AUTOSUR
March 16, 2025
•[ data leak, phishing ]
In March 2025, the French vehicle inspection company AUTOSUR suffered a data breach exposing over 10M customer records, though only 487k unique email addresses were present. The compromised data included names, phone numbers, physical addresses, and vehicle details such as make and model, VIN, and registration plate. AUTOSUR later issued a disclosure notice with further details.
Water & Sewerage Corporation
March 15, 2025
•[ ransomware, data leak ]
In mid-March 2025, the Water & Sewerage Corporation of the Bahamas experienced a ransomware attack targeting internal data systems. The utility confirmed unauthorized access but stated there was no evidence of customer data access or theft. While no encryption or operational outage has been verified, remediation efforts were ongoing as of April 2025.
NASCAR
March 15, 2025
•[ ransomware, data leak ]
NASCAR confirmed a ransomware breach of internal systems in March 2025 attributed to Medusa; ~1 TB of sensitive data stolen with $4M ransom demand; notifications and protections offered.
Tj-Actions
March 14, 2025
•[ data leak, supply chain attack, credential exposure ]
A popular GitHub Action called tj-actions/changed-files was compromised: an attacker modified its code and version tags so that when used in CI/CD workflows it executed a script that dumped runner memory and exposed secrets (AWS keys, GitHub PATs, npm tokens, private RSA keys) in publicly accessible logs. The incident, tracked as CVE-2025-30066 (and linked to CVE-2025-30154 for a related Action), affected thousands of repositories across many organizations. Users are advised to stop using the impacted versions, rotate all credentials, and review any workflows that ran between March 1415, 2025.
City of Gloversville (NY)
March 14, 2025
•[ ransomware, data leak ]
City of Gloversville, New York, experienced a ransomware attack discovered on March 14, 2025. The incident encrypted municipal servers and exposed payroll and banking information. Attackers demanded $300,000, and the city paid $150,000 to regain access; no ransomware group has publicly claimed responsibility.
Union County Government
March 13, 2025
•[ ransomware, data leak ]
Ransomware hit Union County Pennsylvania with data theft affecting residents information.
UAS Asset Management
March 13, 2025
•[ data leak ]
UAS Asset Management disclosed unauthorized access to its systems and began mailing breach notices on March 19, 2025.
Leroy Merlin
March 12, 2025
•[ data leak, phishing ]
Leroy Merlin notified customers in France that a cyberattack targeted its information system and that some customers personal data may have leaked outside the company. The notification listed exposed data elements (identity/contact details, date of birth, and loyalty-program information) and stated that banking data and online account passwords were not included. The company said it took steps to block unauthorized access and contain the incident, and cautioned customers to watch for phishing attempts impersonating the brand.
OmniGPT Chatbot Platform
March 10, 2025
•[ data leak, data breach, hacking ]
A hacker known as Gloomer claimed to have breached the OmniGPT AI chatbot platform, stealing and leaking millions of user messages and account details. Data samples were posted on BreachForums and reported by multiple cybersecurity outlets, though OmniGPT has not confirmed the incident.
TerrePower, LLC
March 10, 2025
•[ data leak ]
TerrePower detected suspicious activity between December 12 and December 16, 2024. An unauthorized actor may have viewed and obtained files containing sensitive personal identifiers. Notifications began March 7, 2025.
Cardi’s Furniture And Mattress
March 10, 2025
•[ data leak ]
Retailer mailed breach letters following cybersecurity incident affecting customer information.
Central Texas Pediatric Orthopedics
March 10, 2025
•[ data leak, healthcare ]
Austin pediatric orthopedics notified breach impacting ninety thousand patient records.
New Era Enterprises
March 10, 2025
•[ data leak ]
Company notified individuals after unauthorized access enabled exposure of sensitive consumer information.
LKQ
March 10, 2025
•[ ransomware, data leak ]
LKQ Corporation confirmed it was impacted by the Oracle E-Business Suite (EBS) hacking campaign after being listed by the Cl0p ransomware group. LKQ told the Maine Attorney General that personal information for more than 9,000 individuals was compromised, and an example notice letter indicated affected data included sole proprietor supplier information such as Employer Identification Numbers and Social Security numbers. According to LKQ, it launched an investigation on October 3, 2025 and completed its analysis of personal information compromise on December 1, 2025.
Tri-Century Eye Care
March 9, 2025
•[ ransomware, data leak ]
Tri-Century Eye Care reported that it identified suspicious activity on September 3, 2025, secured its environment, and later determined on September 19, 2025 that an unknown actor gained unauthorized access to its network and acquired files containing personal and protected health information. The organization stated there was no evidence of access to its current electronic medical records system, but the acquired files may have included patient and employee identifiers (including SSNs and dates of birth) along with medical, insurance, and billing/payment information. Public reporting noted the incident impacts approximately 200,000 individuals and that the Pear ransomware group claimed responsibility and later published files allegedly stolen from Tri-Century.
Incruit
March 8, 2025
•[ data leak ]
Incruit reported signs of external attack and data exposure beginning March 8; customers were notified and regulators opened an investigation; scope and method under review.
Yale New Haven Health
March 8, 2025
•[ data leak, healthcare ]
YNHHS reported that an unauthorized third party accessed its network and on March 8 2025 obtained copies of certain patient data. The health system disclosed the breach publicly on April 24 2025, stating 5.5M+ patients were affected. Data types vary by individual and may include demographics, patient type, medical record number, and in some cases Social Security numbers. No encryption or operational shutdown was reported.
Chicago Public Schools
March 7, 2025
•[ data leak, third-party breach ]
Vendor Software Exploited Led To Exposure Of Chicago Public Schools Student Information.
Tata Technologies
March 6, 2025
•[ ransomware, data leak ]
Tata Technologies, a subsidiary of the Indian conglomerate Tata Motors, was struck by the ransomware gang Hunters International, which claims to have exfiltrated around 1.4 terabytes (730,000 + files) of data and is threatening public release unless a ransom is paid. Hackread The company had earlier disclosed a ransomware incident disrupting some IT assets and services, though client-deliveries were reportedly unaffected.
The Longleaf Network
March 6, 2025
•[ data leak ]
Provider network disclosed data breach tied to a May 2024 cyberattack
