Center for Life Resources
November 14, 2025
•[ unauthorized access, network intrusion, data breach ]
Center for Life Resources identified unauthorized access to its network in mid-November 2025 and determined that files containing sensitive personal and protected health information may have been accessed or copied, which was later disclosed in regulatory notifications.
Central Ozarks Medical Center
November 10, 2025
•[ cyberattack, unauthorized access, data breach ]
Patients and individuals had their sensitive personal and health information exposed in a criminal cyberattack on Central Ozarks Medical Center. The breach involved unauthorized access to systems and resulted in the compromise of names, dates of birth, Social Security numbers, financial account details, medical treatment records, and health insurance information, according to investigation notices.
Catalyst RCM
November 8, 2025
•[ unauthorized access, credential misuse, data leak ]
Catalyst RCM disclosed that an unauthorized actor used valid credentials to access a secure file management server between November 8 and 9, 2025, and copied data without permission, affecting client data including records tied to Vikor Scientific.
Checkout.com
November 6, 2025
•[ extortion, unauthorized access, data leak ]
Checkout.com reported that an extortion actor accessed a legacy cloud file storage system and claimed to have obtained data; the company confirmed unauthorized access but no operational disruption or verified data theft.
Kaplan
October 30, 2025
•[ data leak, unauthorized access, personally identifiable information ]
The Record reported Kaplan notified regulators and individuals about a fall 2025 cybersecurity incident in which an unauthorized actor accessed Kaplans servers for 19 days (Oct. 30 to Nov. 18, 2025) and leaked/removed personal data. Kaplans notifications across several states totaled at least 230,941 people in states that publish counts, and an update said Kaplan later informed Oregon that 1.4 million people were affected. The exposed data included Social Security numbers and drivers license numbers (and related identifiers). The report did not name the attacker or provide a detailed intrusion method, but confirmed the access window and sensitive identifiers involved.
Catwig LLC d/b/a Victory Disability
October 27, 2025
•[ unauthorized access, data breach, Personally Identifiable Information (PII) ]
Catwig LLC (doing business as Victory Disability) stated it became aware in November 2025 of claims that an unknown party obtained information belonging to the firm. The company initiated an investigation with third-party cybersecurity specialists and notified federal law enforcement. The investigation concluded that an unknown party accessed a portion of Victory Disabilitys environment between October 27 and November 12, 2025 and may have viewed or copied certain information stored there. Potentially impacted data included names, contact information, Social Security numbers, and in some cases dates of birth and medical information (diagnosis, treatment, medications, lab results) if provided to Victory in connection with a case. The company reported filing notice with the California Attorney General and beginning written notifications on December 12, 2025.
FullBeauty Brands, Inc.
October 18, 2025
•[ ransomware, data leak, unauthorized access ]
Unauthorized actors accessed FullBeauty Brands systems over several weeks in late 2025 and exfiltrated internal company data, later claimed by the Everest ransomware group, with no confirmed operational disruption publicly disclosed.
Fairfield City Council
October 16, 2025
•[ unauthorized access, data exfiltration, system disruption ]
Fairfield City Council said threat actors illegally accessed a portion of its IT environment in October 2025, disrupted systems, and exfiltrated sensitive staff and resident information while most council services continued operating with temporary workarounds.
Windsor International Airport
October 14, 2025
•[ hacktivism, unauthorized access, third-party breach ]
Unauthorized pro-Palestinian messages played; one Delta flight delayed; third-party cloud PA cited
The Nobel Foundation
October 10, 2025
•[ cyberattack, data leak, unauthorized access ]
The Norwegian Nobel Institute concluded that a cyberattack was the most likely explanation for the leak of information about the 2025 Nobel Peace Prize, after prediction-market activity shifted sharply hours before the official announcement. The report frames the incident as unauthorized access leading to premature disclosure of confidential prize-related information. The article does not provide technical details on the access vector, attacker identity, or the specific systems compromised beyond the Institutes conclusion that hacking was the likely cause.
Undisclosed Nigerian Telecom Firm
October 1, 2025
•[ cyber-enabled fraud, unauthorized access, billing system breach ]
The Nigeria Police uncovered a cyber-enabled fraud involving unlawful access to a telecom operators billing system, leading to ?7.7bn in diverted airtime and data; six suspects arrested.
