Episource has reported a data breach affecting over 5 million patients in the U.S., following a cyberattack that occurred between January 27 and February 6, 2025. The breach exposed various sensitive health information, including names, addresses, and medical records, although no banking or payment card data was compromised. Affected individuals are being notified and advised to monitor for suspicious activity.

WestJet is investigating a cyberattack that disrupted access to its internal systems and app, affecting user logins. The airline has activated specialized teams in collaboration with law enforcement to address the breach while ensuring safety and protecting sensitive data. Although some services have been restored, it remains unclear whether the incident was a ransomware attack or a precautionary shutdown of systems.

French retailer Auchan has been targeted by a significant cyberattack, resulting in compromised customer data and operational disruptions. The incident highlights the increasing vulnerability of retail businesses to cyber threats, prompting a call for enhanced security measures and response strategies in the industry.

Sotheby's reported a data breach that occurred on July 24, affecting the financial account information and Social Security numbers of two Maine residents. The auction house has implemented safeguards to protect data but is now offering affected individuals 12 months of credit monitoring services following the incident. This breach follows a similar attack on Christie's in 2024, highlighting ongoing vulnerabilities in the auction industry.

McLaren Health Care has reported a significant data breach affecting the personal information of approximately 743,000 individuals. The breach occurred between July and August 2024, following a previous ransomware attack in 2023 that compromised the data of over 2 million people. The exposed information includes names and Social Security numbers among other sensitive details.

Conduent, a major American business services and government contractor, confirmed that client data was stolen during a cyberattack in January 2025. The breach involved personal information of individuals associated with the company's clients, though there are currently no indications that the data has been made public. Conduent is assessing the impact of the breach and informing clients as necessary.

Capita has been fined £14 million by the UK's Information Commissioner's Office following a severe cyberattack in 2023 that exposed personal data of 6.6 million individuals. The ICO criticized Capita for its sluggish response to the attack, which lasted 58 hours before containment measures were enacted, highlighting significant security failures within the organization.

Aflac has recently faced a significant cyberattack that compromised sensitive data of its customers and employees. The company is working closely with cybersecurity experts to assess the extent of the breach and implement measures to protect against future incidents. Aflac has also notified affected individuals and is providing support as investigations continue.

Education giant Pearson was hit by a cyberattack that allowed threat actors to steal customer and corporate data, primarily consisting of "legacy data." The breach was facilitated by an exposed GitLab Personal Access Token, which gave attackers access to internal systems and cloud services, resulting in significant data theft affecting millions of individuals. Pearson has confirmed the incident and is enhancing their security measures but has not disclosed details about the ransom or the extent of customer impact.

Medusa ransomware has claimed responsibility for a breach involving NASCAR, highlighting the ongoing threat of cyberattacks on high-profile organizations. The attack is part of a broader trend of increasing ransomware incidents targeting various sectors, raising concerns about data security and operational disruptions.

Jaguar Land Rover (JLR) has shut down part of its systems following a cyber incident that disrupted retail and production activities. While no customer data appears to have been compromised, the company is working to restore its global applications in a controlled manner. Experts suggest that the attack's identification may have come late, indicating potential ongoing access by the perpetrators.

Asahi Brewery is grappling with the aftermath of a ransomware attack that may have compromised personal data, following an initial assurance that customer and employee information was secure. The attack, attributed to the Qilin ransomware group, has severely disrupted operations, delaying shipments and financial reporting, as the company investigates the extent of the data breach. Recovery efforts are ongoing, but a timeline for full restoration remains uncertain.

A significant cyberattack on a cooperative has resulted in empty store shelves, theft of sensitive data, and an estimated loss of $275 million in revenue. The incident highlights the growing threats to supply chain security and the impact of cybercrime on retail operations.

Nearly 250,000 individuals were impacted by a data breach at Medical Associates of Brevard, a healthcare organization in Florida. The BianLian ransomware group claimed responsibility for the attack, which involved the theft of personal and protected health information. The breach was discovered in January 2025, and the organization has since notified authorities and affected individuals.

SimonMed Imaging has notified over 1.27 million individuals about the compromise of their protected health information due to a cyberattack in January 2025. While the company confirmed data theft, there have been no reported cases of misuse, and affected individuals are being offered complimentary credit monitoring services.

Qantas is facing extortion from cybercriminals following a data breach that potentially exposed the personal information of 6 million customers. The airline has reported the incident to the Australian Federal Police and is advising customers to be vigilant against potential scams and phishing attempts. The attack is linked to threat actors known as Scattered Spider, who have previously targeted various sectors, including aviation and retail.

Esse Health has notified over 263,000 patients that their personal and health information was compromised in a cyberattack that occurred on April 21, 2025. The breach resulted in the theft of sensitive data, although there was no evidence of stolen social security numbers, and the organization is offering free identity protection services to affected individuals. Restoration efforts suggest a ransomware attack, but no group has claimed responsibility for the incident.

Ascension has reported a significant data breach affecting the personal information of 437,329 patients due to a cyberattack. The exposed data includes sensitive details such as names, dates of birth, and medical information, prompting concerns about patient privacy and security. Authorities are investigating the incident while affected individuals are being notified.

A cyberattack on Oxford City Council compromised 21 years of personal data related to election workers, affecting current and former council officers. While the council has assured that there is no evidence of a mass data download or sharing with third parties, investigations are ongoing, and most services have resumed with some technical issues remaining. Experts highlight the increasing vulnerability of local authorities as they digitize services, making them attractive targets for cybercriminals.

Bouygues Telecom has suffered a significant cyberattack, compromising the personal data of approximately 6.4 million customers. The breach involved unauthorized access to sensitive information, prompting the company to notify affected individuals and take steps to secure their systems.