Search Results for "data theft"

Statistics South Africa March 29, 2026 • [ cyber breach, data theft, ransomware ] Stats SA said a cyber breach affected one HR database used for online job applications, while XP95 claimed it stole 453,362 files totaling 154 GB and demanded ransom.

Goodwill of Greater Grand Rapids March 27, 2026 • [ ransomware, extortion, data theft ] Goodwill of Greater Grand Rapids said an attack disrupted part of its network environment and affected store operations, forcing locations across its West Michigan service area to operate on a cash-only basis, while outside reporting tied the incident to an Interlock ransomware extortion claim alleging theft of 80 GB of data.

England Hockey March 12, 2026 • [ ransomware, data leak, extortion ] England Hockey said it is investigating after the AiLock ransomware group listed the organization on its leak site and claimed it stole 129GB of data. England Hockey stated it is working with internal teams and external experts to determine what occurred. Public reporting did not confirm encryption or service disruption; the confirmed effect at reporting time was a data-theft/extortion claim under investigation.

An undislcosed organization March 12, 2026 • [ ransomware, social engineering, data theft ] IBM X-Force described a case where a threat actor remained on a compromised server for more than a week and stole data during an Interlock ransomware intrusion. The attack began with ClickFix social engineering and later deployed a PowerShell backdoor called Slopoly (likely AI-assisted), alongside other components such as NodeSnake and InterlockRAT. The article is a case-study/campaign description and does not name the victim organization or quantify the affected records beyond describing persistence and data theft.

Soreco March 5, 2026 • [ ransomware, data theft, extortion ] Swiss business software provider Soreco confirmed it was hit by a ransomware attack. The Bravox group claimed responsibility on its leak site and asserted it stole roughly 118.2 GB of Soreco data while attempting to extort the company. Soreco told media that operational impact was minimal and that it did not intend to pay the ransom. Public reporting did not specify the intrusion vector, affected systems, or whether any data was published at the time of reporting.

Undisclosed Israeli individual smartphone March 1, 2026 • [ malware, phishing, spyware ] A trojanized fake Red Alert app delivered through spoofed SMS messages targeted Israeli users and, when installed, enabled theft of messages, contacts, location data, and other device information from affected smartphones.

Scholengemeenschap Bonaire (SGB) February 20, 2026 • [ ransomware, phishing, data theft ] Antilliaans Dagblad reported that Scholengemeenschap Bonaire (SGB) was hit by an international ransomware attack, discovered internally after multiple servers failed to start. Europol reportedly informed police about the broader international attack around the same time. Initial analysis indicated one data server used mainly for archive files was infected, and a relatively small portion of data on that server was stolen; investigators were assessing whether the stolen archive files included personal data. SGB said regular education operations were not impacted because key systems ran in a secured cloud environment (including student/admin platforms and Microsoft Office), and it stated usernames/passwords were not stolen. The school reported filing a police report and notifying the BES data protection oversight body, and required staff and students to change passwords and remain vigilant for phishing.

UFP Technologies February 14, 2026 • [ unauthorized access, data theft, operational disruption ] UFP Technologies disclosed that threat actors gained unauthorized access to its IT systems around February 14, 2026, disrupting billing and delivery label generation and resulting in the theft or destruction of company or company-related data.

Figure February 12, 2026 • [ social engineering, data leak, extortion ] Figure Technology Solutions confirmed it suffered a data breach after an employee fell victim to a social engineering attack, with attackers obtaining a limited number of files. SecurityWeek reported that the ShinyHunters group took credit and posted archive files on its leak site; Have I Been Pwned analysis identified roughly 967,000 user records in the leaked data. The exposed information includes names, dates of birth, email addresses, postal addresses, and phone numbers. The reporting frames the incident as data theft/extortion without describing service disruption to Figures lending operations.

Conpet February 4, 2026 • [ cyberattack, ransomware, data breach ] Romanias national oil pipeline operator Conpet said a cyberattack disrupted parts of its technology infrastructure and knocked its website offline earlier in the week, while operational technology systems (including SCADA and telecoms) remained functional and oil transport operations were not affected. Conpet did not confirm a data breach or name the attacker, but the Qilin ransomware group listed Conpet on its leak site and claimed to have stolen nearly one terabyte of data, publishing images of alleged internal documents, financial records, and passport scans. Conpet said it took immediate mitigation steps, worked with national cybersecurity authorities, and filed a criminal complaint.

