The Canada Life Assurance Company
April 17, 2026
•[ unauthorized access, data leak, personal information ]
The Canada Life Assurance Company confirmed unauthorized access through an employee account that exposed personal information for up to 70,000 people.
Medtronic
April 17, 2026
•[ data leak, unauthorized access, personal records ]
ShinyHunters listed Medtronic on its leak site on April 17, 2026, claiming theft of more than 9 million personal records and terabytes of corporate information; Medtronic confirmed unauthorized access to corporate IT systems but had not confirmed data theft.
Booking.com
April 15, 2026
•[ unauthorized access, data breach, PII leak ]
Booking.com detected suspicious activity affecting a number of reservations and notified customers that unauthorized third parties may have accessed booking details, names, email addresses, addresses, phone numbers, and information shared with properties; financial information was not accessed, and Booking.com reset reservation PINs for affected users.
Nigeria's Corporate Affairs Commission (CAC)
April 15, 2026
•[ unauthorized access, data exfiltration, data breach ]
Nigerias Corporate Affairs Commission confirmed unauthorized access to limited aspects of its information systems; ByteToBreach claimed it exfiltrated about 25 million documents, roughly 750 GB, from CAC infrastructure, but CAC did not confirm the volume or identify the perpetrator.
Inditex (Zara owner)
April 15, 2026
•[ unauthorized access, third-party breach, customer transaction information ]
Inditex reported unauthorized access to third-party-hosted databases containing customer transaction information; the company said the affected databases did not contain addresses, passwords, or bank card details and that it applied security protocols and notified authorities.
Agence nationale des titres sécurisés (ANTS)
April 15, 2026
•[ unauthorized access, data leak, identity document theft ]
On April 15, 2026, ANTS, also known as France Titres, detected unauthorized access to the ants.gouv.fr portal. The agency confirmed a data breach involving citizen identity-document portal data, while breach3d claimed to have stolen up to 19 million records and offered them for sale; ANTS did not specify the total number of affected citizens.
Unimed
April 14, 2026
•[ unauthorized access, data theft, ransomware ]
Unknown attackers gained unauthorized access to parts of Unimed's IT infrastructure on April 14, 2026 and stole patient billing data processed for German hospitals and clinics. Affected institutions included university hospitals in Cologne, Freiburg, Heidelberg, Tbingen, Ulm, Dsseldorf, Mainz, Saarland, Oldenburg, Hannover, Gttingen, and others. Reporting indicated the attackers intended broader system encryption, but this was stopped; hospitals said their clinical systems and patient care were not affected.
Maryland Department of Assessments and Taxation
April 14, 2026
•[ suspicious activity, web application security, incident response ]
The Maryland Department of Information Technology detected suspicious activity on servers running the State Department of Assessments and Taxations Real Property Search website application on April 14, 2026 and took the site offline; no private data was reported compromised.
Basic-Fit
April 13, 2026
•[ unauthorized access, data breach, data leak ]
Basic-Fit detected unauthorized access to the system that records member visits and stopped the intrusion within minutes, but external security experts determined that data for active members in several countries had been downloaded, affecting about 1 million members overall, including around 200,000 in the Netherlands.
Itron, Inc.
April 13, 2026
•[ unauthorized access, corporate systems, energy management ]
Itron, a provider of energy and water management solutions, detected unauthorized access to some corporate systems on April 13 2026; operations continued and no further unauthorized activity or customer impact was observed.
7-Eleven
April 8, 2026
•[ unauthorized access, data leak, ransom ]
7-Eleven discovered on April 8, 2026 that an unauthorized third party accessed systems used to store franchisee documents. ShinyHunters claimed responsibility, claimed theft of more than 600,000 Salesforce records, and leaked a 9.4 GB archive after ransom demands were not met; Have I Been Pwned identified 185,300 exposed individuals in the leaked data.
Taiwan High Speed Rail Corporation
April 5, 2026
•[ radio interference, TETRA communications, software-defined radio ]
A 23-year-old university student identified by the surname Lin allegedly interfered with Taiwan High Speed Rail's TETRA radio communications system using software-defined radio equipment and handheld radios. The unauthorized General Alarm signal triggered emergency braking or emergency stop procedures, affecting four high-speed trains for approximately 48 minutes. Public reporting did not identify data theft, ransomware, or a financial motive.
Anodot
April 4, 2026
•[ data breach, token theft, unauthorized access ]
ShinyHunters allegedly breached Anodot, causing its data connectors to stop working and enabling downstream customer cloud-data access through stolen tokens.
DigiCert, Inc.
April 2, 2026
•[ social engineering, malicious ZIP file, EV code-signing certificates ]
A threat actor used DigiCert's customer support channel on April 2, 2026 to deliver a malicious ZIP file disguised as a customer screenshot, compromising two DigiCert support analyst systems. The attacker used analyst-level access to pivot into DigiCert's internal support portal and obtain initialization codes for approved EV code-signing certificate orders across specific customer accounts. DigiCert revoked 60 associated certificates by April 17, including 27 explicitly linked to the threat actor and 11 reported as used to sign Zhong Stealer malware; the specific perpetrator was not publicly identified.
Centre of Registers
April 1, 2026
•[ stolen credentials, unauthorized access, database breach ]
Attackers used stolen or misused login credentials assigned to authorized institutions to access Lithuania's Centre of Registers databases and extract more than 600,000 records from the Real Estate Register and Legal Entities Register. Lithuanian authorities suspected foreign-country involvement, but no specific country or actor was publicly confirmed.
Rituals
April 1, 2026
•[ data breach, unauthorized access, PII ]
Rituals confirmed that an unauthorized download of My Rituals membership data occurred in April 2026, affecting customers in Europe, the United Kingdom, and the United States. The downloaded data included names, dates of birth, gender, postal and email addresses, phone numbers, preferred store locations, and account types; Rituals did not disclose the exact number of affected members, and reporting stated that passwords and payment data were not accessed.
Adaptavist Group
March 31, 2026
•[ unauthorized access, stolen credentials, data theft ]
Adaptavist Group detected unauthorized access to some systems in late March 2026 after an intruder used stolen credentials. Adaptavist said the accessed systems contained typical business data such as contact information, contracts, and NDAs; The Gentlemen claimed responsibility and claimed 24 GB of data theft, allegedly including source code, customer records, internal documents, credentials, and production-system references, but Adaptavist did not confirm the full claim.
Maine state government
March 30, 2026
•[ phishing, email account compromise, unauthorized access ]
State officials discovered that a Maine government employees email account had been accessed by cybercriminals, who used it to send phishing messages to internal staff and external contacts. The Security Operations Center secured the account, shut down the suspicious activity, and stopped additional unauthorized emails. No evidence of personal or sensitive data access was reported.
Scotia-Glenville Central School District Facebook page
March 29, 2026
•[ Account Takeover, Social Media Hijacking, Unauthorized Access ]
A malicious actor gained administrative control of the Scotia-Glenville Central School District Facebook page through a hacked non-district account used by its communications specialist and posted inappropriate videos and replies while posing as the district; the district said its internal servers and data systems were not compromised.
Hasbro Systems
March 28, 2026
•[ unauthorized access, cyberattack, operational disruption ]
Hasbro identified unauthorized access to its network on March 28, 2026 and took select systems offline as a containment measure while continuing operations through business-continuity procedures; the company warned that interim measures could cause order-processing, shipping, and invoicing delays while it reviewed potentially impacted files.
