Dartmouth College
August 9, 2025
•[ data leak, ransomware, vulnerability exploit ]
Dartmouth College confirmed that attackers exploited its Oracle E-Business Suite instance between August 9 and 12, 2025 and exfiltrated files containing personal and financial information, including Social Security numbers. Nearly 1,500 Maine residents and over 31,000 New Hampshire residents were impacted. Cl0p later leaked 226 GB of allegedly stolen data.
Inotiv Inc.
August 8, 2025
•[ ransomware ]
Qilin ransomware gang stole ~176 GB (~162,000 files) of data and encrypted systems. Inotiv confirmed operational disruption and fallback to offline continuity plans.
Beta – Dnevni evropski servis (DES)
August 7, 2025
•[ ransomware, malware, technology ]
Ransomware attack encrypted systems of Betas specialized European news service (DES), rendering its portal inaccessible. No data exfiltration was reported. Attackers demanded ransom in cryptocurrency; the incident occurred and was disclosed on August 7, 2025.
OB-GYN Associates, Nevada
August 7, 2025
•[ ransomware, data leak ]
OB-GYN Associates in Reno, Nevada identified suspicious activity in its IT environment on or around August 7, 2025 and brought in third-party experts, who confirmed that a hacker had accessed areas of the network where patient records were stored; a review completed September 29 showed that names, Social Security numbers, drivers license numbers and medical information for about 62,238 individuals had been exposed, and the Inc Ransom ransomware group later claimed responsibility for the attack, prompting the clinic to harden policies and offer credit monitoring to affected patients.
Spartanburg County
August 6, 2025
•[ ransomware, government ]
Cyberattack led to disabling of certain online services, including County network connections; emergency services like 911 remained operational; third ransomware event in recent years
Pakistan Petroleum Limited (PPL)
August 6, 2025
•[ ransomware, leak, malware ]
PPLs servers and backups were encrypted and disabled by Blue Locker ransomware; IT and financial operations were disrupted for days; a ransom note threatened data leaks; NCERT issued high alert advisory to national institutions
City of Greenville (TX)
August 5, 2025
•[ ransomware, malware, government ]
Hackers deployed ransomware targeting Greenvilles server infrastructure, affecting city services and utility billing in Hunt County; emergency 911 was unaffected, and no personal data breach has been reported.
Prospect Medical Holdings
August 4, 2025
•[ ransomware, healthcare ]
Prospect Medical Holdings, a chain that owns hospitals as well as more than 165 outpatient facilities, said ransomware hackers had breached its system. Sixteen hospitals and more than a hundred other medical facilities across the United States are offline after the largest cyberattack on a U.S. hospital system since last year. Prospect Medical Holdings, a []
99 Cents Only
August 1, 2025
•[ ransomware, retail ]
INC Ransom claims to have breached Dollar Tree
Qilin ransomware group
July 31, 2025
•[ ransomware, hack, leak ]
Compromise of Qilins affiliate panel by rival actors enabled access to internal systems and stolen victim files.
Acea
July 31, 2025
•[ ransomware, malware, energy ]
Italian utility company Acea suffered another ransomware attack, this time claimed by World Leaks. Systems were encrypted, disrupting operations, though the exact duration and number of affected customers were not disclosed.
Institute Ruđer Bošković (administrative/professional services IT)
July 31, 2025
•[ ransomware, education ]
IRB was hit by a ransomware attack on July 31, 2025 via Microsoft SharePoint ToolShell vulnerabilities; administrative/professional services systems were encrypted. IRB refused to pay, isolated affected segments, and restored from backups by Aug 8; later updates confirmed full service restoration and no evidence of data exfiltration.
Undisclosed Russian pharmacy chains
July 31, 2025
•[ ransomware ]
The Record reports multiple Russian pharmacies were shut down due to a cyberattack disrupting operations and payment/services.
Mailchimp
July 31, 2025
•[ ransomware, data leak ]
Everest ransomware group claimed a small breach of Mailchimp systems, sharing limited details; no disruption reported.
Herbapol Lublin S.A.
July 31, 2025
•[ ransomware ]
Polish trade press reports cyberattack on Herbapol Lublin with a ransom demand; operational interruptions mentioned.
99 Cents Only Stores (data linked to Dollar Tree acquisition context)
July 30, 2025
•[ ransomware, data leak ]
HackRead reports INC claimed 1.2TB of Dollar Tree data; company statements elsewhere indicate samples match data tied to defunct 99 Cents Only Stores.
Belk, Inc.
July 29, 2025
•[ ransomware ]
Ransomware group INC claimed an attack on Belk; the retailer's confirmation and scope had not been disclosed at report time.
Albavision (Albavisión)
July 28, 2025
•[ ransomware, data leak, business disruption ]
GlobalGroup ransomware group alleged breach and data theft at media giant Albavision affecting broadcast operations, with data samples posted.
Gloucester County, Virginia
July 27, 2025
•[ ransomware ]
Gloucester County reported responding to a ransomware attack that impacted county systems and public access to some services.
Curaçao Tax & Customs Administration
July 24, 2025
•[ ransomware, malware, government ]
Ransomware attack on July 24, 2025 encrypted and paralyzed systems of Curaaos Tax & Customs Administration, disabling counters, phone lines, and internal operations. Online tax filing remained active. Services restored by August 4. No perpetrator identified; no data exfiltration reported.
