East Baton Rouge Sheriff's Office
April 3, 2024
•[ ransomware, malware, government ]
The East Baton Rouge Sheriff's Office is hit with a ransomware attack. The Medusa group claims responsibility.
Unnamed Philippines-based military company
April 3, 2024
•[ espionage, malware, government ]
China-linked APT used EggStreme (fileless, DLL-sideloaded) to persist on hosts at a Philippine military firm; EggStremeAgent backdoor + Keylogger enabled reconnaissance, lateral movement, and data theft; activity observed since early 2024; initial access unknown; attribution to a specific group not made.
Jackson County
April 2, 2024
•[ ransomware, malware, government ]
Jackson County, Missouri, declares a state of emergency and closes key offices indefinitely as it responds to what officials believe is a ransomware attack that has made some of its IT systems inoperable.
MediSecure
April 1, 2024
•[ ransomware, malware, healthcare ]
The e-script provider MediSecure is hit with a ransomware attack. A subsequent analysis reveals that 12.9 million records were affected.
Hoya Corporation
March 31, 2024
•[ ransomware, malware, manufacturing ]
Hoya Corporation, one of the largest global manufacturers of optical products, says a "system failure" caused servers at some of its production plants and business divisions to go offline. The Hunters International ransomware gang claims responsibility for the attack and demands a $10M ransom.
Nottingham Rehab Supplies Healthcare
March 30, 2024
•[ ransomware, leak, malware ]
Multiple UK councils warned that citizens personal data may have been breached following a ransomware attack on a medical equipment supplier Nottingham Rehab Supplies (NRS) Healthcare. RansomHub said it successfully breached the firm on 30 March, stealing hundreds of thousands of sensitive documents.
"More than 600k private documents was downloaded, including: Accounting, HR, Financial reports, Reception, Contracts and much more, the group said on its leak site.
Samsung Germany Customer Tickets
March 30, 2024
•[ leak, malware, technology ]
In March 2025, data from Samsung Germany was compromised in a data breach of their logistics provider, Spectos. Allegedly due to credentials being obtained by malware running on a Spectos employee's machine, the breach included 216k unique email addresses along with names, physical addresses, items purchased from Samsung Germany and related support tickets and shipping tracking numbers.
Omni Hotels & Resorts
March 29, 2024
•[ ransomware, malware ]
Omni Hotels & Resorts confirms that an alleged ransomware attack caused a nationwide IT outage that is still affecting its locations. The Daixin Team ransomware claims responsibility for the attack.
United Nations Development Programme
March 27, 2024
•[ ransomware, malware, government ]
The United Nations Development Programme (UNDP) investigates a cyberattack after threat actors breached its IT systems to steal human resources data. The 8Base ransomware operation claims responsibility for the attack.
Gilmer County
March 26, 2024
•[ ransomware, malware, government ]
The government of Gilmer County in Georgia posts a notice on its website warning that a ransomware attack was affecting its ability to provide services to its more than 30,000 residents.
The Big Issue
March 26, 2024
•[ ransomware, malware, healthcare ]
The Big Issue, a street newspaper in the United Kingdom famed for providing homeless people with a legitimate income by paying them as vendors to distribute the magazine, confirms being impacted by a cyber incident, following the company being listed on the Qilin ransomware gangs darknet extortion site.
City of St. Cloud
March 25, 2024
•[ ransomware, malware, government ]
The city of St. Cloud says it discovered a ransomware attack affecting city services.
Traverse City Area Public Schools
March 22, 2024
•[ ransomware, malware, education ]
The Traverse City Area Public Schools are hit with a Medusa ransomware attack.
Monmouth College
March 22, 2024
•[ ransomware, malware, education ]
Monmouth College discloses a ransomware attack.
Emergency Medical Services Authority
March 22, 2024
•[ leak, malware, healthcare ]
Emergency Medical Services Authority (EMSA) says, it identified suspicious activity in its IT network and is mailing letters to patients whose information may have been involved.
Panera Bread
March 22, 2024
•[ ransomware, malware, retail ]
Panera Bread suffers a ransomware attack.
Medios de Prevención Externos Sur SL
March 22, 2024
•[ ransomware, malware, healthcare ]
Medios de Prevencin Externos Sur SL, a medical company servicing Spain's Guardia Civil, is hit with a LockBit ransomware attack.
City of Jacksonville Beach
March 20, 2024
•[ ransomware, malware, government ]
The City of Jacksonville Beach is hit with a LockBit ransomware attack.
American Renal Associates
March 20, 2024
•[ ransomware, malware, healthcare ]
The American Renal Associates (now known as Innovative Renal Care) is hit with a Medusa ransomware attack.
Tarrant County Appraisal District
March 20, 2024
•[ ransomware, malware, government ]
The Tarrant County Appraisal District suffers a ransomware attack. Approximately two weeks later the Medusa ransomware gang claims responsibility for the attack,
