Canon confirmed its U.S. subsidiary was targeted in the Oracle E-Business Suite hacking campaign. The incident affected only a web server, and no Canon data has been leaked so far. Other companies, including Cox Enterprises and Mazda, also reported impacts from the same campaign.

DXS International, a tech provider for NHS England, reported a cyberattack that compromised its office servers. A ransomware group claimed responsibility, alleging they stole 300 gigabytes of data, though the extent of the breach and any impact on patient information remains unclear.

This article examines the traits that make ransomware groups effective, highlighting the role of automation, customization, and advanced tools. It discusses how these elements contribute to their financial success and ability to bypass defenses, ultimately shaping security strategies for enterprises.

A ransomware attack on Conduent has compromised the personal information of at least 15.4 million people in Texas and another 10.5 million in Oregon, significantly more than initially reported. The stolen data includes names, Social Security numbers, and medical information. Conduent is still notifying affected individuals and has faced criticism for its lack of transparency.

Japanese companies, including Asahi Holdings and Askul, are struggling to recover from ransomware attacks that have caused significant operational disruptions. Many firms are experiencing prolonged recovery times, shipment delays, and potential data breaches, highlighting vulnerabilities in their cybersecurity defenses.

The Everest ransomware group claims to have stolen over 1TB of data from ASUS, including sensitive camera source code and internal tools. ASUS confirmed the breach originated from a third-party supplier, asserting that it does not affect customer products or user privacy.

Fintech firm Marquis is seeking compensation from SonicWall after a breach at the firewall provider exposed critical data, enabling hackers to steal customer information during a ransomware attack. Marquis confirmed that it stored a backup of its firewall configuration in SonicWall's cloud, linking the two incidents. SonicWall has requested evidence to support Marquis' claims.

Askul, a Japanese e-commerce and logistics company, suffered a ransomware attack in October, compromising over 700,000 records. The RansomHouse group claimed responsibility and leaked data after the company refused to pay a ransom. The breach affected both customer and business partner information, disrupting logistics and operations.

The Akira ransomware group hacked Fieldtex Products, stealing over 14 GB of data, including sensitive health information. The breach, disclosed by Fieldtex, impacts 238,615 individuals, with data such as names, addresses, and insurance details compromised.

Covenant Health suffered a data breach in May 2025, affecting over 478,000 individuals. The Qilin ransomware group claimed responsibility and released stolen data, which includes personal and health information. The breach was initially reported to involve only 7,800 individuals.

The Everest ransomware group claims to have hacked Nissan, releasing screenshots of internal files and directory structures. They are demanding a response within five days or they will leak the data online. This incident adds to Nissan's history of cybersecurity breaches.

Fintech firm Marquis reported a ransomware attack that compromised customer data for dozens of U.S. banks and credit unions. At least 400,000 individuals had their personal and financial information stolen, primarily due to a vulnerability in Marquis's SonicWall firewall. The number of affected customers is expected to increase as more notifications are filed.

LKQ Corporation has confirmed a data breach affecting over 9,000 individuals due to a cyberattack targeting Oracle's E-Business Suite. The compromised information includes sensitive personal details like Social Security Numbers and Employer Identification Numbers. The company reported that several terabytes of data were stolen, and this incident follows a previous attack on LKQ last year.

Conduent revealed a cyberattack that may have compromised sensitive data of around 10 million individuals. The breach, linked to the SafePay ransomware group, lasted nearly three months and exposed various personal and health information, particularly affecting residents in states like Texas and Washington.

A data breach at Vitas Hospice exposed personal information of over 319,000 current and former patients, including names, addresses, and Social Security numbers. It's uncertain if the breach involved ransomware, as no group has claimed responsibility.

The OnSolve CodeRED emergency alert system experienced a ransomware attack by the Inc Ransom group, leading to significant disruptions and a data breach. Affected cities and law enforcement agencies reported an inability to send emergency notifications, prompting a swift response from OnSolve to transition customers to a new platform.

