Resort Data Processing
February 19, 2025
•[ data breach, hospitality ]
Hospitality PMS vendor mailed breach letters on March 20, 2025 after cyber incident.
Health Service Executive (HSE) – primary care services, Midlands (third-party processor)
January 2, 2025
•[ ransomware, data breach, third-party breach ]
DataBreaches summarized reporting that the Irish Health Service Executive confirmed a second ransomware attack occurred in February 2025, targeting a third-party processor and resulting in a data protection breach reported by HSE primary care services in the Midlands. The HSE stated there was no evidence that patients data was stolen in the incident, and the brief report did not describe prolonged operational disruption or specify what systems were encrypted. Based on the confirmation of a ransomware incident affecting a processor, this is coded as a disruptive event with limited publicly available detail on scope and duration.
Middlesex Sheriff's Office
January 1, 2025
•[ data breach, protected health information, HIPAA ]
The Middlesex Sheriffs Office reported that a security breach occurred in January 2025 and that a comprehensive investigation (with state/federal law enforcement and private cybersecurity vendors) determined on November 19, 2025 that the incident involved unauthorized access to protected health information. The exposed PHI may have included names, home addresses, dates of birth, diagnoses, and other general health information related to individuals who may have received medical care through the Sheriffs Office. Public reporting indicated the breach represented a HIPAA-related incident; the organization did not specify the number of affected individuals in the public notice and did not disclose the initial access vector or whether any data was exfiltrated beyond unauthorized viewing/access.
Jupiter Medical Center (via third party health records vendor)
January 1, 2025
•[ data breach, healthcare, third party risk ]
Jupiter Medical Center issued a warning/notice describing a data breach tied to a data security incident dating back to January 2025. The report indicates the healthcare organization investigated the incident and proceeded with notification and remediation steps in 2026. Because the accessible source context here does not provide a clear affected-individual count or a detailed breakdown of data elements, the customer-data fields are coded as undetermined.
EyeCare Partners
January 1, 2025
•[ email compromise, unauthorized access, data breach ]
EyeCare Partners disclosed that an unauthorized third party accessed certain ECP-managed email accounts between December 3, 2024 and January 28, 2025. The accessed files may have contained personal identifiers and limited health-related information, including addresses, dates of birth, Social Security numbers, drivers license numbers, health plan information, and limited clinical information; the notice emphasized that full medical records and detailed clinical information were not impacted. The organization reported the incident to Massachusetts regulators on February 4, 2026 and began outreach and remediation steps consistent with an email-system compromise.
The Children’s Center of Hamden
December 28, 2024
•[ data breach, data theft, unauthorized network activity ]
In late December 2024, The Childrens Center of Hamden detected unauthorized network activity later linked to the criminal group INC. The attack resulted in theft of sensitive patient and staff information including SSNs and medical records. No encryption reported. Public notice issued August 28 2025.
Monroe University
December 9, 2024
•[ data breach, network access, personally identifiable information (PII) ]
BleepingComputer reported that Monroe University disclosed that threat actors accessed its network for roughly two weeks (December 9 to December 23, 2024) and stole documents later determined to contain personal, financial, and health information. The university stated it determined on September 30, 2025 that certain individuals data was contained in the stolen files, and filings indicated 320,973 individuals were affected. Exposed data elements were described as varying by person and potentially including name, date of birth, Social Security number, drivers license or passport numbers, government ID numbers, medical and health insurance information, email or electronic account usernames and passwords, financial account information, and student-related data. Notifications were mailed beginning January 2, 2026.
Behavioral Health Resources
November 20, 2024
•[ data breach, data leak ]
Unauthorized actor accessed Behavioral Health Resources network in Nov 2024, exfiltrating client PII and medical records; organization confirmed breach via Maine AG filing and began notifications in Apr 2025.
Laborers’ International Union of North America (LIUNA) Local 1184
November 17, 2024
•[ ransomware, data breach ]
On March 31, 2025, Laborers International Union of North America Local 1184 (LiUNA) filed a notice of data breach with the Attorney General of California after discovering that the organization was the target of a November 2024 ransomware attack.
Eckerd Youth Alternatives Inc
November 11, 2024
•[ unauthorized access, network intrusion, data breach ]
Eckerd Connects reported that it observed suspicious activity within its network environment on or around November 11, 2024. In response, it took steps to mitigate the threat (including taking certain systems offline) and engaged outside specialists to investigate. Following an extensive forensic investigation and manual document review, Eckerd Connects determined on November 17, 2025 that personal information may have been accessed or acquired by an unauthorized party during the period from November 3, 2024 through November 11, 2024. Potentially involved data elements include first/last name, address, date of birth, Social Security number, drivers license/state ID number, tax identification number, and medical information.
At least one undisclosed government and/or tech company
November 4, 2024
•[ state-sponsored, malware, backdoor ]
Government cybersecurity reporting described PRC state-sponsored actors using BRICKSTORM malware to maintain long-term persistence in victim environments, primarily affecting government services/facilities and IT sector organizations. In a documented case, actors accessed a DMZ web server (with a web shell present), moved laterally using service account credentials, copied Active Directory databases, pivoted into VMware vCenter, accessed domain controllers and an ADFS server, and exported cryptographic keys. BRICKSTORM provided stealthy backdoor access for command-and-control and remote operations and was used for persistence from at least April 2024 through at least September 3, 2025. The specific victim organization name was not disclosed in the reporting.
ARC Community Services
November 4, 2024
•[ unauthorized activity, data breach, protected health information ]
ARC Community Services disclosed it became aware of unauthorized activity in its network on November 4, 2024 and initiated incident response actions, including taking systems offline until operations could be safely restored. During the ensuing investigation and data review, ARC determined that files containing protected health information (PHI) were taken from its network. The potentially affected PHI varies by individual but may include contact information (name/address), date of birth, medical record number, health information, drivers license number, and financial account information.
Muah.AI
September 17, 2024
•[ data breach, PII leak, AI prompts ]
In September 2024, the "AI girlfriend" website Muah.AI suffered a data breach. The breach exposed 1.9M email addresses alongside prompts to generate AI-based images. Many of the prompts were highly sexual in nature, with many also describing child exploitation scenarios.
Boston Children’s Health Physicians
September 10, 2024
•[ ransomware, cyber attack, data breach ]
Boston Childrens Health Physicians (BCHP) discloses to have suffered a cyber attack The BianLian ransomware operation claims responsibility for the attack.
Storage Durango Blue Diamond
August 31, 2024
•[ data breach, cybersecurity incident ]
Company reported data breach under investigation following cybersecurity incident disclosure.
Former President Donald Trump’s campaign
August 1, 2024
•[ hack, cyberattack, foreign interference ]
The FBI is investigating the alleged hack of former President Donald Trumps campaign, days after the campaign blamed Iran for a breach.
Medios de Prevención Externos Sur SL
March 22, 2024
•[ ransomware, LockBit, medical ]
Medios de Prevencin Externos Sur SL, a medical company servicing Spain's Guardia Civil, is hit with a LockBit ransomware attack.
Citta� Nuova
July 14, 2023
•[ ransomware, publishing, data breach ]
The Rhysida ransomware gangs hits Citta Nuova, an Italian publishing house.
