Station Casinos LLC
March 5, 2026
•[ unauthorized access, personal information, PII ]
Station Casinos LLC identified unauthorized external access to its systems on March 5, 2026 and began notifying affected individuals in May 2026. Public filings confirmed names were exposed and warned that additional personal information may have been compromised, but the company had not publicly confirmed the total number of affected individuals.
Blanchard Training and Development, Inc.
March 3, 2026
•[ unauthorized access, PII, financial information ]
Blanchard Training and Development, Inc. identified unusual activity in its network environment on March 4, 2026, and later determined that an unauthorized individual may have copied certain information between March 3 and March 4. DataBreach indexed 494,404 rows tied to Blanchard, including names, contact information, addresses, and bank account information.
Bitrefill
March 1, 2026
•[ cyberattack, data breach, cryptocurrency theft ]
Bitrefill disclosed that a March 1, 2026 cyberattack originating from a compromised employee laptop enabled attackers to obtain legacy credentials, access a snapshot containing production secrets, and escalate into parts of Bitrefills infrastructure. The attackers accessed parts of the database and some cryptocurrency wallets, leading to theft of funds and misuse of gift card inventory/supply flows. Bitrefill reported exposure of about 18,500 purchase records containing customer email addresses, IP addresses, and cryptocurrency payment addresses; for about 1,000 purchases, customer names were also potentially exposed (stored encrypted, but the attackers may have obtained decryption keys). Bitrefill said it shut down systems to isolate the incident, worked with security experts/on-chain analysts/law enforcement, and assessed the method as consistent with Lazarus/BlueNoroff activity.
Hutt City Council
March 1, 2026
•[ phishing, unauthorized access, email compromise ]
Hutt City Council experienced a malicious phishing attack in March 2026 that resulted in unauthorized access to a number of email accounts. The council determined that five individuals had identity information compromised and 732 people may have had financial information exposed through email correspondence.
Adelante Soluciones Financieras
March 1, 2026
•[ data leak, unauthorized access, PII ]
Addi identified unauthorized activity on its platform in March 2026 and advised customers that personal information may have been compromised. ShinyHunters later claimed responsibility and published a large trove of personal data allegedly obtained from Addi. DataBreach indexed 67,979,172 rows tied to the breach, while HIBP reported approximately 34 million exposed email addresses and credit-related data points. Public sources did not confirm encryption, data destruction, operational disruption, or a precise intrusion vector.
Murata Manufacturing Co., Ltd.
February 28, 2026
•[ unauthorized access, data leak, IT environment breach ]
Murata Manufacturing confirmed unauthorized third-party access to its IT environment and improper access to data, with later updates identifying possible leakage of employee, associated-person, customer, supplier, stakeholder, and business partner information.
Dienst Justitiële Inrichtingen
February 27, 2026
•[ data leak, vulnerability exploit, internal network access ]
Hackers exploited an Ivanti Endpoint Manager Mobile flaw to access the internal network of the Dutch prisons agency and view staff contact details and security certificates; they also gained access to phones, tablets, and laptops.
Centre for Information Technologies of the State (CTIE)
February 26, 2026
•[ malware, data leak, government ]
CTIE detected malware on a system used to manage government mobile-device access and later said an external actor accessed device-holder information and device characteristics. The temporary loss of mobile access to internal state services resulted from CTIE isolating the affected system as a precaution.
Mexico City Civil Registry
February 26, 2026
•[ data leak, unauthorized access, exfiltration ]
Attackers gained unauthorized access to Mexican government civil registry databases and exfiltrated sensitive records. Stolen data reportedly includes birth certificate information and national identification numbers from Mexico Citys civil registry.
National Tax Service Korea
February 26, 2026
•[ data leak, cryptocurrency, seed phrase exposure ]
South Koreas National Tax Service accidentally published a hardware wallet recovery phrase in a press photo announcing seized assets. An unknown attacker used the exposed seed phrase to transfer roughly $4.8 million in cryptocurrency from the wallet.