Ingram Micro reported that a July 2025 ransomware attack affected 42,521 employees and job applicants, exposing personal and employment-related data. The attack, claimed by the group SafePay, led to significant operational disruptions and customer dissatisfaction due to poor communication.

Kyowon Group, a major South Korean conglomerate, confirmed a ransomware attack that compromised customer data. The incident affected around 600 of its 800 servers, and while some data was stolen, the company has not confirmed if customer information was included. They are currently investigating the breach and working to restore services.

Logitech confirmed a data breach after being named a victim in the Cl0p ransomware attack related to Oracle's EBS vulnerabilities. The breach may involve limited employee and consumer data, but the company asserts that sensitive information like credit card details was not affected. Logitech does not expect significant financial repercussions from this incident.

The Richmond Behavioral Health Authority reported a ransomware attack that compromised the personal information of over 113,000 individuals. Stolen data includes names, Social Security numbers, and health information. The Qilin ransomware group has claimed responsibility for the attack.

Andy Frain Services, a security firm, revealed that a ransomware attack by the Black Basta group has affected over 100,000 individuals, with sensitive information likely compromised. The breach, discovered in October 2024, involved the theft of 750 GB of data, prompting the company to offer credit monitoring and identity restoration services to those impacted.

Manpower, a major staffing agency, has disclosed a data breach affecting nearly 145,000 individuals after attackers accessed its systems in late December 2024. The RansomHub ransomware group claimed responsibility for the attack, reportedly stealing around 500GB of sensitive data, including personal client information. In response, Manpower is enhancing its IT security and offering affected individuals free credit monitoring services.

DaVita, a leading kidney dialysis provider in the U.S., reported a ransomware attack that encrypted parts of its network and affected some operations over the weekend. The company activated response protocols to contain the incident and continues to provide patient care while investigating the breach's full scope, which may involve stolen patient data.

PowerSchool has reported that the hacker behind a December cyberattack is now extorting individual school districts, threatening to release stolen student and teacher data unless a ransom is paid. Despite previously paying a ransom to prevent such an incident, PowerSchool acknowledges that the threat actor has not kept their promise to delete the data, leading to renewed extortion attempts against affected schools.

Insight Partners has confirmed that a ransomware attack in January compromised the personal data of over 12,000 individuals, including employees and limited partners. The breach, initially described as a "sophisticated social engineering attack," involved unauthorized access to HR and finance servers, with details of the stolen data remaining undisclosed. The firm has since enhanced its security measures and offered credit monitoring to those affected.

A ransomware attack in Ohio has disrupted the operations of a local government agency, affecting over 45,000 residents. The attack has prompted an investigation and raised concerns about cybersecurity measures in place to protect sensitive information.

The Alcohol & Drug Testing Service (TADTS) has reported a data breach affecting approximately 750,000 individuals, following a ransomware attack in July 2024. Compromised data includes sensitive personal information such as Social Security numbers, financial details, and health insurance information.

The article discusses a ransomware attack targeting SimpleHelp, compromising its infrastructure and impacting users. This incident highlights the ongoing threats posed by ransomware and the importance of cybersecurity measures for businesses and service providers.

IdeaLab has confirmed that sensitive data was stolen during a ransomware attack last October, attributed to the Hunters International group. The breach affected current and former employees and contractors, with 137,000 files leaked on the dark web, prompting the company to offer identity theft protection to impacted individuals.

The Zurich-based non-profit health foundation Radix suffered a ransomware attack that compromised the data of several Swiss federal offices. The Sarcoma ransomware group released 1.3TB of stolen data on the dark web after ransom demands were ignored, although the Swiss National Cyber Security Center confirmed that Radix did not have direct access to federal systems.

