TehetségKapu
March 26, 2025
•[ leak, education ]
In March 2025, almost 55k records were breached from the Hungarian education office website TehetsgKapu. The data was subsequently published to a popular hacking forum and included email addresses, names and usernames.
Sansone Group
March 22, 2025
•[ leak ]
A data breach at Sansone Group LLC in late March 2025 exposed sensitive PIIfull names and SSNs of an unknown number of individuals. Notifications were sent on July 21; the state AG was notified on August 21. Levi & Korsinsky LLP is investigating possible legal claims.
Orange Romania
February 24, 2025
•[ financial, hack, leak ]
In February 2025, the Romanian arm of telecommunications company Orange suffered a data breach which was subsequently published to a popular hacking forum. The data included 556k email addresses (of which hundreds of thousands were in the form of [phone number]@as1.romtelecom.net), phone numbers, subscription details, partial credit card data (type, last 4 digits, expiration date and issuing bank). The breach also exposed an extensive number of internal documents.
Goshen Medical Center
February 15, 2025
•[ ransomware, leak, malware ]
BianLian-attributed intrusion at Goshen Medical Center; files accessed on 02/15/2025, detected 03/04/2025; 456,385 affected with PHI/PII including SSNs and DL numbers; listed on BianLians leak site in March; no outage confirmed.
Adpost
February 14, 2025
•[ leak ]
In February 2025, data allegedly obtained from an earlier Adpost breach surfaced. The dataset contained 3.3M records including email addresses, usernames, and display names. Multiple attempts to contact Adpost regarding the incident received no response.
The Lovesac Company
February 12, 2025
•[ ransomware, leak, retail ]
Lovesac confirmed a data breach after a ransomware site listing; letters say attackers accessed internal systems between Feb 12Mar 3, stole PII, and the firm offered 24 months of credit monitoring; RansomHub claimed the attack and threatened leaks; no encryption/service disruption reported.
Baltimore Archdiocese (via Stinson LLP & BRG)
February 1, 2025
•[ leak, finance ]
Protected survivor data exposed from law firm (Stinson LLP) and financial advisor (BRG) systems supporting Archdiocese bankruptcy cases
CenterPoint Energy
January 28, 2025
•[ leak, energy ]
CenterPoint Energy, a large Texas energy company confirms it is investigating reports of stolen customer data that has been published on a cybercriminal forum after it was allegedly taken during the 2023 MOVEit breach.
Doxbin Scrape
January 24, 2025
•[ leak, misconfiguration, technology ]
In January 2025, 435k email addresses were scraped from the "doxing" service Doxbin. Posts to the service are usually intended to disclose the personal information of non-consensually third parties. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
Cycle & Carriage Singapore
January 21, 2025
•[ hack, leak, retail ]
Cycle & Carriage Singapore disclosed a data breach in which attackers accessed an application server and exfiltrated ~147,000 customer records. No encryption or disruption of operations was reported.
Rostelecom
January 21, 2025
•[ leak, technology ]
A major Russian telecommunications provider, Rostelecom, says that it is investigating a suspected cyberattack on one of its contractors after threat actors from Silent Crow claim to have leaked the company's data.
Manpower
January 20, 2025
•[ ransomware, leak, malware ]
Manpower disclosed that a ransomware attack by RansomHub led to the theft of 500GB of files and the exposure of personal data from roughly 140000 individuals. The attackers listed Manpower on their leak site but later removed it, suggesting a ransom settlement.
Northwest Radiologists / Mount Baker Imaging
January 20, 2025
•[ hack, leak, healthcare ]
Northwest Radiologists (Mount Baker Imaging) discovered a network intrusion on January 25, 2025, with malicious activity beginning around January 20 that exposed patient data from its systems. The breach compromised PII/PHIincluding names, contact details, dates of birth, SSNs, drivers license/ID numbers, treatment/diagnosis information, medical record and insurance detailsimpacting about 348,118 Washington residents; no ransomware claim or operational disruption was confirmed.
Otelier
January 17, 2025
•[ leak, misconfiguration, technology ]
Hotel management platform Otelier suffers a data breach after threat actors breached its Amazon S3 cloud storage to stole millions of guests' personal information and reservations for well-known hotel brands like Marriott, Hilton, and Hyatt.
Frame & Optic
January 16, 2025
•[ leak, retail ]
In January 2025, the eyewear seller Frame & Optic suffered a data breach. The incident exposed almost 16k unique email addresses along with names, phone numbers and geolocation data including country, state and postcode. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
FortiGate devices
January 14, 2025
•[ leak, misconfiguration, technology ]
A new group dubbed "Belsen Group" leaks the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices on the dark web in a 1.6 GB archive, allegedly obtained exploiting CVE-2022-40684.
Stealer Logs, Jan 2025
January 13, 2025
•[ leak, malware ]
In January 2025, stealer logs with 71M email addresses were added to HIBP. Consisting of email address, password and the website the credentials were entered against, this breach marks the launch of a new HIBP feature enabling the retrieval of the specific websites the logs were collected against. The incident also resulted in 106M more passwords being added to the Pwned Passwords service.
Wolf Haldenstein Adler Freeman & Herz
January 10, 2025
•[ leak ]
Wolf Haldenstein Adler Freeman & Herz LLP ("Wolf Haldenstein") a U.S. Law Firm, reports it has suffered a data breach that exposed the personal information of nearly 3.5 million individuals to threat actors.
Bank of America
January 10, 2025
•[ leak, finance ]
Bank of America notifies 414 individuals that their names, addresses, phone numbers, passport numbers, Social Security numbers, and their mortgage load numbers might have been compromised in a data breach at an unnamed third-party provider.
United Nations' International Civil Aviation Organization (ICAO)
January 7, 2025
•[ leak, government ]
The United Nations' International Civil Aviation Organization (ICAO) announces it is investigating what it describes as a "reported security incident." 42,000 recruitment application data records are affected.
