Sistema para el Desarrollo Integral de la Familia de Guadalajara (DIF Guadalajara)
June 25, 2025
•[ data leak ]
Media reported unauthorized access to DIF Guadalajara application and database systems in June 2025. Authorities acknowledged a cyber intrusion and isolated systems as a precaution. Local media reported alleged exposure of beneficiary data, but no official forensic disclosure has been released.
Hospital Civil de Guadalajara
June 25, 2025
•[ data leak ]
Media reported unauthorized access to Hospital Civil de Guadalajara database systems in June 2025. Press accounts described a dataset allegedly offered for sale containing patient and administrative data; authorities confirmed an investigation but released no official forensic totals.
Gladney Center for Adoption
June 24, 2025
•[ data leak ]
Two distinct exposures in 2025; June server exposed June 2426; prior April incident involved ~1.93M records; adoption center responsiveness questioned.
United Australia Party (and Trumpet of Patriots)
June 23, 2025
•[ ransomware, data leak ]
Political parties confirmed ransomware on June 23 with possible exfiltration of all emails and documents; parties stated it is impracticable to notify individuals.
Saudi Games 2024 Registration Platform
June 22, 2025
•[ data leak, hacktivism, database breach ]
Pro-Iranian hacktivist group Cyber Fattah claimed access to the Saudi Games 2024 registration platform backend (phpMyAdmin), leaking SQL dumps with thousands of athlete and visitor recordspassport and ID scans, medical forms, IBANsand staff/government credentials as a protest against Saudi authorities.
Municipality of Tirana (City of Tirana)
June 20, 2025
•[ data leak, denial of service, state-sponsored attack ]
Iran-linked MOIS cluster EUROPIUM (Homeland Justice) conducted a coordinated cyberattack on Tiranas municipal government on Jun 20 2025, taking the city website offline and disrupting services; attackers claimed data theft and wiping of city databases; Microsoft and Albanian officials attributed the activity to MOIS-linked operators; restoration completed by Jun 24 2025.
Nippon Steel subsidiary (Japan)
June 20, 2025
•[ data leak, zero-day exploit ]
Subsidiary blamed data breach on a zeroday exploit; extent and data types under investigation.
Glasgow City Council
June 19, 2025
•[ data leak, government, supply chain attack ]
Glasgow City Council detected malicious activity on servers managed by supplier CGI on 19 June 2025; online payment and school-absence systems were taken offline; possible theft of customer data under investigation; no financial systems affected.
Compumedics Limited
June 18, 2025
•[ ransomware, data leak ]
Australian med-tech firm Compumedics reported a ransomware attack that resulted in exfiltration of data affecting approximately 318,000 individuals.
Ministry of Health (Tonga)
June 15, 2025
•[ ransomware, data leak ]
Ransomware attack beginning June 15 2025 by INC exploited an unpatched web-facing application server in Tongas National Health Information System, enabling data exfiltration and subsequent encryption of Ministry servers. About 70,000 patient records and 300 GB of data were leaked; operations restored by July 18 2025 with international assistance.
Cock.li
June 14, 2025
•[ data leak, vulnerability exploit, email accounts ]
The Germany-based email provider Cock.li confirmed that a hacker exploited a vulnerability in its Roundcube webmail application.
WestJet Airlines
June 13, 2025
•[ data leak ]
On June 13 2025, WestJet experienced unauthorized access causing internal system and app disruption. A subsequent investigation confirmed that a sophisticated criminal actor exfiltrated passenger and employee data, including contact and travel records, though flight operations were unaffected. The company disclosed the data theft on September 29 2025.
The Washington Post
June 13, 2025
•[ data leak, espionage, email compromise ]
A targeted intrusion discovered on June 13 2025 compromised a limited number of Washington Post journalist email accounts, exposing internal correspondence and attachments. The publication stated no subscriber or HR data was affected. Investigation remains ongoing with indications of potential state-sponsored activity.
Chain IQ Group AG
June 12, 2025
•[ data leak ]
Chain IQ reported data contained employee business contact details but no client customer data.
Disneyland Paris (via third-party contractor)
June 12, 2025
•[ ransomware, data leak ]
Anubis ransomware group claimed to have stolen 64 GB (approximately 39,000 files) of engineering and renovation data from a Disneyland Paris third-party contractor and listed the victim on its leak site; no confirmation of intrusion method or verification from Disneyland Paris.
Aflac
June 12, 2025
•[ social engineering, data leak ]
Threat actor Scattered Spider (UNC3944/0ktapus) used social-engineering to gain access to Aflacs U.S. network, accessing internal application servers that stored personal and claims data; no ransomware deployed and scope of exfiltration undetermined.
Cardiovascular Medicine Associates, PA (MyCardiologist)
June 12, 2025
•[ data leak, healthcare, email compromise ]
Hackers accessed MyCardiologists email environment between May 30 and June 12 2025, exfiltrating patient information including medical and insurance details; no encryption or quantitative data reported.
City of Thomasville (Municipal Government)
June 11, 2025
•[ ransomware, data leak ]
Cyberattack on the City of Thomasville, North Carolina discovered June 11 2025; INC ransomware group claimed responsibility and alleged theft of 260 GB of city data; municipal systems taken offline for containment; no encryption or customer data exposure reported.
NKS Super Speciality Hospital
June 10, 2025
•[ data leak ]
Hackers gained unauthorized access to servers of NKS Super Speciality Hospital in North Delhi around June 1011 2025, compromising patient and administrative records; hospital filed FIR; no encryption or ransom confirmed.
Sant Parmanand Hospital
June 10, 2025
•[ data leak, hacked ]
Hackers accessed servers of Sant Parmanand Hospital in North Delhi around June 1011 2025, compromising patient, financial, and administrative files; police registered FIR under Indias IT Act; no encryption or ransom confirmed.
