Full List

Search

Search Results (data leak)

• Energy Capital Credit Union October 29, 2024 • [ data leak ] Energy Capital Credit Union disclosed unauthorized access to certain systems occurring between October 29 and November 19, 2024, which was discovered in 2025. State breach filings reported 49,664 affected Texas residents; the credit union has not released a nationwide total. The incident involved exposure of member personal, financial, and limited medical information, and no operational disruption was publicly reported.
• Fillmore County Hospital October 27, 2024 • [ phishing, data leak ] An unauthorized party accessed an employee email account on 2024-10-27. Investigation completed 2024-12-18. Affected data includes personal, medical, payment, and insurance information. Individuals were notified 2025-02-13.
• Hellenic Open University October 25, 2024 • [ ransomware, data leak ] Greek open university confirmed ransomware with prolonged disruption and data leak.
• Georgia Urology October 25, 2024 • [ email compromise, healthcare, data leak ] Georgia Urology disclosed unauthorized access to two employee Microsoft 365 email accounts that exposed patient PII/PHI; notification letters began March 27 2025.
• The Superior Court of California for the County of San Joaquin October 25, 2024 • [ data leak ] The Superior Court of California for the County of San Joaquin later concluded that an unauthorized person had accessed its computer network between October 25 and 30, 2024, after first reporting significant connectivity issues and a cybersecurity incident around the end of that month. Subsequent investigation determined that files containing sensitive personal information such as Social Security numbers, drivers license numbers and credit card numbers had been exposed. The court has not disclosed how many files or people were affected but is offering one year of identity protection and credit monitoring services to potentially impacted individuals and has posted a data breach notice on its website.
• Word & Brown Insurance Administrators, Inc. October 23, 2024 • [ data leak ] Word & Brown Insurance Administrators, Inc. experienced unauthorized access to an employee workstation on or about October 23, 2024. The attacker accessed and copied insurance administration records containing personal and health-related information for clients and employees. No encryption or operational disruption was reported. Disclosure was filed December 23, 2024.
• Gold Coast Health Plan October 21, 2024 • [ data leak, third-party breach, account takeover ] Gold Coast Health Plan reported that a contracted vendor (Conduent Business Solutions) suffered a cyberattack involving compromise of a single employee email account, which allowed unauthorized access to certain files during a window from Oct. 21, 2024 to Jan. 13, 2025. The vendor discovered the incident on Jan. 13, 2025 and began an investigation with law enforcement notification. A later forensic review determined that information for 540 plan members could have been exposed, listing specific claim-related and membership data elements; the release stated that Social Security numbers and financial information were not accessed or disclosed.
• Ou Medicine (Ou Health) October 18, 2024 • [ phishing, data leak ] Ou Health reported unauthorized access to two email accounts impacting patient information.
• Central Kentucky Radiology October 16, 2024 • [ data leak, healthcare, PII ] Unauthorized actor accessed CKRs network Oct 1618 2024 and copied files; ~167k people impacted; notifications issued mid-June 2025; data stolen from Lexington-based servers; no encryption or operational shutdown confirmed.
• Goglia Nutrition LLC d/b/a FuturHealth, Inc. October 16, 2024 • [ data leak ] Goglia Nutrition LLC, doing business as FuturHealth Inc., reported a long-running data security incident involving its data hosting environment for the G-Plans personalized nutrition platform. Investigations found that an Undetermined attacker acquired subscriber data on or before October 16, 2024, but FuturHealth did not complete its internal review and begin notifying customers until October 2025. The compromised information consists mainly of subscriber names and health or lifestyle information submitted through G-Plans, while Social Security numbers, driver licenses and financial account details were not involved. FuturHealth has implemented additional security measures and is sending breach notification letters and offering guidance to affected customers.
• The Good Life Medical Staff LLC October 15, 2024 • [ phishing, data leak ] Healthcare staffing firm reported email account compromise exposing sensitive information
• Hillcrest Convalescent Center October 15, 2024 • [ email compromise, data leak ] Hillcrest reported email account breach affecting over one hundred thousand individuals.
• Drug and Alcohol Treatment Service (DATS) October 5, 2024 • [ data leak, network intrusion, negligence ] 22,215 patient and employee records containing names, addresses, dates of birth, Social Security numbers, and medical treatment information were accessed during a network intrusion discovered October 2024 at Drug and Alcohol Treatment Service (DATS) in Scranton, Pennsylvania; no ransom demand or actor identified; eight class-action lawsuits filed in May 2025 alleged negligent data protection.
• IdeaLab October 4, 2024 • [ ransomware, data leak ] IdeaLab confirmed data theft from an Oct 2024 ransomware breach claimed by Hunters International. 137,000 files (~262.8 GB) stolen and leaked impacting employees/contractors and dependents.
• Charleston Area Medical Center October 2, 2024 • [ phishing, data leak ] Phishing attack on multiple email users; unauthorized access to one mailbox between Oct 23, 2024, possibly exposing personal and health information. No other systems impacted.
• Heartland Community Health Center October 1, 2024 • [ phishing, data leak ] Clinic reported email account breach exposing sensitive patient and insurance information.
• Andy Frain Services October 1, 2024 • [ ransomware, data leak ] Physical security firm reported a ransomware intrusion in Oct 2024 attributed to Black Basta with exfiltration of a wide range of data; notices sent to ~100k people in May 2025.
• Onsite Mammography October 1, 2024 • [ phishing, data leak ] Phishing attack compromised a single employees email account, enabling exfiltration of PII and PHI data affecting over 350,000 individuals; no encryption involved.
• Hunter Health Clinic September 30, 2024 • [ phishing, data leak ] Clinic said an unauthorized party accessed one employee mailbox around Sept 30, 2024; on May 1, 2025 it confirmed files with PHI/PII may have been accessed; notices issued May 15.
• Dove Healthcare September 29, 2024 • [ phishing, data leak ] Healthcare provider disclosed email account compromise containing patient and employee information.