Financial Business And Consumer Solutions
February 1, 2024
•[ data leak ]
Debt Collector Updated Affected Count For 2024 Breach To 4,253,394 Individuals.
Schuster Company
January 30, 2024
•[ data leak, personally identifiable information ]
An unauthorized third party gained access to Schuster Companys network between January 2330, 2024 and exfiltrated employee/driver personally identifiable information. The company publicly disclosed the incident on April 4, 2025.
St. Joseph’s College Of Maine
January 24, 2024
•[ data leak, unauthorized access ]
College confirmed unauthorized network access in 20232024; notices sent March 2025.
Thai Public Health Ministry’s Immunization Centre.
January 22, 2024
•[ data leak, hacktivism, personally identifiable information ]
A threat actor named '9Near Hacktivist' claims to leak 55 million records allegedly taken from the Thai Public Health Ministrys Immunization Centre.
Maisons de l’Avenir
January 15, 2024
•[ ransomware, data leak ]
Maisons de lAvenir is added to the LockBit 3.0 ransomware leak site.
TriZetto Provider Solutions,
January 11, 2024
•[ data leak, healthcare ]
TriZetto Provider Solutions, a Cognizant-owned vendor providing revenue management services to healthcare organizations, reported a cybersecurity incident affecting a customer web portal. TriZetto identified suspicious portal activity on 10/02/2025, secured the portal, and engaged Mandiant to investigate and validate remediation. Forensic work determined an unauthorized third party had been accessing historical eligibility transaction reports within TriZetto systems since November 2024, nearly a year before detection. The reports contained protected health information for patients of certain healthcare provider clients. TriZettos review determined compromised data could include patient and primary insured names combined with other personal and insurance information such as addresses, dates of birth, Social Security numbers, member/Medicare numbers, insurer names, and related demographic health and coverage details. TriZetto stated it believed the actor had been eradicated and no further unauthorized portal activity was detected after 10/02/2025; the total number of affected clients/individuals was not yet publicly confirmed.
Trinity Petroleum Management
January 10, 2024
•[ data leak ]
Texas filing indicated unauthorized access exposing names addresses and Social Security numbers.
Undisclosed Fashion Firm Hong Kong
January 10, 2024
•[ data leak ]
Regulator found fashion company at fault over customer data breach handling.
Matadero de Gijón
January 5, 2024
•[ ransomware, data leak ]
The Matadero de Gijn is hit with a RansomHub ransomware attack.
Legacy Professionals LLP
January 4, 2024
•[ data leak, unauthorized access ]
Legacy Professionals LLP, an Illinois-based accounting and audit firm, reported that sensitive personal information in its custody may have been accessed and acquired following suspicious activity detected on its computer network in late April 2024. The firm investigated and determined an unauthorized third party may have viewed and obtained certain information. Legacy then reviewed the affected data to identify impacted individuals, completing its review on 01/06/2025, and began mailing breach notification letters on 02/27/2025. Information potentially exposed was described as varying by individual and included names, Social Security numbers, and financial account numbers. Public filings referenced in reporting suggested Legacy provided affected individuals with credit monitoring services. Specific technical details such as the attack vector, the duration of unauthorized access, and whether data was exfiltrated beyond the identified categories were not publicly disclosed.
Medusind Solutions
December 29, 2023
•[ data leak, healthcare ]
Medusind Solutions, a healthcare billing and revenue cycle management provider, suffered a data breach on December 29, 2023, when unauthorized actors accessed its systems and exfiltrated sensitive patient data. Compromised data included names, addresses, insurance details, and other medical information of patients from multiple provider clients. The company disclosed the breach on January 10, 2024. There was no service disruption reported, but patient data privacy was significantly impacted.
Alpha Omega Winery, LLC
December 27, 2023
•[ ransomware, data leak ]
Alpha Omega Winery in Napa County, California experienced a data-focused cyber incident on or about December 2728, 2023 involving unauthorized access to systems containing sensitive personal and medical information; although the organization described the event as ransomware, no encryption, extortion, or operational disruption was confirmed, and affected individuals were notified in November 2025.
Brown Paindiris & Scott LLP
November 9, 2023
•[ data leak ]
The Connecticut law firm Brown Paindiris & Scott disclosed a November 79, 2023 network intrusion that exposed client PII/PHI; notifications to affected individuals began in March 2025 and litigation followed.
Chess
November 8, 2023
•[ data leak, scraping, user records ]
In November 2023, over 800k user records were scraped from the Chess website and posted to a popular hacking forum. The data included email address, name, username and the geographic location of the user. A further 446k scraped records were later provided and added to HIBP.
Hospital Español Auxilio Mutuo (Hospital Auxilio Mutuo)
September 24, 2023
•[ network incident, healthcare, patient data breach ]
Hospital Espaol Auxilio Mutuo (Hospital Auxilio Mutuo) in Puerto Rico notifies of a network incident affecting 500 patients.
Araújo e Policastro Advogados
September 18, 2023
•[ ransomware, data leak ]
The 8BASE ransomware gang lists the Brazilian law firm Arajo e Policastro Advogados among their victims.
OCH Regional Medical Center
September 6, 2023
•[ data leak ]
OCH data breach exposed 67K patient files
MinnesotaWorks.net
September 6, 2023
•[ unauthorized access, data leak, insider threat ]
The Department of Employment and Economic Development (DEED) in Minnesota notifies jobseekers of a data breach involving unauthorized access to their personal information at the MinnesotaWorks.net platform, after a person claiming to be an employee allegedly, viewed and copied user resume information without authorization.
Eisner Advisory Group LLC
September 4, 2023
•[ data leak ]
Between September 4 and 9 2023, an unauthorized actor accessed and acquired files from Eisner Advisory Groups network. A forensic review completed February 2025 determined the data contained sensitive personal information. Notification letters were mailed beginning April 8 2025.
