Search Results for "ransomware"

Nevada State Government (multiple agencies) August 24, 2025 • [ ransomware, malware, government ] State described a ransomware-based attack discovered Aug 24 that forced two-day office closures and knocked multiple agency websites/phones offline; CIO confirmed some state data was exfiltrated, but nature/volume unknown; no actor has claimed responsibility.

Miljödata (IT supplier for municipalities) August 23, 2025 • [ ransomware, leak, malware ] Suspected ransomware attack against Swedish IT supplier Miljdata disrupted critical services for ~200 municipalities starting August 23, 2025. Systems were encrypted, and attackers threatened to leak stolen personal and medical data unless paid 1.5 BTC.

Welcome Financial Group August 21, 2025 • [ ransomware, finance ] ALPHV/BlackCat claimed responsibility for stealing 1.024 TB of files from Welcome Financial Group, alleging it contained customer data such as names, addresses, and account numbers. The firm countered that only internal documents like meeting records were taken, and that its savings bank unit and customer accounts were not compromised.

Pittsburgh Gastroenterology Associates August 20, 2025 • [ ransomware, malware, healthcare ] On August 20, 2025, the Sinobi ransomware group hacked Pittsburgh Gastroenterologys internal systems, exfiltrating sensitive medical and personal information. The practice is involved in notifications and legal investigations following the breach.

Motility Software Solutions August 19, 2025 • [ ransomware, malware, technology ] Motility Software Solutions detected suspicious activity on Aug 19 2025 and confirmed ransomware deployment and data theft impacting about 760,000 individuals. Stolen data included names, birthdates, drivers license numbers, and SSNs. No threat actor attribution was disclosed.

Middletown, Ohio Municipal Services August 17, 2025 • [ ransomware, malware, government ] Middletown, Ohio suffered a cyberattacklikely ransomwarethat began around Aug 17, 2025. Multiple city service systems remained offline for weeks; some employee information may have been affected (per preliminary findings), but no definitive evidence of data exfiltration. No actor has been identified.

Nissan Creative Box Inc. (Design Studio) August 16, 2025 • [ ransomware, malware, automotive ] Nissan Creative Box, a Tokyo-based Nissan design subsidiary, confirmed unauthorized access on August 16, 2025. Qilin ransomware claimed exfiltration of about 4 TB of sensitive intellectual property and design files, releasing samples as proof and threatening full disclosure. No encryption of systems has been reported.

Data I/O Corporation (electronics manufacturing) August 16, 2025 • [ ransomware, misconfiguration, manufacturing ] Ransomware incident on August 16 due to third-party firewall vulnerability disrupted internal and operational systems. Contained and fully remediated by September 4 with no customer impact or data theft; remediation cost ~$180K against $300K in annual savings. Actor remains unknown.

Hitachi Energy August 15, 2025 • [ ransomware, malware, manufacturing ] Warlock ransomware group claimed responsibility for breaching Hitachi Energy in mid-August 2025, exfiltrating sensitive employee and corporate data and encrypting systems. Disruption lasted several days before partial recovery.

Box Elder County Government (Utah) August 13, 2025 • [ ransomware, malware, government ] Box Elder County was hit by a ransomware attack by the gang Interlock around August 13, 2025. Authorities confirmed the domestic breach disrupted operations; attackers released over 2 million stolen government files including law enforcement records, homicide case details, jail videos, and digital credentials. The FBI, Utah State Bureau of Investigation, and State Cyber Crimes Task Force are investigating.

Colt Technology Services August 12, 2025 • [ ransomware, leak, hack ] On August 12, 2025, Colt Technology Services experienced a cyberattack on internal support systems. The Warlock ransomware group stole and leaked up to 1 million documents, including employee salary information, customer contracts, network designs, and internal emails. Colt reported that customer-facing portals such as Colt Online and Voice API were taken offline proactively as a containment measure, not because of attacker disruption or encryption.

University of St. Thomas (Houston, TX) August 12, 2025 • [ ransomware, malware, education ] On August 12, 2025, the University of St. Thomas in Houston, Texas, detected unauthorized access and voluntarily shut down key systems for nine days. External sources confirmed the INC ransomware gang claimed responsibility, stating they stole 1.8 TB of sensitive university data. University operations including student portals, financial aid, and course scheduling were fully disrupted, though no encryption was reported. Public disclosure followed on August 25, 2025.

Lycoming County Department of Public Safety August 12, 2025 • [ ransomware, government ] Drivers license numbers and other PII were exfiltrated from the Lycoming County Department of Public Safety during a ransomware attack detected on August 12, 2025. Officials confirmed cyber criminals stole data but have not reported any encryption. The number of affected individuals remains undisclosed.

YES24 August 11, 2025 • [ ransomware, malware, retail ] On August 11, 2025, YES24 suffered its second ransomware attack in two months, leading to encrypted systems and major disruption of Koreas largest internet bookstore. The incident disrupted online sales and order processing; the company did not disclose the exact ransomware group or number of customers impacted, but stated operations were severely affected.

Pennsylvania Office of Attorney General August 11, 2025 • [ ransomware, malware, government ] Ransomware attack encrypted and paralysed core systems at the Pennsylvania Office of Attorney Generalincluding archived emails, files, internal case systems, phone lines, and websitecausing full disruption for approximately three weeks. No data exfiltration reported. No identified perpetrator. Attack began August 11, 2025; reported August 29, 2025.

MedicSolution August 9, 2025 • [ ransomware, leak, malware ] KillSec claimed ransomware attack against Brazilian healthcare IT vendor MedicSolution, disrupting operations and threatening a data leak unless negotiations commence; broader impact under investigation.

Inotiv Inc. August 8, 2025 • [ ransomware ] Qilin ransomware gang stole ~176 GB (~162,000 files) of data and encrypted systems. Inotiv confirmed operational disruption and fallback to offline continuity plans.

Beta – Dnevni evropski servis (DES) August 7, 2025 • [ ransomware, malware, technology ] Ransomware attack encrypted systems of Betas specialized European news service (DES), rendering its portal inaccessible. No data exfiltration was reported. Attackers demanded ransom in cryptocurrency; the incident occurred and was disclosed on August 7, 2025.

Spartanburg County August 6, 2025 • [ ransomware, government ] Cyberattack led to disabling of certain online services, including County network connections; emergency services like 911 remained operational; third ransomware event in recent years

Pakistan Petroleum Limited (PPL) August 6, 2025 • [ ransomware, leak, malware ] PPLs servers and backups were encrypted and disabled by Blue Locker ransomware; IT and financial operations were disrupted for days; a ransom note threatened data leaks; NCERT issued high alert advisory to national institutions

Search Results (ransomware)