Veenkoloniaal Museum (Veendam) January 7, 2026 • [ ransomware, unauthorized access, data theft ] The Veenkoloniaal Museum in Veendam experienced a ransomware incident discovered on January 7, 2026, in which the LockBit group gained unauthorized access to systems. Data was stolen and files were rendered inaccessible, affecting digital records and image archives. Individuals whose personal data was involved were notified. The museum restored systems from backups and declined to negotiate with the attackers.

OpenLoop Health January 7, 2026 • [ data leak, unauthorized access, medical information ] OpenLoop Health disclosed that an unauthorized third party accessed certain systems between January 7 and January 8, 2026 and removed files containing patient personal and medical information.

Apex Spine and Neurosurgery December 9, 2025 • [ unauthorized access, malware, ransomware ] An unauthorized actor accessed part of Apex Spine and Neurosurgerys computer network, copied files, and deployed malware that locked files on computer systems. The practice said the incident affected 2,500 individuals.

Valley View ISD November 10, 2025 • [ cybersecurity incident, data theft, ransomware ] Valley View ISD said it was experiencing a cybersecurity incident on November 10, 2025 that affected computer systems and phone lines while instruction continued; later, Inc claimed it stole 68 GB of data and issued a ransom demand.

Undisclosed Ukrainian Regional News outlet November 1, 2025 • [ iPhone hacking, DarkSword, UNC6353 ] The Record reported Lookout researchers attributed an advanced iPhone hacking tool dubbed DarkSword to a likely Russia-linked actor tracked as UNC6353. The campaign has been active since at least late 2025 and continued through March 2026, primarily targeting Ukrainians via watering-hole attacks on compromised Ukrainian websites. Lookout said DarkSword can break into iPhones with little to no user interaction, extract sensitive data within minutes, and then erase traces of intrusion. The article is campaign-level reporting rather than a single named-victim incident, but it describes successful device compromise and data theft capability against targeted Ukrainian users.

Svenska KraftnÃƒÂ¤t October 25, 2025 • [ ransomware, data breach, critical infrastructure ] Swedens national power grid operator Svenska Kraftnt experienced a data breach on October 25, 2025, when ransomware group Everest accessed an external file-transfer system and claimed to have stolen roughly 280 GB of data. Electricity transmission operations were not affected.

Xubuntu October 18, 2025 • [ malware, data theft, supply chain attack ] Pplware reports the official Xubuntu site was briefly compromised; the torrent download link served a ZIP with a Windows EXE that stole sensitive data (e.g., crypto addresses). Xubuntu removed the page and accelerated infra migration; ISO mirrors were unaffected. Financially motivated malware delivery via a trusted brand.

Charlottesville Settlement Company September 1, 2025 • [ data breach, network intrusion, data theft ] WVIR (29News) reported that Charlottesville Settlement Company disclosed a September 2025 data breach that was discovered on March 10, 2026 and communicated to affected individuals in a letter dated March 18. The company said an unknown actor broke into its network and stole customers personal information, impacting 22,041 customers. The firm provides title insurance and settlement services for real estate transactions. The report did not enumerate specific data elements stolen, but stated affected individuals were offered credit monitoring and reimbursement coverage.

Hamilton County SheriffÃ¢â‚¬â„¢s Office April 14, 2025 • [ ransomware, data theft, extortion ] Ransomware attack by the Qilin group encrypted internal systems and took the Hamilton County (Tennessee) Sheriffs Office website offline; attackers demanded $300,000 and claimed data theft, but no exfiltration has been verified; systems fully restored by early May 2025.

Department of Pensions April 2, 2025 • [ ransomware, data theft ] Department reported a ransomware attack first notified to CERT on April 2; officials overhauling systems and advising pensioners, with no detailed disruption reported; treated as data-theft incident pending further specifics.

Search Results (data theft)