Monterrey Water Utility
February 26, 2026
•[ unauthorized access, data leak, billing information ]
Attackers gained unauthorized access to Monterreys municipal water utility databases and stole internal and customer records. The exposed data reportedly includes billing and account information linked to utility customers.
Mexico Tax Authority
February 26, 2026
•[ data leak, unauthorized access, government ]
Attackers accessed Mexican tax authority systems and exfiltrated taxpayer information. The compromised data reportedly includes tax records and taxpayer identification details.
MediMap
February 22, 2026
•[ data integrity, unauthorized access, healthcare breach ]
MediMap was taken offline after an unauthorized user altered patient records, including names, ages, living status, and facility assignments, disrupting medication management across New Zealand providers. Some of the records were changed to designate the patient as dead or have them name changed to Charlie Kirk.
Grand Hotel Taipei
February 21, 2026
•[ cyberattack, data leak, unauthorized access ]
Grand Hotel Taipei reported a cyberattack on its systems and warned that guest reservation information may have been accessed. The potentially exposed data includes guest names and contact details, though the number of affected individuals has not been disclosed.
Advantest Corporation
February 19, 2026
•[ ransomware, unauthorized access, incident response ]
Advantest disclosed it detected unusual activity in its IT environment on February 15, 2026 (JST) and activated incident response, isolating affected systems and engaging external cybersecurity experts. Preliminary findings indicated an unauthorized third party may have accessed parts of the companys network and deployed ransomware. Advantest stated the investigation was ongoing and it had not yet confirmed whether customer or employee data was affected; it said it would notify impacted persons if data exposure is confirmed. The public reporting focused on containment and restoration actions and did not describe prolonged manufacturing shutdowns or downstream customer impacts.
youX
February 15, 2026
•[ unauthorized access, data leak, exfiltration ]
youX (Australian finance technology platform) confirmed unauthorized access by a third party after a threat actor released data it claimed to have obtained during the incident. Public reporting said youX had flagged an IT security incident about a week earlier and that personal information may have been compromised. External threat reporting associated the incident with a large-scale exfiltration claim (hundreds of gigabytes) affecting borrowers and broker organizations, consistent with data-theft extortion behavior. The companys public statements centered on incident response actions, engagement with external experts, and regulatory notification while it worked to determine the precise scope and which individuals and organizations were impacted.
UFP Technologies
February 14, 2026
•[ unauthorized access, data theft, operational disruption ]
UFP Technologies disclosed that threat actors gained unauthorized access to its IT systems around February 14, 2026, disrupting billing and delivery label generation and resulting in the theft or destruction of company or company-related data.
EBR Systems
February 13, 2026
•[ network disruption, unauthorized access, patient health data ]
EBR Systems experienced a network disruption around February 13, 2026 and later determined that certain information stored on its network, including a limited amount of patient health data, was subject to unauthorized access; the incident was contained and did not cause material business disruption.
Washington Hotel chain (Fujita Kanko)
February 13, 2026
•[ ransomware, unauthorized access, point-of-sale system issues ]
A ransomware incident impacted the Washington Hotel chain in Japan, with Fujita Kanko reporting that unauthorized access to some servers was detected on February 13, 2026. The company said it took protective measures to cut off attacker access, formed an internal task force, and engaged police and outside cybersecurity experts. The company confirmed unauthorized access to business data on servers, while stating customer information tied to the external Washington Net system was believed unaffected at the time. Some hotels experienced point-of-sale system issues, but the company reported no major business disruption overall.
Odido
February 7, 2026
•[ data leak, unauthorized access, customer data theft ]
Odido confirmed that hackers gained unauthorized access to its customer contact system and covertly downloaded large volumes of customer information. Odido said more than 6.2 million customers were affected. The compromised data includes names, phone numbers, postal and email addresses, dates of birth, IBAN bank account numbers, and government-issued ID details such as passport or drivers license numbers and validity dates. The report did not attribute the incident to a specific threat group and did not describe operational disruption beyond the data compromise.
