First Contact Health
May 1, 2024
•[ phishing, unauthorized access, health data ]
Guernseys Office of the Data Protection Authority (ODPA) sanctioned First Contact Health after cyber criminals successfully targeted an employee email account in a phishing attack, gaining unauthorized access to confidential health data. The practice reported the breach to the ODPA in May 2024, and the unauthorized access was believed to have occurred at least five months earlier. The enforcement action cited failures in key security controls intended to prevent phishing-based account compromise.
Gastroenterology Associates Of Central Florida
April 11, 2024
•[ data leak, unauthorized access ]
Orlando practice disclosed network intrusion exposing patient data including identifiers and health information.
Woodfords Family Services
April 8, 2024
•[ unauthorized access, personal information, protected health information ]
Woodfords Family Services reported that after discovering suspicious activity in its network on April 8, 2024, it determined that certain files and folders were subject to unauthorized access and that personal and protected health information may have been compromised.
Telefónica
March 1, 2024
•[ cyberattack, data leak, unauthorized access ]
Telefnica investigates the claims of a possible cyberattack occurred in March that allowed criminals to access more than 2 million records of clients and collaborators of the company.
Okanagan-Skaha school district
February 13, 2024
•[ unauthorized access, cyberattack, service disruption ]
On 13 February 2024 Okanagan Skaha School District detected unusual activity in its information systems, confirmed that an unauthorized third party had accessed school district technology systems and proactively took network services offline. The incident knocked out phones and email across School District 67 and also affected the Penticton Seniors Drop-In Centre that shared the network, though teaching continued in person and the
Rödl Management, Inc.
February 9, 2024
•[ unauthorized access, data leak, personal data exposure ]
Rdl Management, Inc., an Atlanta-based professional services firm, reported unauthorized access to its network systems between January 30 and February 9 2024, resulting in exposure of personal data; no encryption or operational disruption reported.
St. Joseph’s College Of Maine
January 24, 2024
•[ data leak, unauthorized access ]
College confirmed unauthorized network access in 20232024; notices sent March 2025.
Legacy Professionals LLP
January 4, 2024
•[ data leak, unauthorized access ]
Legacy Professionals LLP, an Illinois-based accounting and audit firm, reported that sensitive personal information in its custody may have been accessed and acquired following suspicious activity detected on its computer network in late April 2024. The firm investigated and determined an unauthorized third party may have viewed and obtained certain information. Legacy then reviewed the affected data to identify impacted individuals, completing its review on 01/06/2025, and began mailing breach notification letters on 02/27/2025. Information potentially exposed was described as varying by individual and included names, Social Security numbers, and financial account numbers. Public filings referenced in reporting suggested Legacy provided affected individuals with credit monitoring services. Specific technical details such as the attack vector, the duration of unauthorized access, and whether data was exfiltrated beyond the identified categories were not publicly disclosed.
MinnesotaWorks.net
September 6, 2023
•[ unauthorized access, data leak, insider threat ]
The Department of Employment and Economic Development (DEED) in Minnesota notifies jobseekers of a data breach involving unauthorized access to their personal information at the MinnesotaWorks.net platform, after a person claiming to be an employee allegedly, viewed and copied user resume information without authorization.
Tesorer�a General de la Republica (TGR)
January 30, 2023
•[ unauthorized access, hacking forum, credential sale ]
Access to Tesorer''a General de la Rep''blica, the General Treasury of the Republic of Chile (TGR) may be up for sale on a popular hacking forum.
County of�Tehama
November 17, 2022
•[ data security incident, unauthorized access, data breach ]
The county of'Tehama'announces that it has addressed a data security incident that resulted in unauthorized access to files on its systems.
thesnappening.org
October 15, 2014
•[ data leak, hacking, defacement ]
thesnappening.org, the hosting site for the pictures leaked from Snapchat after The Snappening affair, is hacked by Team Danny, and the details of his founder Mudit Grover, are posted on the hacked page.
