Dairy Farmers of America
June 10, 2025
•[ ransomware, data leak ]
Ransomware hit multiple plants; data exfiltrated and 4,546 notified per filings
Asefa Seguros
June 9, 2025
•[ ransomware, data leak ]
The Spanish subsidiary of a French insurance group (Asefa Seguros) confirmed a cyberattack after the Qilin ransomware gang claimed to have stolen about 210 GB of internal corporate and client data, including passports and an insurance plan for FC Barcelonas Camp Nou stadium.
Zoomcar Holdings, Inc.
June 9, 2025
•[ data leak ]
Unauthorized third-party access discovered on June 9 2025 exposed personal data of approximately 8.4 million Zoomcar users. The company confirmed no financial or password data was affected and reported no service disruption. No actor has claimed responsibility, and investigation is ongoing.
Oxford City Council
June 7, 2025
•[ data leak ]
On June 7 2025, Oxford City Council discovered unauthorized access to legacy IT systems containing historic data from election administration records (20012022). The council confirmed that core services were unaffected and found no evidence of large-scale data extraction or leaks. The attackers have not been identified.
Government of Paraguay (employee workstation compromise)
June 7, 2025
•[ data leak, infostealer, credential theft ]
Infostealer malware installed on a Paraguayan government employees computer harvested credentials and tokens, enabling attackers to exfiltrate databases containing personal information on effectively the entire national population. Security researchers confirmed millions of identity recordsincluding names, national IDs, and contact detailswere leaked online in early June 2025. The Record verified the exposure and found no evidence of ransomware or system disruption.
Erie Insurance
June 7, 2025
•[ data leak, ransomware ]
Erie Insurance detected unauthorized network activity on June 7 2025, prompting containment measures and temporary isolation of systems. The insurer reported the incident to regulators and stated there was no evidence of ransomware or confirmed data theft, though review of potential personal-information exposure remained ongoing.
DealMed Medical Supplies LLC
June 7, 2025
•[ ransomware, data leak ]
DealMed Medical Supplies LLC reported that an unauthorized party accessed its network on or around June 7, 2025, viewing or obtaining files containing protected health information, including names and Social Security numbers. DealMed confirmed the exposure on October 31, 2025. The DragonForce ransomware group listed DealMed on its leak site and claimed to have exfiltrated nearly 106 GB of data. Notification letters have been issued to affected individuals.
HM Revenue and Customs (HMRC)
June 5, 2025
•[ data leak, compromised credentials, fraud ]
Compromised credentials and personal data from 100,000 taxpayer accounts used in fraudulent refund claims totaling 47 million.
Surmodics, Inc.
June 5, 2025
•[ data leak ]
Surmodics shut down parts of its IT systems after detecting unauthorized access on June 5; SEC filing notes restoration ongoing and potential data theft being analyzed.
Rajkot Municipal Corporation (GIS Website)
June 3, 2025
•[ data leak ]
Cyberattack on the Rajkot Municipal Corporations GIS website in India resulted in exfiltration of roughly 400 GB of civic and citizen data; systems taken offline for investigation; no ransomware or encryption reported; attacker identity unconfirmed.
Tupolev
June 3, 2025
•[ data leak, website defacement, state-sponsored ]
Ukrainian intelligence (GUR) compromised Tupolevs internal servers and exfiltrated 4.4 GB of files including personnel records, procurement documents, internal memos, and meeting minutes. The companys website was briefly defaced following the breach.
National Council of Notaries of Morocco (Tawtik.ma Platform)
June 2, 2025
•[ data leak, hacktivism ]
Hacktivist group Jabaroot DZ exfiltrated data from Moroccos Tawtik.ma platform used by the National Council of Notaries; DGSSI confirmed the breach was limited to this platform and did not affect ANCFCC; attackers claimed to have accessed 4 TB of non-classified notarial records.
Connex Credit Union systems
June 2, 2025
•[ data leak ]
An unauthorized access between June 23, 2025, allowed attackers to steal sensitive personal and financial data; no evidence of account compromise; notifications began late July into early August; credit monitoring offered
American Hospital Dubai
June 1, 2025
•[ ransomware, data leak ]
Ransomware group Gunra claimed on June 1 2025 to have breached AHDs Cerner Millennium EHR and exfiltrated a multi-terabyte dataset; figures include a claimed 450M records and 4,589,196 patients; no independent confirmation of volume or encryption.
City of Durant
June 1, 2025
•[ ransomware, data leak ]
City of Durant experienced a cyber intrusion on June 1 2025 attributed to INC
McDonald’s recruitment chatbot platform
June 1, 2025
•[ data leak ]
SecurityWeek reported that a recruitment chatbot platform used by McDonalds leaked data on approximately 64 million job applicants worldwide.
Gastroenterology Consultants of South Texas
May 31, 2025
•[ data leak ]
Gastroenterology Consultants of South Texas (Texas Digestive Specialists) detected unauthorized access to its IT systems in late May 2025.
The Salvation Army
May 29, 2025
•[ ransomware, data leak ]
Media cite Chaos ransomware listing The Salvation Army and claim of data exfiltration, but no verified confirmation from the organization at time of reporting.
UCLH & University Hospital Southampton NHS Trusts
May 29, 2025
•[ vulnerability exploit, data leak ]
Hackers exploited a critical Ivanti EPMM flaw affecting two NHS trusts; data theft involved staff device details, with no patient data accessed according to UCLH; NHSE investigating.
Legal Practice Board of Western Australia
May 28, 2025
•[ ransomware, data leak ]
The regulator confirmed a ransomware attack; threat actors claimed 300 GB exfiltration. The Board took some systems offline, investigated with external experts, and notified affected parties.
