Ezynetic (IT vendor to Moneylenders Credit Bureau/ Credit Bureau Singapore)
June 24, 2024
•[ data leak ]
PDPC fined Ezynetic after breach impacting ~190,000 whose data, including credit reports, was put for sale; uncovered June 24, 2024.
Bitcoin Depot
June 23, 2024
•[ data leak ]
Bitcoin Depot reported a data breach that occured in June 2024 after completing an investigation on July 18, 2024. Customer data stolen affecting 27,000 individuals including personal information.
Catholic Charities of Southern Nevada
June 22, 2024
•[ data leak, PII/PHI exposure ]
Suspicious activity detected June 22, 2024; later notice confirms sensitive PII/PHI impacted.
NewsBank
June 20, 2024
•[ data leak, employee data, class action ]
Employee data breach at NewsBank discovered around July 1, 2024; investigation found unauthorized access June 20July 1, 2024 to systems holding employee PII (names, SSNs, DL, financial/credit-debit data; possible medical info). Class action reported Feb 20, 2025; no actor publicly identified.
Hong Ngoc General Hospital
June 15, 2024
•[ data leak ]
In June 2024 hackers advertised on cybercrime forums the sale of 112,000 patient and staff records stolen from Hong Ngoc General Hospital, including names, contact information, medical and financial data. The method of compromise was not disclosed, and no encryption was reported.
Community Dental Care, Inc.
June 12, 2024
•[ data leak, hacked ]
Community Dental Care (CDC), a Minnesota nonprofit dental healthcare provider, reported that an unauthorized third party may have viewed and obtained sensitive personal information and protected health information from its systems. CDC detected unauthorized activity on 12/20/2024 and investigated, later concluding that on or around 12/06/2024 an intruder may have accessed and acquired certain data. CDC performed a data review to determine what information was involved and identify affected individuals, completing that review on 03/24/2025, and posted a public notice on 03/28/2025. Potentially exposed information varied by person and could include names, Social Security numbers, addresses, dates of birth, drivers license or other government IDs, passport numbers, medical information, and health insurance information. CDC indicated it would update notices if additional information types were identified and offered guidance and services to affected individuals.
Ya-moon
June 1, 2024
•[ data leak ]
A hacker alias Valerie claims a breach of the Ya-moon forum in June 2024, publishing user data and chat logs.
Maryhaven, Inc.
May 30, 2024
•[ data leak, healthcare, unauthorized access ]
Maryhaven, a behavioral health and addiction treatment provider in Ohio, detected unauthorized access to its systems on June 1 2024. An unknown actor accessed and exfiltrated patient and employee PHI/PII data (~7,000 records). No encryption or operational disruption occurred. Disclosure issued April 11 2025 through Cyberscout/TransUnion.
Alternate Solutions Health Network, LLC
May 30, 2024
•[ phishing, data leak ]
On or around May 30 2024, an unauthorized actor accessed an employee email account at Alternate Solutions Health Network. The account was secured after discovery; investigation concluded February 14 2025 and confirmed exposure of PHI. Notifications were issued beginning April 14 2025.
RestorixHealth
May 29, 2024
•[ phishing, data leak ]
Investigation confirmed unauthorized access to one mailbox (May 729, 2024); notification letters commenced Feb 14, 2025.
The Cooper Health System
May 14, 2024
•[ data leak ]
Unauthorized access discovered May 14 2024 to Cooper Health file servers resulted in data exfiltration of 57,412 patient records; no service disruption reported; investigation closed Mar 26 2025.
Doctors Imaging Group
May 11, 2024
•[ ransomware, data leak ]
Radiology practice disclosed that attackers had network access Nov 511, 2024 and copied files with PHI/PII; 171k people impacted; ransomware attribution Undetermined.
San Francisco-Marin Food Bank
May 10, 2024
•[ data leak ]
Between May 10 and May 30 2024, unauthorized actors accessed the network of the San Francisco-Marin Food Bank, exposing personal data including Social Security numbers, IDs, and financial or medical details for approximately 60,180 individuals. The breach was discovered May 31 2024 and disclosed publicly in February 2025. The organization engaged cybersecurity experts and notified affected individuals; no misuse has been confirmed.
Abri Credit Union
May 3, 2024
•[ data leak ]
Abri Credit Union disclosed unauthorized access to its systems occurring in May 2024 that was discovered in December 2025. The incident may have exposed personal, financial, and limited medical information of members. The credit union notified affected individuals and offered credit monitoring services; no operational disruption was publicly reported.
Bağcılar Training and Research Hospital
April 12, 2024
•[ cyber attack, medical records, ransomware ]
A cyber attack on the Baclar Training and Research Hospital in Istanbul compromises the confidential medical records, including X-ray scans and test results, taken at the hospital since 2007. It is rumored that the attackers asked for 200,000 dollars in exchange for the medical records.
Gastroenterology Associates Of Central Florida
April 11, 2024
•[ data leak, unauthorized access ]
Orlando practice disclosed network intrusion exposing patient data including identifiers and health information.
Center For Digestive Health
April 11, 2024
•[ data leak ]
Center for Digestive Health disclosed network access and data exfiltration; notices mailed February 2025.
Radiology Associates of Richmond (RAR)
April 10, 2024
•[ data leak ]
RAR disclosed more than 1.4M affected after determining files with PHI/PII were present on systems accessed for several days in April 2024; HHS tracker shows 1,419,091.
The Watergate Hotel
April 6, 2024
•[ data leak ]
An unauthorized actor accessed and exfiltrated data from The Watergate Hotels network beginning April 6, 2024. The compromised information includes names, SSNs, drivers license numbers, and medical and financial data of approximately 2,220 people. No encryption or service disruption reported.
Prosecutor’s Office of the Russian Federation (epp.genproc.gov.ru)
April 6, 2024
•[ hacktivism, data leak, criminal cases ]
The RGB group, self-identifying as a hacktivist collective, also has asserts responsibility for breaching the Prosecutors Office of the Russian Federation (epp.genproc.gov.ru). To substantiate their claim, the group leaked an Excel file containing precisely 100,000 lines of information about criminal cases from 2013.
