Chief Electoral Officer – West Bengal
May 17, 2025
•[ data breach, insider threat, unauthorized access ]
A security breach led to deletion of at least 1,000 voters from the electoral roll in a West Bengal assembly constituency; subsequent reports cited misuse of AERO credentials.
Central Point School District 6
May 14, 2025
•[ data breach, unauthorized access ]
The Oregon district reported unauthorized access to its digital systems on May 14 and isolated affected systems while law enforcement and external experts investigated. No confirmed data types or quantities were disclosed at the time of reporting.
US Mortgage
May 13, 2025
•[ ransomware, unauthorized access, data breach ]
US Mortgage disclosed that an unauthorized third party gained access to a portion of its computer network in May 2025 in a ransomware event, and outside reporting tied the incident to SAFEPAY.
BitoPro Exchange
May 8, 2025
•[ cryptocurrency theft, unauthorized access, money laundering ]
Unauthorized access on May 8 2025 to BitoPro exchange hot wallets resulted in theft of about NT$345 million (US$11.5 million) in cryptocurrency; funds laundered via Tornado Cash, Thorchain, and Wasabi; attribution linked to North Koreas Lazarus Group (APT38); no operational disruption reported.
AlcaldÃÂa de Cáchira
May 2, 2025
•[ malware, financial theft, unauthorized access ]
Authorities arrested suspects accused of using malware to access municipal accounts and steal $1.935 million COP from the Cchira mayors office.
Harrods
May 1, 2025
•[ unauthorized access, security incident ]
Harrods reported attempts to gain unauthorized access and restricted internet access as a precaution; no confirmed breach or disruption attributable to attackers (not a successful cyber event).
Defense and critical-infrastructure entities in Ukraine
May 1, 2025
•[ phishing, unauthorized access, data leak ]
Rare Werewolf APT, a Russia-aligned espionage group, conducted spear-phishing and remote-administration toolbased intrusions in MayJune 2025 targeting defense and critical-infrastructure entities in Ukraine, resulting in unauthorized access and data exfiltration.
Cities of Palo Alto, Redwood City, and Menlo Park (Crosswalk systems)
April 21, 2025
•[ Hacktivism, Unauthorized Access, Deepfake ]
Hacktivists hijacked Bay Area pedestrian crosswalk systems in Palo Alto, Redwood City, and Menlo Park to broadcast deepfake audio messages impersonating Elon Musk and Mark Zuckerberg mocking billionaire culture; no data theft or operational outage beyond altered messages reported.
City of Seattle (Crosswalks system)
April 21, 2025
•[ hacktivism, unauthorized access, system compromise ]
Hacktivists compromised Seattle pedestrian crosswalk systems to broadcast spoofed audio announcements mocking technology billionaires; no evidence of data exfiltration or wider operational impact reported.
The Fondation Cancer
April 18, 2025
•[ unauthorized access, email security, incident response ]
Fondation Cancer stated it detected a suspicious incident involving one of its email accounts. After analysis, its specialized IT provider concluded there had been malicious access into part of the organizations email mailboxes and implemented containment measures to stop the intrusion. The foundation indicated it informed partners and Luxembourgs national data protection commission promptly. In its communication, the organization said it had no indication that its internal data were disclosed, stolen, or copied, and that patient-service data were not affected. It also emphasized that the event did not impact the foundations financial operations because financial transactions are processed through separate secure connections.
Ericsson
April 17, 2025
•[ unauthorized access, data security incident, PII ]
Ericsson disclosed a data security incident at a service provider. The provider detected unauthorized access on 04/28/2025 and later determined files may have been accessed between 04/17/2025 and 04/22/2025. Exposed data varied by person and included names and Social Security numbers, with additional filings indicating dates of birth, drivers license/government ID numbers, financial information, and medical information. The review was completed on 02/23/2026, and a Maine filing referenced 15,661 impacted employees and customers; no group publicly claimed responsibility at the time of reporting.
Bremanger Kraft AS
April 7, 2025
•[ hacktivism, unauthorized access, industrial control systems ]
On April 7 2025, hacktivists accessed a web-exposed control interface for Bremanger Kraft ASs hydroelectric dam in western Norway and opened a valve releasing 500 L/s of water for four hours; no casualties or structural damage reported; Norwegian authorities attributed the incident to pro-Russian hacktivists.
Ocuco, Inc.
March 28, 2025
•[ data leak, unauthorized access ]
Ireland-based eyecare software services provider Ocuco detected unauthorized actor access to two non-production servers between Mar 28Apr 1 2025; KillSec claims data theft; company review shows ~240,961 affected; investigation ongoing; no confirmed service outage or encryption.
Office of the State’s Attorney for Baltimore City
March 19, 2025
•[ ransomware, data leak, unauthorized access ]
Following a March 2025 intrusion, the Kairos ransomware group stole internal legal and police records from the Baltimore City States Attorneys Office and later published portions online; the office reported no service disruption but confirmed investigation of unauthorized access.
CFD Investments, Inc.
March 15, 2025
•[ unauthorized access, email account compromise, data leak ]
Unauthorized access to an employee email account at CFD Investments, Inc. resulted in exposure of client personal and financial information between March 15 and May 9, 2025; affected individuals were notified beginning January 28, 2026.
Trocaire College
March 13, 2025
•[ unauthorized access, data leak, data breach ]
Trocaire College identified unauthorized access to its systems. A forensic investigation determined that sensitive personal information may have been acquired by an unauthorized actor. The college notified affected individuals in January 2026 and reported the incident to regulators.
Civil Service Employees Association (CSEA)
March 5, 2025
•[ data breach, identity theft, Social Security numbers ]
The Civil Service Employees Association (CSEA), a New York labor union, reported a 2025 data breach in which attackers were present in its systems for nearly a month. The breach notification said malicious actors roamed CSEA systems between May 3 and May 31, 2025. A submission to the Maine Attorney Generals Office indicated over 47,000 individuals were affected. The investigation stated attackers may have accessed members names and Social Security numbers, creating risk of identity theft and fraud. The report did not identify the threat actor or the initial access method.
Orthopaedic Specialists of Connecticut
March 2, 2025
•[ data leak, unauthorized access, personally identifiable information ]
Names, dates of birth, Social Security numbers, insurance and medical information for 22,541 individuals were exposed after an unauthorized third party accessed the practices network on March 2, 2025, per the provider notice and HHS filing.
Angel One Ltd.
February 27, 2025
•[ unauthorized access, data leak ]
Indian stock brokerage Angel One disclosed on February 27, 2025, that unauthorized actors accessed some of its Amazon Web Services (AWS) resources following a dark web alert. The company confirmed exposure of limited client information but no compromise of funds or credentials. Investigation and containment measures were initiated immediately.
City of Jasper
February 20, 2025
•[ unauthorized access, government ]
Unauthorized access identified around Feb 20; no evidence of citizen/employee personal data access; services largely unaffected.
