Visiting Nurse Association of Texas
July 17, 2025
•[ unauthorized access, email compromise, PII ]
Visiting Nurse Association of Texas identified suspicious network activity on July 17, 2025; an unauthorized actor accessed employee email accounts and potentially compromised personal and health-related data belonging to thousands of individuals, per notice and investigation.
Atlas Transfer and Storage
July 15, 2025
•[ unauthorized access, data breach, PII ]
Atlas Transfer & Storages notice states it identified suspicious activity on July 15, 2025 and launched an investigation. The investigation concluded that an unauthorized party copied certain files on the same date. Atlas reviewed the impacted files and stated the affected information varied by individual but could include identifiers and financial/health insurance information such as SSNs, tax IDs, drivers license/state IDs or other government IDs, payment card numbers, health insurance and medical information, and financial account information. Atlas stated it notified individuals and offered complimentary credit monitoring services.
Wiley Rein LLP
July 12, 2025
•[ espionage, unauthorized access, state-sponsored attack ]
Firm notified clients that Microsoft 365 accounts of certain personnel were accessed in an apparent intelligence-gathering operation; suspected China-affiliated group.
Healthcare Interactive Inc. (HCIactive)
July 12, 2025
•[ data leak, unauthorized access ]
Healthcare Interactive Inc. (HCIactive), a benefits and insurance administration technology provider, disclosed that an unauthorized actor accessed its network and copied certain files between July 8 and July 12, 2025. Suspicious activity was detected on July 22, triggering a forensic investigation that confirmed a data breach affecting at least 501 individuals, with exposed information including names, addresses, dates of birth, Social Security numbers, contact details, and health insurance enrollment data. The company notified regulators and consumers beginning in September 2025, offered credit monitoring, and stated that it had implemented additional technical safeguards. There is no indication of significant operational disruption, but the confidentiality impact for affected individuals is substantial.
Laurel Health Centers
July 11, 2025
•[ unauthorized access, email compromise, data leak ]
Laurel Health Centers identified unauthorized access to portions of its email system during July 2025, which resulted in the potential exposure of personal and protected health information belonging to patients, as later disclosed in a public notice.
woom GmbH
July 11, 2025
•[ cyberattack, data breach, incident response ]
woom stated that on Friday November 7, 2025 it was affected by a cyberattack in which an internationally operating hacker group gained access to parts of the companys systems despite security measures. woom said it immediately initiated incident response with external experts, contained and processed the incident, and restored systems as quickly as possible. The company said there were indications that some customer information may have been affected, but it reported no sensitive customer data exposure and emphasized ongoing investments in security improvements.
Khan & Associates CPA, Inc.
July 9, 2025
•[ unauthorized access, data leak ]
An unauthorized user accessed Khan & Associates CPAs Intuit tax filing software between July 916 2025, filing false federal and state tax returns and exposing clients PII including SSNs and bank data.
Sentinel Security Life and Atlantic Coast Life
July 4, 2025
•[ unauthorized access, personally identifiable information, social security numbers ]
Sentinel Security Life Insurance Co. and Atlantic Coast Life Insurance Co. disclosed a cyber incident involving unauthorized access that occurred between April 7 and April 15, 2025. The companies reported that personally identifiable information associated with policyholders, beneficiaries, and other individuals connected to the firms may have been exposed. Potential data elements cited in reporting include names, Social Security numbers, taxpayer identification numbers, financial account information, dates of birth, medical records, and health insurance details; the companies stated they were unaware of misuse at the time of reporting.
C&M Software (service provider to Banco Central ecosystem)
July 2, 2025
•[ insider threat, compromised credentials, financial theft ]
Attackers allegedly bought an employee's credentials for ~$2,700 to access C&M systems and steal BRL 800M from connected institutions; part converted to crypto and laundered.
Pulse Urgent Care Center
July 1, 2025
•[ data leak, unauthorized access, healthcare ]
Unauthorized access to Pulse Urgent Care Centers network exposed patient PHI; no encryption or quantitative scope reported and threat actor unconfirmed.
LG Uplus
July 1, 2025
•[ unauthorized access, data leak, credential theft ]
LG Uplus reported illegal access to internal information after a breach affecting company servers. Investigators said exposed information included server lists, server account credentials, and employees names, and later found forensic reconstruction was hindered after key systems were reinstalled or discarded.
Hawaiian Airlines
June 23, 2025
•[ unauthorized access, data breach, threat actor attribution ]
On June 23 2025, Hawaiian Airlines detected unauthorized access affecting certain IT systems; flights and safety operations were unaffected. The company reported the breach in an SEC 8-K filing and began investigation with external experts and the FBI. No confirmed data-theft volume or ransom demand disclosed; security researchers suspect the Scattered Spider threat group, but attribution remains unconfirmed.
Vice Ministry of Economy (Paraguay) et al.
June 14, 2025
•[ hacktivism, website defacement, unauthorized access ]
Hacktivist group CyberTeam launched coordinated website intrusions against Paraguayan government institutions, defacing and accessing official systems while denouncing national cybersecurity as ineffective; the Ministry of Economy confirmed limited unauthorized access but no data leak.
McElroy & Associates, Inc.
May 28, 2025
•[ data leak, unauthorized access, HIPAA ]
McElroy & Associates, Inc., a professional services firm operating as a HIPAA-covered healthcare business associate, disclosed unauthorized access to an employee email account occurring between May 28 and May 30, 2025. A forensic investigation determined that personal and protected health information may have been exposed. The company notified affected individuals and regulators; no operational disruption was publicly reported.
Murex Petroleum Corporation
May 27, 2025
•[ unauthorized access, data breach, personal information ]
Unauthorized access to Murex Petroleum Corporation systems resulted in the access and acquisition of certain individuals personal information, as disclosed in a regulatory filing with the New Hampshire Department of Justice.
Arthur Ashe Institute for Urban Health Inc.
May 18, 2025
•[ unauthorized access, personally identifiable information, health information ]
Unauthorized access to systems at Arthur Ashe Institute for Urban Health Inc. between April 4 and May 18, 2025 may have exposed personally identifiable and health information according to breach notifications.
Chief Electoral Officer – West Bengal
May 17, 2025
•[ data breach, insider threat, unauthorized access ]
A security breach led to deletion of at least 1,000 voters from the electoral roll in a West Bengal assembly constituency; subsequent reports cited misuse of AERO credentials.
Central Point School District 6
May 14, 2025
•[ data breach, unauthorized access ]
The Oregon district reported unauthorized access to its digital systems on May 14 and isolated affected systems while law enforcement and external experts investigated. No confirmed data types or quantities were disclosed at the time of reporting.
BitoPro Exchange
May 8, 2025
•[ cryptocurrency theft, unauthorized access, money laundering ]
Unauthorized access on May 8 2025 to BitoPro exchange hot wallets resulted in theft of about NT$345 million (US$11.5 million) in cryptocurrency; funds laundered via Tornado Cash, Thorchain, and Wasabi; attribution linked to North Koreas Lazarus Group (APT38); no operational disruption reported.
AlcaldÃÂa de Cáchira
May 2, 2025
•[ malware, financial theft, unauthorized access ]
Authorities arrested suspects accused of using malware to access municipal accounts and steal $1.935 million COP from the Cchira mayors office.
