Onze-Lieve-Vrouwinstituut Pulhof
February 2, 2026
•[ ransomware, encryption, extortion ]
Belgian media reported that OLV Pulhof in Berchem was hacked and its servers were encrypted, consistent with a ransomware incident. The attackers demanded payment and reportedly threatened to publish personal data of students and staff if the ransom was not paid. In a follow-up, school leadership said they had no information that data had actually been leaked at that time and that they were closely monitoring the situation with responders. The incident primarily produced disruption through system encryption and extortion pressure; confirmed data exposure was not established in the referenced update.
The Connecticut Port Authority
January 22, 2026
•[ Business Email Compromise, Phishing, Financial Fraud ]
Connecticut Port Authority officials reported that a subtle change in an email address used to pay a vendor resulted in a fraudulent party receiving more than $16,000 from the quasi-public agency. The report said $16,666 was stolen and that $14,166 of that amount was recovered through an insurance claim. The incident triggered operational changes including renewed focus on encryption and security practices and recurring cybersecurity training. The article did not provide the precise date of the payment, only that it occurred the prior year relative to the January 22, 2026 report.
Sociedad Hipotecaria Federal
January 21, 2026
•[ ransomware, data leak, encryption ]
Sociedad Hipotecaria Federal was listed by LockBit, which claimed to have stolen 277 GB of data and published it after a ransom deadline expired; reporting also cited encryption of critical systems and operational disruption.
Colorado State Public Defender’s Office
October 3, 2025
•[ ransomware, encryption, operational disruption ]
Ransomware beginning Oct 3 2025 encrypted servers and shared drives at Colorados State Public Defender Office, rendering thousands of case files inaccessible and delaying operations for weeks. No evidence of data theft or leak has been reported.
Arizona Federal Public Defender’s Office
September 24, 2025
•[ ransomware, data exfiltration, backup deletion ]
Ransomware detected Sept 24 2025 crippled Arizonas Federal Public Defender Office, encrypting decades of case files and deleting backups. Investigators suspectbut have not confirmeddata exfiltration. No threat group has claimed responsibility.
Greater Pittsburgh Orthopaedic Associates
August 10, 2025
•[ ransomware, data leak, exfiltration ]
Greater Pittsburgh Orthopaedic Associates identified anomalous network activity on August 10, 2025, and later disclosed that patient data was exposed; RansomHouse claimed it encrypted files and exfiltrated data from the network.
Beta – Dnevni evropski servis (DES)
August 7, 2025
•[ ransomware, cryptocurrency, encryption ]
Ransomware attack encrypted systems of Betas specialized European news service (DES), rendering its portal inaccessible. No data exfiltration was reported. Attackers demanded ransom in cryptocurrency; the incident occurred and was disclosed on August 7, 2025.
Ogeechee Judicial Circuit District Attorney’s Office
June 11, 2025
•[ ransomware, encryption, office closure ]
Ransomware attack on the Ogeechee Judicial Circuit District Attorneys Office in Georgia on June 11, 2025 encrypted internal systems and forced closure of offices for several days; no data theft or leak reported; attacker identity unconfirmed.
Aigües de Mataró
April 21, 2025
•[ ransomware, encryption, service disruption ]
Ransomware encrypted Aiges de Matars corporate servers on April 21 2025, taking the website offline and delaying customer services. The utility reported no evidence of data exfiltration; water service and quality remained unaffected. No actor has claimed responsibility.
Hue Central Hospital – On-Demand and International Treatment Center
January 15, 2025
•[ ransomware, encryption, healthcare ]
In January 2025 the hospital information system of Hue Central Hospitals On-Demand and International Treatment Center was compromised, with around 500 GB of data encrypted and a ransom demanded for decryption; no public evidence of data exfiltration has been reported.
Intendencia de Paysandú
July 24, 2024
•[ ransomware, encryption, government ]
On July 24 2024, the Paysand Department (Uruguay) suffered a ransomware attack that encrypted all servers and backups, paralyzing municipal operations for several days. Hackers demanded about USD 650 000 in bitcoin; AGESICs forensic investigation confirmed no evidence of data exfiltration or intellectual-property theft.
Orthopedic Associates of Dutchess County (OADC)
March 1, 2021
•[ leak, encryption, healthcare ]
Orthopedic Associates of Dutchess County (OADC) discloses to have some data compromised, after detecting suspicious activity involving the encryption and leak.
