Full List

Search

Search Results (data leak)

• National Health Service (NHS UK) September 29, 2025 • [ ransomware, data leak ] Cl0p ransomware actors exploited an Oracle E-Business Suite zero-day vulnerability (CVE-2025-61882) as part of a broader campaign and contacted The Washington Post on 29 September 2025 claiming access to its Oracle EBS applications. A Maine Attorney General breach filing and subsequent reporting confirmed that Cl0p exfiltrated Washington Post data and that 9,720 individuals had their personal and financial information exposed, including names, bank account and routing numbers, Social Security numbers and tax IDs. The incident appears to be data-theft-focused with no confirmed operational disruption at the newspaper.
• Richmond Behavioral Health Authority (RBHA) September 29, 2025 • [ ransomware, data leak ] Richmond Behavioral Health Authority (RBHA), a public mental health services provider for the City of Richmond, reported a ransomware attack that began on September 29, 2025 and was identified on September 30, after which RBHA said it removed the attacker from its network. Despite rapid eviction, RBHA disclosed that an unknown actor may have accessed sensitive information including names, Social Security numbers, passport numbers, and financial account and health information. Reporting stated RBHA told U.S. HHS that 113,232 individuals were affected. The Qilin ransomware group later claimed responsibility and published a large dataset allegedly stolen from RBHA, consistent with a double-extortion incident involving both encryption and data exfiltration.
• Avnet September 26, 2025 • [ data leak ] Avnet confirmed unauthorized access to externally hosted database supporting EMEA sales tool; company says most stolen data unreadable without proprietary tool; samples include non-sensitive PII.
• Kido Schools (nursery chain) September 25, 2025 • [ ransomware, data leak ] Hackers calling themselves Radiant stole sensitive child and parent data from Kido Schools, posting victims profiles online to extort a 600,000 ransom; after public backlash they blurred then deleted the leaked material.
• Arizona Federal Public Defender’s Office September 24, 2025 • [ ransomware, data leak ] Ransomware detected Sept 24 2025 crippled Arizonas Federal Public Defender Office, encrypting decades of case files and deleting backups. Investigators suspectbut have not confirmeddata exfiltration. No threat group has claimed responsibility.
• Margaritaville at Sea September 23, 2025 • [ ransomware, data leak ] Margaritaville at Sea reported that on September 23 a ransomware group identified as Lynx infiltrated company systems and exfiltrated sensitive passenger personal data and protected health information; no operational disruption or internal data loss was confirmed.
• Oxford County September 22, 2025 • [ ransomware, data leak ] Oxford County in Ontario, Canada disclosed on 22 September 2025 that it had experienced a cybersecurity incident affecting its information systems. County IT staff detected unexpected activity, contained it, and engaged third-party experts to conduct a forensic investigation while keeping public services operating normally. Subsequent dark-web monitoring and local reporting linked the incident to the BrainCipher ransomware group, which claimed Oxford County as a victim and suggested that personal information on roughly 4,000 current and former employees may have been stolen.
• Vitas Hospice September 21, 2025 • [ data leak, third-party breach, healthcare ] Vitas Hospice Services (Vitas Healthcare) detected a cybersecurity intrusion on 10/24/2025. According to the organizations breach notice and subsequent reporting, the threat actor gained access to certain Vitas systems by using a compromised third-party vendor account. The unauthorized access persisted from approximately 09/21/2025 through 10/27/2025, and the attacker downloaded files containing personal information of current and former patients. Exposed data elements included identifiers (name, address, phone number, date of birth), government identifiers (drivers license number and Social Security number), and protected health information such as medical and insurance details, plus next-of-kin contact information. Government breach tracking and reporting indicated 319,177 individuals were affected. Vitas stated it took steps to secure systems, investigate, and notify impacted individuals, though the specific malware or group responsible was not publicly identified.
• BK Technologies September 20, 2025 • [ data leak ] BK Technologies reported an intrusion on Sept 20; attackers accessed and stole non-public data from compromised systems; company says impact is not material and mostly covered by insurance.