Farmers Insurance has reported a data breach that compromised the personal information of more than one million individuals, including names, addresses, dates of birth, and Social Security numbers. The breach was discovered shortly after the data theft occurred, but it remains unclear whether a third-party vendor was involved in a ransomware attack.

Mainline Health Systems and Select Medical Holdings have reported data breaches affecting over 100,000 individuals. Mainline Health's breach was linked to the Inc Ransom ransomware group, while Select Medical's data exposure resulted from a security incident involving a former vendor.

The article delves into the Gentlemen ransomware, exploring its modus operandi and the tactics employed by its operators. It highlights the impact of such ransomware on victims and discusses the broader implications for cybersecurity and ransomware trends.

Medusa ransomware has been linked to a significant data breach at Comcast, exposing sensitive customer information. The breach highlights the increasing vulnerabilities of large corporations to cyberattacks and the need for enhanced security measures.

A ransomware attack on Business Systems House (BSH), a payroll provider previously working with Broadcom, resulted in the theft of employee data. Although Broadcom has since switched payroll providers, the breach exposed sensitive information of current and former employees, prompting notifications and security recommendations from the company and its former payroll partner ADP.

The Rhysida ransomware group claims to have stolen 2.5 TB of files from the Oregon Department of Environmental Quality (DEQ) after the agency denied any evidence of a data breach. Following a cyberattack that disrupted various services, the hackers threatened to auction the stolen data unless a ransom of 30 bitcoin ($2.5 million) is paid.

DaVita, a kidney dialysis firm, has confirmed that it was the victim of a ransomware attack that compromised the personal data of approximately 2.7 million individuals. The breach has raised significant concerns regarding the protection of sensitive health information and the potential consequences for those affected.

Data I/O, a technology manufacturer, has reported a ransomware incident that has caused operational outages, though the full impact of the breach remains unclear. The company recently posted a decrease in sales, reflecting challenges it faces amidst the ongoing cybersecurity threats affecting multiple organizations.

Over 103,000 individuals have been impacted by a data breach at Cornwell Quality Tools, a tool manufacturer based in Ohio. The Cactus ransomware group claimed responsibility for the attack, which involved the publication of sensitive materials, including corporate documents and driver's license copies. This incident follows a previous attack by the Hive ransomware gang in 2022.

Hellcat ransomware has been found targeting firms by stealing Jira credentials, leading to significant data breaches. The malware is designed to extract sensitive information and poses a serious threat to organizations that rely on Jira for project management and collaboration. Cybersecurity experts are urging companies to enhance their defenses against such sophisticated attacks.

SatanLock ransomware has ceased its operations, marking an end to its activities after a significant data breach that had compromised sensitive information. The cybercriminal group has reportedly begun leaking the stolen data, raising concerns about the potential impact on affected organizations and individuals.

Ahold Delhaize confirmed that a ransomware attack led to the theft of sensitive data from its internal systems, with attackers claiming to have exfiltrated 6 TB of information. The company has restored its operations but is working to assess the impact of the breach and notify affected individuals.

A ransomware attack on Swedish IT supplier Miljödata has left 200 municipalities offline, with the attackers demanding a ransom of 1.5 Bitcoin (approximately $168,000). The disruption highlights the risks of centralized IT services, as sensitive data may have been accessed and critical local government operations have been severely impacted. Sweden's Minister for Civil Defence has indicated that new cybersecurity legislation may be on the horizon in response to the incident.

Young Consulting, now operating as Connexure, has reported that over 1 million individuals were affected by a data breach attributed to a ransomware attack by the BlackSuit group. The breach, which occurred between April 10 and 13, 2024, compromised sensitive data including Social Security numbers and insurance information, with the victim count being updated multiple times since the incident. The company is offering credit monitoring and identity theft restoration services to those affected.

Over 160,000 individuals were affected by a data breach at Wayne Memorial Hospital in Georgia, where hackers stole sensitive personal information, including Social Security numbers and financial data. The breach occurred between May 30 and June 3, 2024, during which ransomware was used to compromise the hospital's network. WMH is offering affected individuals 12 months of free credit monitoring and identity theft protection services.

