Nymburk Hospital
July 8, 2025
•[ ransomware, extortion ]
Czech police investigating a cyberattack on Nymburk Hospital including extortion elements; disruption reported.
Scania AB
May 28, 2025
•[ data leak, extortion ]
Scania confirms insurance claim data breach in extortion attempt
BYOND
May 26, 2025
•[ ddos, extortion ]
BYOND endured a weeks-long DDoS that repeatedly knocked services offline; an extortion note said attacks would stop if BYOND went open-source.
Hamilton County Sheriff’s Office
April 14, 2025
•[ ransomware, data theft, extortion ]
Ransomware attack by the Qilin group encrypted internal systems and took the Hamilton County (Tennessee) Sheriffs Office website offline; attackers demanded $300,000 and claimed data theft, but no exfiltration has been verified; systems fully restored by early May 2025.
Uncle Henry’s
March 11, 2025
•[ ransomware, database deletion, extortion ]
On March 11 2025, Maine-based classified ads publisher Uncle Henrys suffered a ransomware-style attack that deleted its primary website database and took the site offline until April 15. Attackers demanded Bitcoin. Management stated only a few advertisement entries were copied and no personal data compromise was confirmed.
Virginia Attorney General’s Office
February 11, 2025
•[ cyber intrusion, data leak, data exfiltration ]
In February 2025, the Virginia Attorney Generals Office voluntarily shut down nearly all internal systems after detecting a sophisticated cyber intrusion. The criminal group Cloak later claimed responsibility, asserting it had stolen 134 GB of internal documents and posted samples to its leak site. Officials confirmed system shutdowns for containment but did not verify any file encryption or ransom demand, indicating an exfiltration-only intrusion rather than an active ransomware lockout.
Oracle Corporation (legacy cloud environment)
January 22, 2025
•[ data leak, extortion ]
Threat actor rose87168 exploited Oracles legacy Gen 1 Cloud infrastructure, stealing credentials and configuration data from ~140,000 tenants (6 million+ records) and attempting extortion; Oracle privately confirmed breach to customers.
At least one individual in Singapore
January 11, 2025
•[ malware, extortion, data leak ]
Singapore Police warned of a malware-enabled sextortion scam in which victims were lured via social media offers of online sexual services and deceived into downloading a malicious application. Police said the malware enabled scammers to remotely access victims photo galleries and contact lists, and in some cases capture or retrieve compromising content. Attackers then threatened to send the images to the victims contacts unless payments were made. Police reported at least six cases since November 2025 with total losses of at least S$20,000.
Comercializadora S&E Perú
December 29, 2024
•[ data leak, ransomware, cyber attack ]
On December 29 2024, the criminal group Anubis listed the Peruvian engineering and construction company Comercializadora S&E Per on its leak site. KELA verified the listing and SecurityWeek later cited it as part of Anubiss first campaign. The group stole internal and client information; no encryption or operational outage was reported.
Bağcılar Training and Research Hospital
April 12, 2024
•[ cyber attack, medical records, ransomware ]
A cyber attack on the Baclar Training and Research Hospital in Istanbul compromises the confidential medical records, including X-ray scans and test results, taken at the hospital since 2007. It is rumored that the attackers asked for 200,000 dollars in exchange for the medical records.
Lurie Children’s Hospital
January 31, 2024
•[ ransomware, network outage, healthcare ]
Lurie Childrens Hospital suffers a network outage, later confirmed to be a ransomware attack by the Rhysida group demanding a $3.4M ransom.
CalviàCity Council in Majorca
January 13, 2024
•[ ransomware, cyberattack, extortion ]
The Calvi City Council in Majorca announces to be targeted by a ransomware attack, which impacted municipal services. The attackers demand a 10M (approximately $11M) ransom.
AssociaÃÆ'Ã'§ÃÆ'Ã'£o de Advogados de SÃÆ'Ã'£o Paulo (AASP)
February 22, 2023
•[ ransomware, data leak, personal information ]
The Ragnar Locker ransomware gang leaks 200 GB of files from the Associa o de Advogados de S''o Paulo (AASP) plus numerous screenshots with personal information after the association denies it was hacked.
Pop TV
February 8, 2022
•[ financial, extortion, technology ]
Slovenia's top TV channel is hit with a cyberattack interrupting its broadcast capabilities in an apparent extortion attempt.
Fidelity Group (http://www.fidelitygroup.com/)
September 22, 2015
•[ hacking, extortion, data leak ]
A group of hackers that calls itself "Hack for Trump" claims to have hacked the website of Fidelity Group and threaten it would make the stolen data public unless Fidelity pays $30,000.