Substack
October 1, 2025
•[ phishing, data leak, unauthorized access ]
Substack notified users of a data breach after it identified evidence on February 3, 2026 that an unauthorized third party accessed limited user data in October 2025. Substack stated that credit card numbers, passwords, and financial information were not accessed. The company did not disclose how access was obtained, but said it fixed the system issue that enabled it and warned users to be cautious of phishing. Reporting cited a database allegedly containing 697,313 records posted to a hacking forum, consistent with exposure of emails, phone numbers, and internal account metadata.
Gulshan Management Services
September 25, 2025
•[ ransomware, phishing, data breach ]
SecurityWeek reported that Gulshan Management Services, associated with Gulshan Enterprises (operator of Handi Plus and Handi Stop locations in Texas), disclosed a ransomware-related data breach affecting more than 377,000 individuals via a filing with the Maine Attorney General. Gulshan detected unauthorized access in late September 2025 after an attacker gained entry through a successful phishing attack and maintained access for about 10 days. During that period, the threat actor stole personal data and then deployed ransomware that encrypted files on Gulshan systems. The compromised personal information was described as including names, contact details, Social Security numbers, and drivers license numbers.
Thayer Hotel at West Point
September 19, 2025
•[ unauthorized access, data breach, personally identifiable information ]
On 19 September 2025 the Thayer Hotel at West Point experienced unauthorized access to its computer systems, prompting a forensic investigation and containment measures. The hotel later confirmed that an Undetermined actor accessed systems holding data on roughly 33,053 individuals and that exposed information could include names, dates of birth, postal addresses, Social Security numbers, drivers license and passport numbers, state IDs, email addresses and some medical or financial data for guests and employees. A formal Notice of Data Security Incident dated 31 October 2025 describes the breach, and law firms have begun investigating potential claims while the hotel offers credit monitoring through Kroll.
Insightin Health
September 17, 2025
•[ data leak, unauthorized access, zero-day vulnerability ]
Insightin Health disclosed that an unauthorized party gained access to its GoAnywhere file-transfer tool by exploiting an unknown design flaw, potentially accessing data on a subset of servers between 09/17/2025 and 09/23/2025. Insightin said it identified unusual activity on 09/23/2025, stopped further access, and reviewed impacted files. On 02/12/2026, a health plan confirmed some members information was included. The data involved included name, health care provider name, insurance information, and member ID; no Social Security numbers or financial information were reported involved in the notice excerpt.
Personic Management Company LLC
August 29, 2025
•[ data leak, unauthorized access, third-party breach ]
Personic reported unauthorized activity affecting a third-party software platform it used to process patient information. The company stated it became aware of the issue on September 1, 2025, and an investigation concluded an unauthorized actor accessed the platform on August 29, 2025 and obtained certain data. The public notice stated the impacted data may include names and protected health information. Personic reported filing a notice with the Maine Attorney Generals office and beginning notification of impacted individuals on November 18, 2025.
Saint Mary’s Home of Erie
August 26, 2025
•[ data leak, unauthorized access ]
A forensic investigation found that an unauthorized party accessed the Saint Marys Home of Erie network between August 26 and 28, 2025. Files and folders containing resident PII and PHI may have been exposed. The incident was reported to HHS OCR for at least 501 individuals while review continues.
Saint Mary’s Home of Erie
August 26, 2025
•[ unauthorized access, PII, PHI ]
A forensic investigation found that an unauthorized party accessed the Saint Marys Home of Erie network between August 26 and 28, 2025. Files and folders containing resident PII and PHI may have been exposed. The incident was reported to HHS OCR for at least 501 individuals while review continues.
Barrio Family Health Care Center
August 16, 2025
•[ email compromise, unauthorized access, data leak ]
KENS5 reported Barrio Comprehensive Family Health Care Center notified patients about a cybersecurity incident involving unauthorized access to employee email accounts. The clinic said it discovered the incident on Sept. 16, 2025 and later determined that up to 19,885 individuals may have been affected. The exposed information varied by individual and was contained in the compromised email accounts; the report frames the event as a successful email compromise leading to exposure of patient information.
Elmcrest Children’s Center, Inc.
August 12, 2025
•[ unauthorized access, data leak, health information ]
Elmcrest Childrens Center, Inc. detected unauthorized access to its computer network on August 12, 2025. The investigation determined that files containing information for approximately 23,500 individuals were accessed, including names, addresses, dates of birth, treatment details, and insurance information.
