WideOpenWest (Wow!)
March 26, 2025
•[ ransomware, data leak ]
Arkana security claims ransomware attack on wow with data theft.
National Faster Payments System (Sbp)
March 26, 2025
•[ ransomware, denial of service ]
A large-scale hacker attack has hit Lukoil and its Faster Payment System. Users are complaining that they can't transfer money, and Lukoil employees have been unable to access their work computers since early morning.
Cobb County Government
March 22, 2025
•[ ransomware ]
Cobb County took servers offline after breach; online systems restored after several days.
Soco System
March 21, 2025
•[ ransomware ]
Danish production firm reported ransomware linked to a Russian gang
Office of the State’s Attorney for Baltimore City
March 19, 2025
•[ ransomware, data leak ]
Following a March 2025 intrusion, the Kairos ransomware group stole internal legal and police records from the Baltimore City States Attorneys Office and later published portions online; the office reported no service disruption but confirmed investigation of unauthorized access.
Atchison County Government
March 18, 2025
•[ ransomware ]
Multiple us municipalities reported outages; Atchison County closed offices due to cyber incident.
Harcourts Prime Properties
March 18, 2025
•[ ransomware, data leak ]
Unauthorized access to Harcourts Prime Properties internal systems followed by ransom demand; investigation ongoing; no confirmed data volume or encryption reported.
Virgin Islands Lottery
March 17, 2025
•[ ransomware ]
Ransomware attack discovered March 17 2025 encrypted the Virgin Islands Lotterys servers, phones, and software, halting operations across both districts. Attackers demanded a $1 million ransom, which was not paid. Systems were rebuilt from backups and restored by May 31 2025. No confirmed data theft or group attribution publicly reported.
Ascom
March 16, 2025
•[ ransomware, data leak ]
Hellcat claims theft from ascom; company confirms ticketing system incident.
Water & Sewerage Corporation
March 15, 2025
•[ ransomware, data leak ]
In mid-March 2025, the Water & Sewerage Corporation of the Bahamas experienced a ransomware attack targeting internal data systems. The utility confirmed unauthorized access but stated there was no evidence of customer data access or theft. While no encryption or operational outage has been verified, remediation efforts were ongoing as of April 2025.
NASCAR
March 15, 2025
•[ ransomware, data leak ]
NASCAR confirmed a ransomware breach of internal systems in March 2025 attributed to Medusa; ~1 TB of sensitive data stolen with $4M ransom demand; notifications and protections offered.
City of Gloversville (NY)
March 14, 2025
•[ ransomware, data leak ]
City of Gloversville, New York, experienced a ransomware attack discovered on March 14, 2025. The incident encrypted municipal servers and exposed payroll and banking information. Attackers demanded $300,000, and the city paid $150,000 to regain access; no ransomware group has publicly claimed responsibility.
Union County Government
March 13, 2025
•[ ransomware, data leak ]
Ransomware hit Union County Pennsylvania with data theft affecting residents information.
AAylex One
March 13, 2025
•[ ransomware ]
Romanian poultry producer Cocorico operator reported ransomware severely affecting operations.
CareNexa dba Molecular Testing Labs
March 13, 2025
•[ ransomware, third-party ]
MTL disclosed that a data hosting/security vendor suffered a ransomware incident on or about March 13, 2025, potentially affecting information in MTLs possession; investigations and notifications initiated.
Department Of Health Services Yap
March 11, 2025
•[ ransomware ]
Ransomware forced Yap health department to disconnect network and operate manually.
Uncle Henry’s
March 11, 2025
•[ ransomware, data breach ]
On March 11 2025, Maine-based classified ads publisher Uncle Henrys suffered a ransomware-style attack that deleted its primary website database and took the site offline until April 15. Attackers demanded Bitcoin. Management stated only a few advertisement entries were copied and no personal data compromise was confirmed.
LKQ
March 10, 2025
•[ ransomware, data leak ]
LKQ Corporation confirmed it was impacted by the Oracle E-Business Suite (EBS) hacking campaign after being listed by the Cl0p ransomware group. LKQ told the Maine Attorney General that personal information for more than 9,000 individuals was compromised, and an example notice letter indicated affected data included sole proprietor supplier information such as Employer Identification Numbers and Social Security numbers. According to LKQ, it launched an investigation on October 3, 2025 and completed its analysis of personal information compromise on December 1, 2025.
Mswia Hospital In Krakow
March 9, 2025
•[ ransomware ]
Polish MSWiA hospital reported ransomware attack and activated emergency procedures
Tri-Century Eye Care
March 9, 2025
•[ ransomware, data leak ]
Tri-Century Eye Care reported that it identified suspicious activity on September 3, 2025, secured its environment, and later determined on September 19, 2025 that an unknown actor gained unauthorized access to its network and acquired files containing personal and protected health information. The organization stated there was no evidence of access to its current electronic medical records system, but the acquired files may have included patient and employee identifiers (including SSNs and dates of birth) along with medical, insurance, and billing/payment information. Public reporting noted the incident impacts approximately 200,000 individuals and that the Pear ransomware group claimed responsibility and later published files allegedly stolen from Tri-Century.