• Thayer Hotel at West Point September 19, 2025 • [ data leak ] On 19 September 2025 the Thayer Hotel at West Point experienced unauthorized access to its computer systems, prompting a forensic investigation and containment measures. The hotel later confirmed that an Undetermined actor accessed systems holding data on roughly 33,053 individuals and that exposed information could include names, dates of birth, postal addresses, Social Security numbers, drivers license and passport numbers, state IDs, email addresses and some medical or financial data for guests and employees. A formal Notice of Data Security Incident dated 31 October 2025 describes the breach, and law firms have begun investigating potential claims while the hotel offers credit monitoring through Kroll.
• Undisclosed Major Technology Firm September 15, 2025 • [ data leak, nation-state, AI-automated attack ] Anthropic reported that GTG-1002, a China-linked nation-state threat actor, conducted an AI-automated intrusion campaign detected in mid-September 2025; one successful breach involved an undisclosed major technology firm where sensitive information was stolen via exploitation of application server infrastructure.
• Undisclosed Financial Institution September 15, 2025 • [ data leak, nation-state, vulnerability exploitation ] Anthropic reported that GTG-1002, a China-linked nation-state threat actor, conducted an AI-automated intrusion campaign detected in mid-September 2025; one successful breach involved an undisclosed financial institution where sensitive information was stolen via exploitation of application server infrastructure.
• Undisclosed Chemical Manufacturer September 15, 2025 • [ data leak, nation-state, AI-automated attack ] Anthropic reported that GTG-1002, a China-linked nation-state threat actor, conducted an AI-automated intrusion campaign detected in mid-September 2025; one successful breach involved an undisclosed chemical manufacturer where sensitive information was stolen via exploitation of application server infrastructure.
• Undisclosed Government Agency September 15, 2025 • [ nation-state, data leak, vulnerability exploit ] Anthropic reported that GTG-1002, a China-linked nation-state threat actor, conducted an AI-automated intrusion campaign detected in mid-September 2025; one successful breach involved an undisclosed government agency where sensitive information was stolen via exploitation of application server infrastructure.
• Wood Personnel Services September 12, 2025 • [ data leak ] Wood Personnel Services reported unauthorized access to certain files on its network discovered in September 2025. The company stated that files containing personal information may have been accessed without authorization and notified affected individuals in December 2025. No operational disruption or data volume was disclosed.
• National Credit Information Center (CIC) September 11, 2025 • [ data leak ] Personal/credit records for citizens and companies held by the State Banks CIC; Vietnams CERT confirmed data theft with scope still being assessed; operations continued without disruption.
• Virginia Urology September 11, 2025 • [ data leak, ransomware ] DataBreaches reported that threat actors calling themselves MS13-089 claimed they hacked Virginia Urology on November 9, 2025 and exfiltrated about 927 GB of data, while stating they did not encrypt systems so as not to harm the patients. The outlet reviewed sample files and described faxed referrals and medical reports whose filenames appeared to include patients names and dates of birth, with additional pages containing extensive protected health information such as insurance and contact details and clinical histories. Virginia Urology had not publicly confirmed the incident or responded to inquiries in the reporting, but the presence of leaked sample data indicates unauthorized access and exfiltration consistent with an exploitive breach.
• WIRED September 8, 2025 • [ data leak ] In December 2025, 2.3M records of WIRED magazine users allegedly obtained from parent company Cond Nast were published online. The most recent data dated back to the previous September and exposed email addresses and display names, as well as, for a small number of users, their name, phone number, date of birth, gender, and geographic location or full physical address. The WIRED data allegedly represents a subset of Cond Nast brands the hacker also claims to have obtained.
• Sun Valley Surgery Center September 3, 2025 • [ data leak ] During a September 3, 2025 incident, an unauthorized third party accessed Sun Valley Surgery Centers information systems; more than 27,000 individuals sensitive personal and protected health information may have been exposed, though the facility reports no confirmed misuse or operational disruption.
• MetroWest Community Federal Credit Union September 3, 2025 • [ ransomware, data leak ] MetroWest Community Federal Credit Union disclosed that unauthorized access to its systems in early September 2025 resulted in the compromise of sensitive member information, with the incident attributed to the Akira cybercriminal group.