Legends International has informed customers and employees of a data breach resulting from a cyberattack. Compromised information includes personally identifiable information such as Social Security numbers, dates of birth, and payment details, although the specifics of the attack and the number of affected individuals remain unclear.

NASCAR confirmed that personal information, including names and Social Security numbers, was stolen during a ransomware attack that occurred between March 31 and April 3, 2025. The Medusa ransomware group has claimed responsibility, demanding a $4 million ransom for the return of the stolen data, while NASCAR offers impacted individuals credit monitoring services.

Pharmaceutical firm Inotiv has reported a ransomware attack, with the Qilin Group claiming responsibility for the breach. The incident has raised concerns about the security of sensitive data within the healthcare sector.

Humac, a leading Apple reseller in the Nordics, has been listed on the Kraken ransomware group's dark web site, with claims of stolen financial and customer data. Cybernews researchers have verified that the leaked data sample appears legitimate, raising concerns about the impact on the company's operations.

Lee Enterprises reported that a recent ransomware attack impacted nearly 40,000 individuals, compromising personal information such as names and Social Security numbers. The company is offering affected individuals 12 months of free credit monitoring and identity protection services following the breach.

The LockBit ransomware gang experienced a data breach that resulted in their dark web affiliate panels being defaced and a MySQL database dump being released, revealing sensitive information including negotiation messages with victims and plaintext passwords of affiliates. The breach potentially undermines the gang's reputation further following previous law enforcement actions against them. The incident highlights ongoing vulnerabilities within ransomware operations.

A ransomware attack has compromised the US healthcare sector, impacting organizations such as AOA, DaVita, and Bell Ambulance. These breaches have raised concerns regarding the security of patient data and the potential disruption to healthcare services. The situation underscores the growing threat of cyberattacks on critical infrastructure in the healthcare domain.

Nova Scotia Power confirmed a ransomware attack that compromised the personal and financial information of approximately 280,000 customers, including details such as names, addresses, and bank account numbers. The company has stated that it did not pay the ransom and is working with cybersecurity experts to assess the breach, while also warning customers about potential phishing attempts following the incident.

A ransomware gang has claimed responsibility for a cyberattack on Kettering Health, a healthcare provider in Ohio. The breach has raised concerns about the security of sensitive patient data and highlights the ongoing threat of ransomware attacks in the healthcare sector.

Sensata Technologies has reported a ransomware attack that compromised personal information of its employees after hackers accessed the network for over a week. The stolen data includes sensitive details such as Social Security numbers, financial account information, and medical records, affecting at least 362 residents in Maine.

Hitachi Vantara took its servers offline to contain an Akira ransomware attack that disrupted some of its systems and affected multiple government projects. The company is working with cybersecurity experts to investigate the incident and restore services while confirming that its cloud services remain unaffected. The Akira ransomware operation, which has targeted numerous organizations globally, was identified as the source of the breach.

Landmark Admin and Young Consulting have reported data breaches affecting approximately 2.6 million individuals. Landmark Admin's ransomware attack compromised sensitive personal information of over 1.6 million people, while Young Consulting updated its breach impact to over 1 million, revealing unauthorized access to personal data.

A cybercriminal group, J Group, claims to have breached FAI Aviation Group, a German charter operator, leaking approximately 3TB of sensitive data including patient information, employee records, and internal documents. The breach raises concerns about identity theft and potential misuse of the leaked information, particularly in the context of the company's medical services.

A new ransomware strain named KillSec is targeting healthcare institutions in Brazil, compromising their systems and demanding ransoms. The attacks have raised concerns about the security of sensitive patient data and the operational integrity of healthcare services amidst the ongoing pandemic. Authorities are urging institutions to bolster their cybersecurity measures to combat these threats.