Search Results for "ransomware"

Anchorage Neighborhood Health Cente August 22, 2025 • [ ransomware, data leak ] Anchorage Neighborhood Health Center disclosed that an unauthorized third party gained access to certain systems and that sensitive personal information and protected health information may have been exposed, including identifiers (such as Social Security numbers and state ID numbers) and medical/insurance information. Reporting around the incident also described operational impacts at the clinic, including phone lines being down and appointment scheduling disruptions for more than a week in late August 2025. The organization filed a public notice and began sending notification letters to impacted individuals on November 19, 2025.

Welcome Financial Group August 21, 2025 • [ ransomware, finance ] ALPHV/BlackCat claimed responsibility for stealing 1.024 TB of files from Welcome Financial Group, alleging it contained customer data such as names, addresses, and account numbers. The firm countered that only internal documents like meeting records were taken, and that its savings bank unit and customer accounts were not compromised.

Pittsburgh Gastroenterology Associates August 20, 2025 • [ ransomware, malware, healthcare ] On August 20, 2025, the Sinobi ransomware group hacked Pittsburgh Gastroenterologys internal systems, exfiltrating sensitive medical and personal information. The practice is involved in notifications and legal investigations following the breach.

Pittsburgh Gastroenterology Associates August 20, 2025 • [ ransomware, data leak ] A ransomware group known as Sinobi claimed on August 20, 2025, to have obtained data belonging to Pittsburgh Gastroenterology Associates. Reports indicate approximately 198GB of patient data were exfiltrated following unauthorized access to internal systems. The organization reported no service disruption or encryption, confirming only exfiltration of stored patient files.

Motility Software Solutions August 19, 2025 • [ ransomware, malware, technology ] Motility Software Solutions detected suspicious activity on Aug 19 2025 and confirmed ransomware deployment and data theft impacting about 760,000 individuals. Stolen data included names, birthdates, drivers license numbers, and SSNs. No threat actor attribution was disclosed.

Middletown, Ohio Municipal Services August 17, 2025 • [ ransomware, malware, government ] Middletown, Ohio suffered a cyberattacklikely ransomwarethat began around Aug 17, 2025. Multiple city service systems remained offline for weeks; some employee information may have been affected (per preliminary findings), but no definitive evidence of data exfiltration. No actor has been identified.

Butler County August 17, 2025 • [ ransomware, data leak ] A cyberattack disrupted Middletown city services on or about Aug. 17, 2025. City staff reported email accounts were offline for weeks (some gradually restored), main phone lines remained down, and key functions such as generating new utility bills and accessing utility/tax account information were unavailable. Online public/police record requests and background checks were paused, and the city relied on backup processes while working with third-party specialists to investigate and restore systems. Preliminary findings indicated some city employee information may have been affected, but the investigation had not determined what personal information (if any) was impacted.

Nissan Creative Box Inc. (Design Studio) August 16, 2025 • [ ransomware, malware, automotive ] Nissan Creative Box, a Tokyo-based Nissan design subsidiary, confirmed unauthorized access on August 16, 2025. Qilin ransomware claimed exfiltration of about 4 TB of sensitive intellectual property and design files, releasing samples as proof and threatening full disclosure. No encryption of systems has been reported.

Data I/O Corporation (electronics manufacturing) August 16, 2025 • [ ransomware, misconfiguration, manufacturing ] Ransomware incident on August 16 due to third-party firewall vulnerability disrupted internal and operational systems. Contained and fully remediated by September 4 with no customer impact or data theft; remediation cost ~$180K against $300K in annual savings. Actor remains unknown.

Hitachi Energy August 15, 2025 • [ ransomware, malware, manufacturing ] Warlock ransomware group claimed responsibility for breaching Hitachi Energy in mid-August 2025, exfiltrating sensitive employee and corporate data and encrypting systems. Disruption lasted several days before partial recovery.

