Search Results for "data leak"

VeriSource Services, Inc. February 27, 2024 • [ data leak ] VeriSource Services, Inc., a Texas-based HR and benefits administration firm, suffered a data breach in February 2024 after an unauthorized party accessed and downloaded approximately 4 million employee and dependent records from its systems. No encryption or operational disruption occurred. Disclosure was made in April 2025 following forensic review.

The Pension Specialists Ltd. (TPS) February 24, 2024 • [ data leak ] Between February 18 and 20, 2024, unauthorized access occurred in the systems of The Pension Specialists Ltd., an Illinois-based retirement plan administrator. A cybercriminal gained access to the companys plan administration application server and exfiltrated files containing personally identifiable information. The company confirmed that 71,443 plan participants data, including names and Social Security numbers, was stolen. Notification was filed with the Maine Attorney General on February 18, 2025. No encryption of systems or files was reported.

Innovative Renal Care February 21, 2024 • [ data leak ] Between February 21 and March 1, 2024, an unauthorized party accessed Innovative Renal Cares computer network and copied sensitive files. The breach exposed personal and health-related data including names, Social Security numbers, financial details, medical information, and prescriptions. The company filed a notice with the Massachusetts Attorney General on February 14, 2025, and began sending notification letters to impacted individuals. No encryption of systems or files was reported.

American Renal Management February 21, 2024 • [ data leak ] IRC detected suspicious activity (2/29/2024); investigation found unauthorized access to certain systems (2/213/1/2024) with copying of internal files containing PII/PHI; IRC notified regulators and began mailing letters on 2/14/2025; credit monitoring offered and security measures enhanced.

Medical Billing Specialists, Inc. February 17, 2024 • [ data leak ] Network disruption Feb 17, 2024; investigation confirmed unauthorized access to systems with sensitive data; notices filed 07-01-2025.

Alltrust / Aspire Usa February 12, 2024 • [ data leak ] Law firm notice details AllTrust/Aspire breach exposing sensitive personal information.

Baker University February 12, 2024 • [ data leak ] Baker University disclosed that it detected suspicious activity in December 2024 that resulted in a network outage and led to an investigation of its systems. The university determined there was unauthorized access and/or acquisition of certain files and folders within its network between December 2, 2024 and December 19, 2024. After reviewing affected files, Baker concluded that a range of sensitive personal information may have been involved depending on the individual, including identifiers and financial and health-related data.

DISA Global Solutions February 9, 2024 • [ data leak ] Breach window Feb 9Apr 22, 2024; ~3.3M impacted; disclosures via state AG filings and reports in FebMar 2025.

Rödl Management, Inc. February 9, 2024 • [ data leak ] Rdl Management, Inc., an Atlanta-based professional services firm, reported unauthorized access to its network systems between January 30 and February 9 2024, resulting in exposure of personal data; no encryption or operational disruption reported.

RÃƒÂ¶dl Management, Inc. February 9, 2024 • [ unauthorized access, data leak, personal data exposure ] Rdl Management, Inc., an Atlanta-based professional services firm, reported unauthorized access to its network systems between January 30 and February 9 2024, resulting in exposure of personal data; no encryption or operational disruption reported.

St. Andrew’s Resources for Seniors System February 8, 2024 • [ data leak ] An unauthorized actor accessed certain employee email accounts; suspicious activity was detected on 2024-02-08. Review concluded 2025-01-06, and notifications began 2025-02-07.

John P. Meehan Agency February 7, 2024 • [ email compromise, data leak ] John P. Meehan Agency disclosed that it discovered unusual network activity on July 8, 2024 and later confirmed unauthorized access to a single employee email account between July 2 and July 8, 2024, during which data on the account was acquired. The agency reported that impacted information varied by individual and could include highly sensitive identifiers (SSNs and government IDs), financial account/payment card data, dates of birth, and medical information. Affected individuals began receiving notice in November 2025, more than a year after the email account compromise was discovered.

Arab Civil Aviation Organization (ACAO) February 4, 2024 • [ sql injection, data leak, cyber-espionage ] Threat actors exploited a vulnerable web application belonging to the Arab Civil Aviation Organization via SQL injection, exfiltrating staff and member credentials and communications. The stolen data, published on dark-web forums on February 4 2024, was identified by Resecurity, which assessed the activity as part of a cyber-espionage campaign targeting aviation-safety specialists across multiple Arab states.

Financial Business And Consumer Solutions February 1, 2024 • [ data leak ] Debt Collector Updated Affected Count For 2024 Breach To 4,253,394 Individuals.

Schuster Company January 30, 2024 • [ data leak, personally identifiable information ] An unauthorized third party gained access to Schuster Companys network between January 2330, 2024 and exfiltrated employee/driver personally identifiable information. The company publicly disclosed the incident on April 4, 2025.

St. Joseph’s College Of Maine January 24, 2024 • [ data leak, unauthorized access ] College confirmed unauthorized network access in 20232024; notices sent March 2025.

Thai Public Health MinistryÃ¢â‚¬â„¢s Immunization Centre. January 22, 2024 • [ data leak, hacktivism, personally identifiable information ] A threat actor named '9Near Hacktivist' claims to leak 55 million records allegedly taken from the Thai Public Health Ministrys Immunization Centre.

Maisons de lÃ¢â‚¬â„¢Avenir January 15, 2024 • [ ransomware, data leak ] Maisons de lAvenir is added to the LockBit 3.0 ransomware leak site.

TriZetto Provider Solutions, January 11, 2024 • [ data leak, healthcare ] TriZetto Provider Solutions, a Cognizant-owned vendor providing revenue management services to healthcare organizations, reported a cybersecurity incident affecting a customer web portal. TriZetto identified suspicious portal activity on 10/02/2025, secured the portal, and engaged Mandiant to investigate and validate remediation. Forensic work determined an unauthorized third party had been accessing historical eligibility transaction reports within TriZetto systems since November 2024, nearly a year before detection. The reports contained protected health information for patients of certain healthcare provider clients. TriZettos review determined compromised data could include patient and primary insured names combined with other personal and insurance information such as addresses, dates of birth, Social Security numbers, member/Medicare numbers, insurer names, and related demographic health and coverage details. TriZetto stated it believed the actor had been eradicated and no further unauthorized portal activity was detected after 10/02/2025; the total number of affected clients/individuals was not yet publicly confirmed.

Trinity Petroleum Management January 10, 2024 • [ data leak ] Texas filing indicated unauthorized access exposing names addresses and Social Security numbers.

Search Results (data leak)