City of Gloversville (NY)
March 14, 2025
•[ ransomware, data leak ]
City of Gloversville, New York, experienced a ransomware attack discovered on March 14, 2025. The incident encrypted municipal servers and exposed payroll and banking information. Attackers demanded $300,000, and the city paid $150,000 to regain access; no ransomware group has publicly claimed responsibility.
Union County Government
March 13, 2025
•[ ransomware, data leak ]
Ransomware hit Union County Pennsylvania with data theft affecting residents information.
AAylex One
March 13, 2025
•[ ransomware ]
Romanian poultry producer Cocorico operator reported ransomware severely affecting operations.
CareNexa dba Molecular Testing Labs
March 13, 2025
•[ ransomware, third-party ]
MTL disclosed that a data hosting/security vendor suffered a ransomware incident on or about March 13, 2025, potentially affecting information in MTLs possession; investigations and notifications initiated.
Department Of Health Services Yap
March 11, 2025
•[ ransomware ]
Ransomware forced Yap health department to disconnect network and operate manually.
Uncle Henry’s
March 11, 2025
•[ ransomware, data breach ]
On March 11 2025, Maine-based classified ads publisher Uncle Henrys suffered a ransomware-style attack that deleted its primary website database and took the site offline until April 15. Attackers demanded Bitcoin. Management stated only a few advertisement entries were copied and no personal data compromise was confirmed.
Uncle Henry’s
March 11, 2025
•[ ransomware, database deletion, extortion ]
On March 11 2025, Maine-based classified ads publisher Uncle Henrys suffered a ransomware-style attack that deleted its primary website database and took the site offline until April 15. Attackers demanded Bitcoin. Management stated only a few advertisement entries were copied and no personal data compromise was confirmed.
LKQ
March 10, 2025
•[ ransomware, data leak ]
LKQ Corporation confirmed it was impacted by the Oracle E-Business Suite (EBS) hacking campaign after being listed by the Cl0p ransomware group. LKQ told the Maine Attorney General that personal information for more than 9,000 individuals was compromised, and an example notice letter indicated affected data included sole proprietor supplier information such as Employer Identification Numbers and Social Security numbers. According to LKQ, it launched an investigation on October 3, 2025 and completed its analysis of personal information compromise on December 1, 2025.
Tri-Century Eye Care
March 9, 2025
•[ ransomware, data leak ]
Tri-Century Eye Care reported that it identified suspicious activity on September 3, 2025, secured its environment, and later determined on September 19, 2025 that an unknown actor gained unauthorized access to its network and acquired files containing personal and protected health information. The organization stated there was no evidence of access to its current electronic medical records system, but the acquired files may have included patient and employee identifiers (including SSNs and dates of birth) along with medical, insurance, and billing/payment information. Public reporting noted the incident impacts approximately 200,000 individuals and that the Pear ransomware group claimed responsibility and later published files allegedly stolen from Tri-Century.
Mswia Hospital In Krakow
March 9, 2025
•[ ransomware ]
Polish MSWiA hospital reported ransomware attack and activated emergency procedures
Szpital MSWiA (Ministry of Interior Hospital) Kraków
March 8, 2025
•[ ransomware, malware, healthcare ]
Cyberattack on the Ministry of Interior hospital in Krakw encrypted administrative and medical IT systems, fully paralyzing patient care and access to records. Hospital departments began restoring systems by March 11, indicating ~3 days of disruption. No data exfiltration or perpetrator identified.
Szpital MSWiA (Ministry of Interior Hospital) Kraków
March 8, 2025
•[ ransomware, cyberattack, healthcare ]
Cyberattack on the Ministry of Interior hospital in Krakw encrypted administrative and medical IT systems, fully paralyzing patient care and access to records. Hospital departments began restoring systems by March 11, indicating ~3 days of disruption. No data exfiltration or perpetrator identified.
Tata Technologies
March 6, 2025
•[ ransomware, data leak ]
Tata Technologies, a subsidiary of the Indian conglomerate Tata Motors, was struck by the ransomware gang Hunters International, which claims to have exfiltrated around 1.4 terabytes (730,000 + files) of data and is threatening public release unless a ransom is paid. Hackread The company had earlier disclosed a ransomware incident disrupting some IT assets and services, though client-deliveries were reportedly unaffected.
Farmer Bros Co.
March 6, 2025
•[ ransomware, data leak ]
Farmer Bros Co., a Texas-based coffee and foodservice manufacturer, experienced a ransomware attack beginning March 6 2025 that encrypted portions of its administrative network and exposed personal data of 14,460 individuals. FalconFeeds.io reported on June 23 2025 that the Chaos ransomware group claimed responsibility via its leak site; the company has not independently confirmed this attribution.
Penn-Harris-Madison School Corporation
March 3, 2025
•[ ransomware ]
Indiana school district reported ransomware network breach and service interruptions.
Rackray
March 3, 2025
•[ ransomware ]
Lithuanian data center provider suffered ransomware disrupting public cloud services
An Giang Central General Hospital
March 1, 2025
•[ ransomware ]
Hackers encrypted the virtualized server system of An Giang Central General Hospital, halting all operations and forcing a switch to manual recordkeeping; no data exfiltration was reported.
National Presto Industries
March 1, 2025
•[ ransomware, data leak ]
National Presto Industries disclosed a cybersecurity incident on March 6 2025 after the Interlock ransomware group claimed responsibility for an attack on March 1 2025. The company confirmed operational disruptions affecting manufacturing, shipping, and back-office systems. Interlock claimed to have stolen approximately 3 million files across about 450,000 folders from a subsidiary, though the company has not verified the data theft. No encryption has been confirmed in company statements or reporting.
Berkeley Research Group
March 1, 2025
•[ ransomware, data leak ]
BRG suffered a ransomware intrusion detected in March 2025 that led to data theft and encryption activity. Subsequent disclosures and DOJ statements indicate exposure of sensitive information relating to survivors involved in multiple Catholic diocesan bankruptcy cases; the firm engaged external responders and notified affected parties.
Whitman Hospital & Medical Clinics
February 28, 2025
•[ ransomware ]
Hospital Reported Internal Electronic Systems Down Following Cyberattack; Care Continued With Delays.
