Search Results for "ransomware"

City of Abilene April 18, 2025 • [ ransomware, data leak ] On April 18 2025, the City of Abilene, Texas, detected unresponsive servers and shut down affected systems. Reports state certain systems were taken offline and none of the card systems at government offices were working; emergency services remained up and running. The Qilin ransomware group later claimed responsibility; roughly 477 GB of data were reported stolen and some data encrypted/deleted.

Pierce County Library System April 15, 2025 • [ ransomware, data leak, service disruption ] The Record reported that the Pierce County Library System discovered a cybersecurity incident on April 21, 2025 that forced it to shut down all systems, with an investigation later finding attackers had access between April 15 and April 21. By May 12, the library confirmed hackers breached systems and stole information on both patrons and current/former employees, and later breach notifications indicated more than 340,000 people were impacted. The report stated the INC ransomware gang claimed the attack in May, and the combination of service shutdown and confirmed data theft supports a mixed event involving disruption and data compromise.

Hamilton County Sheriff’s Office April 14, 2025 • [ ransomware, data leak ] Ransomware attack by the Qilin group encrypted internal systems and took the Hamilton County (Tennessee) Sheriffs Office website offline; attackers demanded $300,000 and claimed data theft, but no exfiltration has been verified; systems fully restored by early May 2025.

CMC Corporation April 12, 2025 • [ ransomware, data leak ] Ransomware group Crypto24 carried out a double-extortion attack against Vietnam-based CMC Corporation on April 12, 2025, exfiltrating roughly 2 TB of internal data and encrypting subsidiary servers for less than one day.

DaVita Inc. April 12, 2025 • [ ransomware, data leak ] On April 12, 2025, DaVita reported a ransomware incident that encrypted elements of its network and disrupted some operations. Subsequent disclosures confirmed theft of personal and medical information impacting over one million individuals.

SK Group (SK Inc.) April 10, 2025 • [ ransomware, data leak ] Qilin listed sk.com on its leak site on April 10 2025, claiming it stole approximately 1 TB of SK Group corporate data. SK has not publicly confirmed the breach or the claimed data volume, and no encryption or operational disruption has been reported.

3P Corporation Pty Ltd April 10, 2025 • [ ransomware, data leak ] Melbourne-based financial and tax advisory firm 3P Corporation was listed by the Space Bears ransomware group on Apr 10 2025, which claimed to have stolen ~213 GB of corporate and client data; no encryption or service disruption confirmed; breach publicly reported Jun 2 2025.

Fall River Public Schools April 7, 2025 • [ ransomware, data leak ] Fall River Public Schools, Massachusetts, suffered a ransomware attack by the Medusa group that encrypted internal systems and disrupted district operations for several weeks. Attackers demanded $400,000 and claimed to have exfiltrated sensitive data, though the district has not verified theft. Recovery costs exceeded $130,000.

Toppan Next Tech April 7, 2025 • [ ransomware, data leak, third-party breach ] A ransomware attack on DBS Bank's third-party printing vendor Toppan Next Tech in Singapore led to the potential exposure of around 8,200 DBS customer statements and related letters, mostly for DBS Vickers trading and Cashline loan accounts. The attacker compromised Toppan's systems, leaving encrypted statement files potentially accessible, but DBS' own banking infrastructure and customer funds remained unaffected. Exposed data in the printed correspondence includes customers' names, mailing addresses and details of equity holdings or loan accounts, while passwords, government ID numbers and balances were not part of the leak. Authorities and cybersecurity agencies are assisting the investigation as DBS halts work with the vendor and notifies affected customers.

Everest Ransomware Leak Site April 6, 2025 • [ ransomware, website defacement, hacktivism ] The Everest ransomware groups dark web leak site was defaced on April 6 2025 by an unidentified anti-ransomware actor who replaced its content with the message Dont do crime. CRIME IS BAD. xoxo from Prague. Following the defacement, the Everest operators took the site offline. No data theft or encryption occurred.

Department of Pensions April 2, 2025 • [ ransomware, data theft ] Department reported a ransomware attack first notified to CERT on April 2; officials overhauling systems and advising pensioners, with no detailed disruption reported; treated as data-theft incident pending further specifics.

Oregon Department of Environmental Quality (DEQ) April 1, 2025 • [ ransomware, data leak ] On April 1 2025, the Oregon Department of Environmental Quality experienced a ransomware attack attributed to the Rhysida group. The incident encrypted internal servers and disabled key systems, including statewide vehicle inspection services, email, web portals, and internal databases. Rhysida claimed to have exfiltrated over 1 million files and demanded a $2.5 million ransom, though DEQ has not confirmed data theft.

DuPage County Government (Justice Systems) April 1, 2025 • [ ransomware, data leak ] Cyberattack on DuPage County, Illinois in early April 2025 encrypted servers supporting court, probation, and clerk operations, forcing justice-system portals offline for several days. Officials confirmed encryption but found no evidence of data theft or leak as of April 10 2025.

Bulgaria’s Permanent Representation to NATO April 1, 2025 • [ ransomware ] Novinite/BNR reported MP claims of an April ransomware incident at Bulgarias NATO mission.

Cincinnati Pain Physicians March 31, 2025 • [ ransomware ] Ransomware hit Blue Ash clinic; systems locked and records rebuilt manually.

Assa Abloy March 31, 2025 • [ ransomware ] Swedish lock manufacturer reported ransomware affecting operations; investigation and recovery ongoing.

Sam’s Club March 28, 2025 • [ ransomware, data leak ] Sams Club, a U.S. warehouse retail chain owned by Walmart Inc., is investigating claims by the ransomware group Clop that it breached the companys systems. Clop added Sams Club to its dark-web leak site but so far has not provided any proof of data exfiltration. Sams Club acknowledged awareness of the potential incident and emphasized protecting member information is a priority while its internal investigation continues.

Sensata Technologies March 28, 2025 • [ ransomware, data leak ] A ransomware attack between March 28 and April 6 2025 disrupted Sensata Technologies manufacturing, shipping, and support operations worldwide. The company confirmed that threat actors viewed and obtained internal files containing employee and personal data, including names, addresses, Social Security numbers, and financial and health information. Regulatory filings indicate at least 362 affected individuals (Maine AG notice). No ransomware group has claimed responsibility.

Lower Sioux Indian Community (Jackpot Junction Casino Hotel) March 27, 2025 • [ ransomware ] RansomHub ransomware encrypted internal systems belonging to the autonomous Lower Sioux Indian Community in the State of Minnesota, disrupting operations at the Jackpot Junction Casino Hotel, tribal health center, and government offices. Systems were taken offline for containment, affecting slot machines, kiosks, phones, and reservation functions. No confirmed data exfiltration was reported; encryption was the cause of the outage.

Holt Group March 27, 2025 • [ ransomware, data leak, legal action ] Holt Group breach tied to Cactus with large data leak; suit filed.

Search Results (ransomware)