Cocospy
February 14, 2025
•[ hack, malware, technology ]
In February 2025, the spyware service Cocospy suffered a data breach along with sibling spyware service, Spyic. The Cocospy breach alone exposed almost 1.8M customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs, and more. The data was provided to HIBP by a source who requested it be attributed to "zathienaephi@proton.me".
Vital Imaging Medical Diagnostic Centers
February 13, 2025
•[ hack, healthcare ]
A hacking incident on 13 Feb 2025 led to unauthorized access to Vital Imagings network, exposing sensitive personal and medical information of approximately 260,000 individuals. Notifications were sent in August 2025, and legal investigations are active.
Oil and gas facility control panels in the U.S.
January 31, 2025
•[ hack, energy ]
Researchers at Cyble identify Sector 16, a new pro-Russian hacktivist group targeting into oil and gas facility control panels in the U.S.
Asheville Eye Associates
January 31, 2025
•[ hack, healthcare ]
Asheville Eye Associates says the personal and medical information of a subset of its patients was compromised as a result of a cybersecurity incident. The DragonForce claims responsibility for the attack, claiming to have stolen hundreds of gigabytes of data.
Delta County Memorial Hospital
January 31, 2025
•[ hack, healthcare ]
Non-profit hospital district Delta County Memorial Hospital informs that threat actors had compromised the personal information of 148,363 people in a May 2024 cyberattack.
Gazprom
January 28, 2025
•[ hack, ddos, energy ]
Ukrainian cyber experts have carried out a DDOS attack on the digital infrastructure of some of the largest Russian energy companies, Gazprom and Gazpromneft. Babel and a number of other media outlets report this , citing a source.
Smiths Group
January 28, 2025
•[ hack, technology ]
London-based engineering giant Smiths Group discloses a security breach after unknown attackers gained access to the company's systems.
Miracle Ear (Health Services LLC)
January 28, 2025
•[ hack, healthcare ]
Unauthorized access from Jan 228, 2025 allowed cybercriminals to view and potentially exfiltrate sensitive personal and health data of at least 13,088 individuals. No service disruption reported and no encryption involved. Regulatory notifications occurred August 12, 2025.
More than 570 computers linked to Mexico's government
January 27, 2025
•[ hack, malware, government ]
Threat actors infect more than 570 computers linked to Mexico's government domain gob.mx with infostealer malware, exposing sensitive data and login credentials.
DeepSeek
January 27, 2025
•[ hack, ddos, technology ]
Chinese AI platform DeepSeek disables registrations on its DeepSeek-V3 chat platform due to an ongoing "large-scale" cyberattack targeting its services.
South African Weather Service (SAWS)
January 27, 2025
•[ hack, government ]
A cyberattack forces the government-run South African Weather Service (SAWS) offline, limiting access to a critical service used by the countrys airlines, farmers and allies.
Maagar-Tec
January 26, 2025
•[ hack, technology ]
The pro-Palestinian group called Handala reportedly breaches emergency systems used in Israeli schools, after compromising Maagar-Tec, and broadcasts rocket sirens and Arabic songs that Israels cyber agency called supportive of terrorism.
Jan Nygaard AS, a major BMW & MINI dealership in Denmark
January 25, 2025
•[ ransomware, hack, malware ]
Den store BMW- og Mini-forhandler Jan Nygaard, der omstter for mere end to milliarder kroner, advarer efter Computerworlds afslring tirsdag morgen sine kunder om, at deres data kan vre blevet stjlet af ransomware-gruppe under hackerangreb for mere end tre uger siden.
Matagorda County
January 24, 2025
•[ hack, malware, government ]
Matagorda County discloses a cyber attack involving a virus that has affected several internal systems.
Phemex
January 23, 2025
•[ financial, hack, finance ]
Singapore-based cryptocurrency platform Phemex is forced to pause some of its operations after a suspected cyberattack led to the theft of more than $85 million in digital coins.
Conduent
January 22, 2025
•[ hack, government ]
American business services and government contractor Conduent confirms that a recent outage resulted from what it described as a "cyber security incident."
Ville de Sierre / Stadt Siders
January 21, 2025
•[ hack, ddos, government ]
In the morning, Schaffhausen energy supplier SH Power also displayed an error message. However, its site was back online before midday. Meanwhile, the websites for the cities of Sierre and Geneva remained inaccessible.
Zürcher Kantonalbank (ZKB)
January 21, 2025
•[ hack, ddos, finance ]
Erneut hat die Hackergruppe NoName aus Russland eine Reihe von Schweizer Websites mit DDoS-Attacken lahmgelegt. Der Zeitpunkt der Angriffe hat wohl vor allem mit der Durchfhrung des WEF zu tun.
Cycle & Carriage Singapore
January 21, 2025
•[ hack, leak, retail ]
Cycle & Carriage Singapore disclosed a data breach in which attackers accessed an application server and exfiltrated ~147,000 customer records. No encryption or disruption of operations was reported.
Unnamed internet service provider (ISP) from Eastern Asia
January 21, 2025
•[ hack, ddos, technology ]
Cloudflare says it detected and blocked a 5.6 Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, the largest ever attack to be reported to date.
