The Salvation Army has disclosed a data breach incident from May 2025, attributed to the Chaos ransomware group. The breach resulted in the unauthorized access and exfiltration of sensitive personal data.

West Chester Township officials on August 12 announced they had isolated and contained a cybersecurity breach. PEAR claimed responsibility for the attack on August 15, 2025, saying it stole 2 TB of data.

Legacy Treatment Services, a New Jersey-based nonprofit healthcare provider, disclosed a ransomware attack affecting 41,826 individuals. The breach, attributed to the Interlock group, exposed extensive personal, financial, and medical data.

The Computer Merchant, an IT staffing firm based in Norwell, Massachusetts, has disclosed a data breach affecting 34,127 individuals. The breach, attributed to the Play ransomware group, exposed sensitive personal data.

Aspire Rural Health System has disclosed a ransomware attack impacting 138,386 individuals. The breach, attributed to the BianLian group, exposed sensitive medical and financial data.

Static analysis flagged embedded third-party SDKs, such as Baidu Analytics and Location SDKs, using known package signatures and API calls. These SDKs were intentionally bundled, indicating deeper integration with Chinese infrastructure.

Muscogee County School District in Georgia has notified 34,056 individuals of a ransomware-related data breach that exposed names, SSNs, and bank account details. The attack allegedly resulted in the theft of 382 GB of data.

On August 8, 2025, Inotiv, a U.S.-based drug research firm, disclosed a ransomware attack in an SEC filing. The Qilin ransomware group claimed responsibility, stating it exfiltrated 176 GB of sensitive data.

Optima Tax Relief has notified 3,114 individuals of a data breach that occurred in May 2025, compromising SSNs and financial account details. The Chaos ransomware group has claimed responsibility, asserting it exfiltrated 69 GB of data.

The Interlock ransomware gang has claimed responsibility for a cyberattack on Box Elder County, Utah, which occurred on August 6, 2025. The group alleges it exfiltrated 4.5 TB of data, amounting to approximately 2.1 million files.