Operation PAR, Inc.
June 10, 2025
•[ ransomware, leak, healthcare ]
On June 10, 2025, Operation PAR, Inc., a Florida nonprofit providing addiction and mental health services, was hit by the Worldleaks ransomware group. The attacker exfiltrated around 485 GB of datanearly 900,000 files containing sensitive PII and PHIand later posted it on a dark-web leak site. No encryption or service disruption was confirmed.
Dairy Farmers of America
June 10, 2025
•[ ransomware, data leak ]
Ransomware hit multiple plants; data exfiltrated and 4,546 notified per filings
Asefa Seguros
June 9, 2025
•[ ransomware, data leak ]
The Spanish subsidiary of a French insurance group (Asefa Seguros) confirmed a cyberattack after the Qilin ransomware gang claimed to have stolen about 210 GB of internal corporate and client data, including passports and an insurance plan for FC Barcelonas Camp Nou stadium.
Erie Insurance
June 7, 2025
•[ data leak, ransomware ]
Erie Insurance detected unauthorized network activity on June 7 2025, prompting containment measures and temporary isolation of systems. The insurer reported the incident to regulators and stated there was no evidence of ransomware or confirmed data theft, though review of potential personal-information exposure remained ongoing.
DealMed Medical Supplies LLC
June 7, 2025
•[ ransomware, data leak ]
DealMed Medical Supplies LLC reported that an unauthorized party accessed its network on or around June 7, 2025, viewing or obtaining files containing protected health information, including names and Social Security numbers. DealMed confirmed the exposure on October 31, 2025. The DragonForce ransomware group listed DealMed on its leak site and claimed to have exfiltrated nearly 106 GB of data. Notification letters have been issued to affected individuals.
Belize High Court Registry
June 6, 2025
•[ ransomware ]
In early June 2025, Belizes High Court Registry suffered a suspected ransomware incident that fully disabled its digital filing and record-keeping systems for approximately 34 days. Several servers were taken offline, forcing manual operations and halting court filings nationwide. Officials reported no evidence of data theft and have not identified the attacker.
Lexington-Richland School District 5
June 5, 2025
•[ ransomware, phishing, education ]
On June 3, 2025, Lexington-Richland School District 5 detected a network intrusion following a phishing email that disrupted systems, delayed summer school and staff bonuses. Over 1.03 TB of data has been confirmed under review. Though Interlock claimed responsibility, this is unverified. The district refused ransom demands and is offering credit monitoring to affected individuals.
United Natural Foods, Inc. (UNFI)
June 5, 2025
•[ ransomware ]
UNFI detected unauthorized activity in its IT systems on June 5 2025, believed to involve a financially motivated criminal intrusion that disrupted electronic ordering and product distribution to thousands of retail clients. The outage caused an estimated $350$400 million in lost sales before core systems were restored on June 26 2025; no data theft has been confirmed.
Highlands Oncology Group
June 2, 2025
•[ ransomware, healthcare ]
Highlands Oncology Group notifies 113,575 people after ransomware attack by Medusa
Ingonyama Trust Board
June 1, 2025
•[ ransomware, malware, government ]
On June 1, 2025, the NightSpire ransomware group attacked the Ingonyama Trust Board in South Africa, stealing around 30 GB of potentially sensitive organizational data. Reports confirm exfiltration but no encryption or disruption of systems. The incident became public on August 29, 2025.
American Hospital Dubai
June 1, 2025
•[ ransomware, data leak ]
Ransomware group Gunra claimed on June 1 2025 to have breached AHDs Cerner Millennium EHR and exfiltrated a multi-terabyte dataset; figures include a claimed 450M records and 4,589,196 patients; no independent confirmation of volume or encryption.
City of Durant
June 1, 2025
•[ ransomware, data leak ]
City of Durant experienced a cyber intrusion on June 1 2025 attributed to INC
Ordine degli Psicologi della Lombardia
May 30, 2025
•[ ransomware, data breach ]
Italys data protection authority fined the Lombardy Psychologists Order 30,000 following a data breach; the Order states the incident traces to a serious ransomware attack in 2023, with no operational details disclosed in the article.
Lorain County Government
May 30, 2025
•[ government, ransomware ]
Lorain County, Ohio detected a network security incident on May 30 2025 that forced courts and several county departments offline; officials reported no evidence of data theft or encryption, and investigations remain ongoing.
West Texas Oral Facial Surgery
May 29, 2025
•[ hack, ransomware, leak ]
West Texas Oral Facial Surgery suffered a cyberattack beginning May 29, 2025, when INC RANSOM gained unauthorized access to its systems. Patient files including names, imaging data, and treatment reasons were exfiltrated, but no encryption of systems was reported. SSNs, financial information, and the electronic medical records system were not affected. The breach impacted over 11,000 individuals and was reported to HHS-OCR on August 2 and to the Texas Attorney General on August 4.
The Salvation Army
May 29, 2025
•[ ransomware, data leak ]
Media cite Chaos ransomware listing The Salvation Army and claim of data exfiltration, but no verified confirmation from the organization at time of reporting.
Victoria's Secret
May 29, 2025
•[ ransomware ]
Victoria's Secret took down its website and limited some store services as part of response to a security incident; recovery in progress at time of report.
Legal Practice Board of Western Australia
May 28, 2025
•[ ransomware, data leak ]
The regulator confirmed a ransomware attack; threat actors claimed 300 GB exfiltration. The Board took some systems offline, investigated with external experts, and notified affected parties.
Payne County Sheriff’s Office
May 28, 2025
•[ ransomware ]
The Payne County Sheriffs Office in Oklahoma suffered a ransomware attack attributed to the SafePay group.
Payne County Sheriff’s Office
May 28, 2025
•[ ransomware ]
The Payne County Sheriffs Office in Oklahoma suffered a ransomware attack attributed to the SafePay group.
