Port of Rijeka
November 30, 2024
•[ ransomware, financial, leak ]
The 8Base ransomware group hits Croatias Port of Rijeka, stealing sensitive data, including contracts and accounting info.
Krispy Kreme
November 29, 2024
•[ ransomware, malware, retail ]
US doughnut chain Krispy Kreme reveals it suffered a cyberattack in November that impacted portions of its business operations, including placing online orders. The Play ransomware gang claims responsibility for the attack.
Kurita America
November 29, 2024
•[ ransomware, malware, manufacturing ]
The U.S. subsidiary of Kurita Water, a Japanese water treatment company says ransomware actors have stolen data from systems and encrypted some servers.
Bologna Football Club 1909
November 29, 2024
•[ ransomware, leak ]
Bologna Football Club 1909 confirms it suffered a ransomware attack after its stolen data is leaked online by the RansomHub extortion group.
Stoli Group USA
November 29, 2024
•[ ransomware, malware, manufacturing ]
Stoli Group's U.S. companies file for bankruptcy following an August ransomware attack and Russian authorities seizing the company's remaining distilleries in the country.
Alder Hey Children’s Hospital
November 28, 2024
•[ ransomware, malware, healthcare ]
Alder Hey Childrens Hospital says it is investigating claims that its systems may have been breached and that patient records and other information was stolen, after the ransomware group INC Ransom adds Alder Hey to its leak site.
Refinadora Costarricense de Petróleo
November 27, 2024
•[ ransomware, malware, energy ]
Refinadora Costarricense de Petrleo (RECOPE), the state-owned energy provider for Costa Rica is hit with a ransomware attack, requiring the company to shift to manual operations and call in help from abroad.
City of Hoboken
November 27, 2024
•[ ransomware, malware, government ]
The city of Hoboken shuts down its government offices after an early morning ransomware attack caused widespread issues.
Fourlis Group (IKEA franchise operator)
November 27, 2024
•[ ransomware, data leak ]
A ransomware attack on November 27 2024 disrupted Fourlis Groups IT infrastructure supporting IKEA operations in Greece and other regional markets. The company reported that forensic investigators did not prove the leakage of personal data, confirming no verified exfiltration. The attack caused significant operational disruption, with reported recovery costs of approximately 20 million ( US $23 million) but no ransom payment.
Douglasville-Douglas County Water & Sewer Authority
November 26, 2024
•[ ransomware, data leak ]
The DouglasvilleDouglas County Water & Sewer Authority was targeted by the Lynx ransomware group on November 26 2024. Attackers claimed responsibility on a leak site on January 14 2025, later removed. The authority rebuilt and restored its systems with minimal data loss and reported no evidence of customer or employee data theft. Data exfiltration remains unconfirmed.
ENGlobal Corporation
November 25, 2024
•[ ransomware, malware, energy ]
ENGlobal Corporation, a major contractor for the energy industry confirms in a notice to regulators that it is dealing with a ransomware attack that has hindered operations.
Artivion
November 21, 2024
•[ ransomware, malware, manufacturing ]
Artivion, a leading manufacturer of heart surgery medical devices, discloses q ransomware attack that disrupted its operations and forced it to take some systems offline.
Blue Yonder
November 21, 2024
•[ ransomware, malware, technology ]
Supply chain management firm Blue Yonder warns that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK.
Mexico Legal Affairs Office
November 20, 2024
•[ ransomware, malware, government ]
Mexicos president Claudia Sheinbaum says that the government is investigating an alleged ransomware hack of her administrations legal affairs office after what appeared to be samples of personal information from a database of government employees were posted online.
Minneapolis Park and Recreation Board
November 20, 2024
•[ ransomware, malware, government ]
The RansomHub operation takes credit for a damaging attack on the Minneapolis Park and Recreation Board.
35 organizations worldwide
November 18, 2024
•[ ransomware, malware ]
The Akira ransomware-as-a-service gang publishes a record number (35) of new victims to its darknet leak site in a single day.
American Associated Pharmacies
November 18, 2024
•[ ransomware, malware, retail ]
Ransomware group Embargo threatens to publish nearly 1.5 terabytes of data allegedly stolen in an attack on American Associated Pharmacies, a collaborative of 2,000 independent pharmacies.
Laborers’ International Union of North America (LIUNA) Local 1184
November 17, 2024
•[ ransomware ]
On March 31, 2025, Laborers International Union of North America Local 1184 (LiUNA) filed a notice of data breach with the Attorney General of California after discovering that the organization was the target of a November 2024 ransomware attack.
Pound Road Medical Centre
November 13, 2024
•[ ransomware, data leak ]
On November 13, 2024, PRMC reported a cyber incident and later Anubis publicly claimed it as a victim, alleging patient data may have been accessed and taken. No public confirmation of encryption or operational disruption was made.
Hungary Defense Procurement Agency
November 8, 2024
•[ ransomware, malware, government ]
Hungarian officials confirm to local media that the countrys defense procurement agency (VB) was attacked by an international group of hackers. The INC Ransom group claims responsibility for the attack.
