Full List

Search

Search Results (ransomware)

• Baltimore City Public Schools February 13, 2025 • [ ransomware, data leak ] The Cloak ransomware group exfiltrated sensitive personal and student data from Baltimore City Public Schools in February 2025. While the attack was ransomware-related, no encryption or service disruption occurred; over 31,000 people were notified of data theft.
• Cistec February 12, 2025 • [ ransomware, healthcare ] Swiss healthcare software vendor reported ransomware; internal systems shut down; rebuilding underway.
• The Lovesac Company February 12, 2025 • [ ransomware, leak, retail ] Lovesac confirmed a data breach after a ransomware site listing; letters say attackers accessed internal systems between Feb 12Mar 3, stole PII, and the firm offered 24 months of credit monitoring; RansomHub claimed the attack and threatened leaks; no encryption/service disruption reported.
• Mobilelink US February 12, 2025 • [ ransomware, data leak, unconfirmed breach ] Cybernews reported that the DragonForce ransomware group claimed Mobilelink USA (a major Cricket Wireless dealer) as a victim and alleged theft of ~5TB of data with a threat to publish it. The report stated the leak-site post did not include proof samples or details of the allegedly stolen data, and Mobilelink had not confirmed the incident at the time of reporting.
• Asus February 12, 2025 • [ ransomware, data leak ] The Everest ransomware group claimed it obtained more than 1TB of ASUS-related data including phone camera source code and other internal materials. ASUS later confirmed that a supplier was hacked and that some ASUS phone camera source code was affected, stating the incident did not impact ASUS products, internal company systems, or user privacy. The report described leaked materials as including camera-related source code, internal patches, test modules, debugging logs, and other development artifacts, with no public indication of customer data exposure in the statement cited.
• Virginia Attorney General’s Office February 11, 2025 • [ data leak, ransomware, cyber intrusion ] In February 2025, the Virginia Attorney Generals Office voluntarily shut down nearly all internal systems after detecting a sophisticated cyber intrusion. The criminal group Cloak later claimed responsibility, asserting it had stolen 134 GB of internal documents and posted samples to its leak site. Officials confirmed system shutdowns for containment but did not verify any file encryption or ransom demand, indicating an exfiltration-only intrusion rather than an active ransomware lockout.
• Black Basta February 11, 2025 • [ ransomware, data leak ] ExploitWhispers leaked internal data from the Black Basta ransomware groups server, exposing details of its operations and communications.
• Pacific Residential Mortgage February 10, 2025 • [ ransomware, data leak ] Pacres reported ransomware that locked systems and exposed consumer information.
• Kewadin Casinos February 10, 2025 • [ ransomware ] Cyber incident forced shutdown of all five Kewadin casinos; phased reopening announced Feb 25Mar 3.
• City of Tarrant February 10, 2025 • [ ransomware, data leak, government ] Ransomware group RansomHub attacked the City of Tarrants computer systems on February 10, 2025, initially disrupting the police department and prompting the city to shut down its networks. Officials restored servers within days, but RansomHub later posted proof-of-theft police files, confirming data exfiltration. Magnitude, duration, and scope remain undetermined.
• Utsunomiya Central Clinic February 10, 2025 • [ ransomware, data leak ] Japanese Cancer Clinic Confirmed Breach As Qilin Claimed Responsibility And Patient Data Theft.
• Sault Ste. Marie Tribe of Chippewa Indians February 9, 2025 • [ ransomware, data leak ] RansomHub executed a ransomware attack on February 9, 2025, affecting six tribal facilities including five Kewadin casinos, the health center complex, and tribal administration systems. The attack encrypted and exfiltrated 119 GB of data, disrupting operations for approximately five days.
• Franklin County Government February 6, 2025 • [ ransomware ] On February 6 2025, Franklin County, Maine, experienced a sophisticated ransomware attack that briefly disrupted county computer systems. Officials confirmed no permanent data loss, no evidence of exfiltration, and rapid restoration using backups within 24 hours. The incident caused minor service delays but did not result in data exposure or financial loss beyond restoration costs.
• MacKay Memorial Hospital February 6, 2025 • [ ransomware, data leak ] Ransomware attack by Chinese actor CrazyHunter encrypted hospital systems and exfiltrated 32.5 GB of patient data; over 500 computers crashed, disrupting clinical services for several days; attacker linked to other Taiwanese targets.
• SimonMed Imaging February 5, 2025 • [ ransomware, data leak, healthcare ] Medusa claimed theft of 212GB of data impacting 1.2M patients after JanuaryFebruary attack window.
• Professional Finance Company February 5, 2025 • [ ransomware, data leak ] A ransomware attack detected February 5 2025 disrupted Professional Finance Companys billing and collection systems and resulted in confirmed theft of patient financial and medical data for roughly 125,000 individuals. The firm disclosed the incident publicly in April 2025 and reported it to HHS as both a ransomware and data-exfiltration event.
• Jefferson School District 251 February 4, 2025 • [ ransomware, data leak ] Ransomware was discovered on Jefferson School Districts computer systems in early February 2025, leading to the cancellation of classes across all 11 schools in the district while networks were rebuilt. About 5,000 student devices were affected, and the FBI and third-party forensic teams were engaged. No evidence of student data theft or exfiltration has been reported.
• Lee Enterprises February 3, 2025 • [ ransomware, data leak ] On February 3, 2025, Lee Enterprises suffered a ransomware attack that encrypted multiple critical applications and exfiltrated files. The Qilin group claimed responsibility, asserting theft of about 350 GB of data. The incident caused partial but significant disruption of operations for roughly one week, affecting printing, billing, and vendor systems. Approximately 39,779 individuals had personal information compromised.
• University of The Bahamas February 2, 2025 • [ ransomware ] The University of The Bahamas suffered a ransomware attack starting on 2025-02-02 that disrupted online systems including email, telephone, and academic platforms while in-person classes persisted. The school serves ~5,000 students across three campuses.
• Pacific Rehabilitation Centers February 1, 2025 • [ ransomware ] Organization reported ransomware on an employee computer; restoration and notifications followed.