Philadelphia Corporation for Aging
July 10, 2025
•[ data leak, healthcare ]
A data breach at the Philadelphia Corporation for Aging allowed unauthorized access to systems between July 10 and July 25, 2025, during which personal and protected health information for 19,820 individuals was copied. PCA filed notice on November 4, 2025.
Coos County Family Health Services
July 9, 2025
•[ data leak ]
Provider reported unauthorized server access on July 9; investigation indicates possible viewing or copying of patient data.
Flutter Entertainment (Paddy Power and Betfair)
July 9, 2025
•[ data leak ]
Unauthorized third-party access to Flutter Entertainments Paddy Power and Betfair systems exposed personal account data of about 800,000 users; the company contained the breach and reported no financial data compromise.
Khan & Associates CPA, Inc.
July 9, 2025
•[ unauthorized access, data leak ]
An unauthorized user accessed Khan & Associates CPAs Intuit tax filing software between July 916 2025, filing false federal and state tax returns and exposing clients PII including SSNs and bank data.
Undisclosed Florida orthopedic practice
July 8, 2025
•[ data leak, healthcare ]
Beckers reports a data breach affecting a Florida orthopedic practice; details on scope and vector limited.
Healthcare Interactive
July 8, 2025
•[ data leak, hacked, phi ]
Healthcare Interactive reported that hackers accessed its network between July 812, 2025 and exfiltrated files containing extensive PHI/PIIincluding names, DOBs, SSNs, contact details, insurance enrollment IDs, diagnoses, provider names, lab results, medical images, treatment plans, and possibly claims datawith the breach detected around July 22; the attack vector wasnt disclosed but regulators were notified.
Axis Max Life Insurance (Max Financial Services)
July 5, 2025
•[ data leak ]
Max Financial disclosed its insurance subsidiary received notice of unauthorized access to customer data; investigation underway; details not disclosed.
Louis Vuitton Korea
July 4, 2025
•[ data leak ]
Bloomberg-reported cyberattack resulted in customer data leak affecting Louis Vuitton Korea customers; details limited at disclosure.
Aeroméxico
July 4, 2025
•[ data leak ]
Criminal group ShinyHunters claimed responsibility for compromising Aeromxicos Salesforce or related cloud application environment around July 4 2025, exfiltrating approximately 172 GB of passenger data including contact and ID information. Aeromxico has not confirmed the intrusion or the volume of records exposed.
Avantic Medical Lab
July 3, 2025
•[ ransomware, data leak ]
Everest listed the lab June 10 and leaked 31 GB of patient files on July 3; contents include PHI, EOB files, and some financial details.
Columbia University
July 3, 2025
•[ data leak, hacktivism ]
University said a hacker with a political agenda broke into IT systems and stole targeted student data; no threat activity detected since June 24.
Louis Vuitton
July 2, 2025
•[ data leak ]
Louis Vuitton confirmed multiregion customer data breach. No payment data impacted. Undisclosed amount of data was stolen.
Deutsche Welthungerhilfe (WHH)
July 2, 2025
•[ ransomware, data leak ]
RaaS group listed WHH and offered stolen data for sale; WHH shut down affected systems, involved police and DPA, and refused to pay.
Undisclosed U.S. political associates (per Reuters)
July 1, 2025
•[ data leak, state-sponsored, political ]
Reuters-reported claim: Iran-linked actors threaten to release ~100 GB of emails allegedly stolen from associates of Donald Trump; CISA called material 'purportedly stolen' and 'unverified.'
Pulse Urgent Care Center
July 1, 2025
•[ data leak, unauthorized access, healthcare ]
Unauthorized access to Pulse Urgent Care Centers network exposed patient PHI; no encryption or quantitative scope reported and threat actor unconfirmed.
Accu Reference Medical Laboratory
July 1, 2025
•[ ransomware, data leak ]
Qilin listed Accu Reference on July 10 claiming they acquired data on July 1; screenshots display unredacted PHI; encryption not indicated.
Qantas
June 30, 2025
•[ data leak, third-party ]
Qantas detected unusual activity on a thirdparty contactcenter platform; a significant amount of customer data may be stolen; airline core systems remained secure.
With Intelligence Ltd. (via third-party PeopleCheck)
June 28, 2025
•[ data leak, third-party breach, compromised credentials ]
On June 28, 2025, threat actors using compromised login credentials accessed PeopleCheck systems, a third-party provider for With Intelligence Ltd., resulting in exposure of sensitive personal information of job candidates and employeesincluding SSNs and birth dates. No evidence of data encryption or disruption. With Intelligence notified the affected parties by July 11, 2025 and provided 24 months of credit monitoring.
Undisclosed Ukrainian business services organization
June 27, 2025
•[ webshell, credential harvesting, data leak ]
Symantec-reported intrusion beginning June 27, 2025 used LocalOlive webshell and LOTL techniques to harvest credentials and system data; activity persisted through mid-2025; no disruption reported.
Radix (Swiss government IT service provider)
June 25, 2025
•[ ransomware, data leak ]
Swiss IT provider Radix suffered a ransomware intrusion by the Sarcoma group around June 25 2025; attackers exfiltrated ~1.3 TB of Swiss federal data, encrypted internal systems, and leaked the files online; NCSC confirmed no direct intrusion into federal networks.