Marquis Software Solutions August 14, 2025 • [ ransomware, data leak ] Marquis Software Solutions detected suspicious activity on Aug. 14, 2025 and determined it was the victim of a ransomware attack. An unauthorized party accessed Marquis network via a SonicWall firewall and may have acquired files from Marquis systems. Marquis stated the incident was limited to its environment (customers internal banking systems were not impacted) and that it had no evidence of misuse at the time of the notice. The potentially affected personal information for Maine residents includes names, addresses, phone numbers, Social Security numbers/TINs, dates of birth, and financial account information without security/access codes.

Box Elder County Government (Utah) August 13, 2025 • [ ransomware, malware, government ] Box Elder County was hit by a ransomware attack by the gang Interlock around August 13, 2025. Authorities confirmed the domestic breach disrupted operations; attackers released over 2 million stolen government files including law enforcement records, homicide case details, jail videos, and digital credentials. The FBI, Utah State Bureau of Investigation, and State Cyber Crimes Task Force are investigating.

Colt Technology Services August 12, 2025 • [ ransomware, leak, hack ] On August 12, 2025, Colt Technology Services experienced a cyberattack on internal support systems. The Warlock ransomware group stole and leaked up to 1 million documents, including employee salary information, customer contracts, network designs, and internal emails. Colt reported that customer-facing portals such as Colt Online and Voice API were taken offline proactively as a containment measure, not because of attacker disruption or encryption.

University of St. Thomas (Houston, TX) August 12, 2025 • [ ransomware, malware, education ] On August 12, 2025, the University of St. Thomas in Houston, Texas, detected unauthorized access and voluntarily shut down key systems for nine days. External sources confirmed the INC ransomware gang claimed responsibility, stating they stole 1.8 TB of sensitive university data. University operations including student portals, financial aid, and course scheduling were fully disrupted, though no encryption was reported. Public disclosure followed on August 25, 2025.

Lycoming County Department of Public Safety August 12, 2025 • [ ransomware, government ] Drivers license numbers and other PII were exfiltrated from the Lycoming County Department of Public Safety during a ransomware attack detected on August 12, 2025. Officials confirmed cyber criminals stole data but have not reported any encryption. The number of affected individuals remains undisclosed.

Church of Scientology August 12, 2025 • [ ransomware, data leak ] heise reported that the ransomware-as-a-service group Qilin listed Scientology as a new victim on its darknet leak site and claimed to have stolen data from Scientologys UK IT systems. The article notes that screenshots suggest exposure of documents tied to UK visa cost approvals as well as lists of members including account balances and level within the organization, with entries not limited to the UK. No ransom demand amount or operational impacts were confirmed in the reporting, and the consequences for the organization were described as unclear.

YES24 August 11, 2025 • [ ransomware, malware, retail ] On August 11, 2025, YES24 suffered its second ransomware attack in two months, leading to encrypted systems and major disruption of Koreas largest internet bookstore. The incident disrupted online sales and order processing; the company did not disclose the exact ransomware group or number of customers impacted, but stated operations were severely affected.

Pennsylvania Office of Attorney General August 11, 2025 • [ ransomware, malware, government ] Ransomware attack encrypted and paralysed core systems at the Pennsylvania Office of Attorney Generalincluding archived emails, files, internal case systems, phone lines, and websitecausing full disruption for approximately three weeks. No data exfiltration reported. No identified perpetrator. Attack began August 11, 2025; reported August 29, 2025.

MedicSolution August 9, 2025 • [ ransomware, leak, malware ] KillSec claimed ransomware attack against Brazilian healthcare IT vendor MedicSolution, disrupting operations and threatening a data leak unless negotiations commence; broader impact under investigation.

Cox Enterprises, Inc. August 9, 2025 • [ vulnerability, zero-day, data leak ] Hackers exploited a zeroday vulnerability in Oracle EBusiness Suite, breached Cox Enterprises network, and exfiltrated personal data of about 9,479 individuals; Cl0p group later published stolen files on darkweb leak site

Search Results (ransomware)