution remains unconfirmed.
KT Corporation
June 1, 2025
•[ financial fraud, data breach ]
KT told lawmakers its CEO would step down once the unauthorized micropayment breach is resolved. The case involves widespread illicit small-value charges through subscriber accounts, prompting government probes, customer redress, and leadership accountability. Technical details point to abuse of payment flows rather than core network outage; impact is financial and reputational, not operational.
Ordine degli Psicologi della Lombardia
May 30, 2025
•[ ransomware, data breach ]
Italys data protection authority fined the Lombardy Psychologists Order 30,000 following a data breach; the Order states the incident traces to a serious ransomware attack in 2023, with no operational details disclosed in the article.
