Incidents involving malware or ransomware. In some cases, incidents called “ransomware” do not involve any locking but merely hack, exfiltrate, and attempt to extort.
KrebsOnSecurity reports: At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have been quickly contained and was narrowly focused on stealing cryptocurrency. But experts warn […]
In what is currently the third largest health data breach of 2025, kidney dialysis provider DaVita has reported a ransomware attack to HHS. Bleeping Computer reports: Kidney dialysis firm DaVita has confirmed that a ransomware gang that breached its network stole the personal and health information of nearly 2.7 million individuals. DaVita serves over 265,400 […]
Settlement Marks OCR’s 15th Ransomware Enforcement Action and 10th Enforcement Action in OCR’s Risk Analysis Initiative Source: HHS
Cleveland.com reports: In response to Cleveland and other local governments around Ohio being targeted with cyberattacks and ransomware threats, the state of Ohio will soon require all counties, cities, townships, school districts, libraries, and other local governments to have a cybersecurity policy that adheres to certain standards, as well as only allow locals to approve […]
ClaimDepot reports: On July 3, 2025, Sanderling Healthcare became the victim of a significant ransomware attack that may have impacted thousands of patients. The data breach was orchestrated by the Sarcoma group disclosed on the dark web, where the attackers claimed to have hacked and accessed sensitive data from the company’s systems. According to the […]
The Register reports: SonicWall on Monday confirmed that it’s investigating a rash of ransomware activity targeting its firewall devices, following multiple reports of a zero-day bug under active exploit in its VPNs. “SonicWall is actively investigating a recent increase in reported cyber incidents involving a number of Gen 7 firewalls running various firmware versions with […]
NASCAR has confirmed it was the victim of a data breach after hackers demanded a $4million ransom following a ransomware attack. The racing organization says it suffered the breach between March 31, 2025 and April 3, 2025. Correspondence with multiple state regulators this week (including this example from New Hampshire) confirms the data breach, and says […]
Invezz reports: Federal prosecutors have launched a forfeiture action to claim $2.3 million in Bitcoin allegedly tied to a ransomware actor from the newly identified Chaos group. According to a July 28 press release from the US Attorney’s Office for the Northern District of Texas, the Department of Justice filed a civil complaint seeking the forfeiture of […]
InfoSecurity Magazine reports: BlackSuit’s dark web data leak site and private negotiation panels have been taken offline in what appears to be a large-scale law enforcement operation. On July 24, the ransomware group’s leading site, usually accessible via The Onion Router (TOR), displayed a banner stating, “This site has been seized by U.S. Homeland Security […]
DataBreaches.net reports that two entities have recently ceased operations following ransomware attacks. One was in the healthcare sector while the other was in the business sector: It is still fairly rare for a ransomware victim to totally shutter its doors permanently as a result of an incident, but a relatively small breach in Georgia was […]
