Indian Springs School District 109, located in Justice, Illinois, disclosed a ransomware attack that compromised the personal data of 11,542 individuals. The breach is attributed to the RansomHub ransomware group.

The Lorain County Auditor’s Office in Ohio was targeted by the Global ransomware group in a cyberattack that occurred on May 27. Global RaaS)group, has claimed responsibility and alleges possession of private data, including bank account information.

Dordt University has notified 34,251 individuals of a data breach stemming from a ransomware attack by the BianLian group. The breach occurred between April 21 and May 16, 2024, but notifications were only issued in July 2025—14 months later.

The Pierce County Library System (PCLS) has notified 336,826 individuals of a ransomware attack by the Inc group in April 2025, which exposed names and dates of birth. Inc posted images of stolen driver’s licenses, passports, and internal documents.

IES Communications, a U.S.-based IT contractor, has disclosed a ransomware attack that compromised sensitive data of 6,241 employees. The attack has been attributed to the Chaos ransomware group, which claims to have exfiltrated 1 TB of data.

The breach affected 34,498 individuals and compromised sensitive data such as names, Social Security numbers, addresses, dates of birth, state-issued ID numbers, medical treatment details, and health insurance information.

The City of Coppell, Texas, has notified 16,835 residents of a data breach following a ransomware attack in October 2024. The breach exposed sensitive personal data, including Social Security numbers.

Estes Forwarding Worldwide experienced a ransomware attack on May 28, 2025. The Qilin ransomware gang claimed responsibility, posting stolen documents including passport scans, driver’s licenses, and spreadsheets.

Mainline Health Systems has begun notifying 101,104 individuals of a data breach stemming from a ransomware attack that occurred in April 2024. The breach compromised sensitive data including Social Security numbers.

The ransomware group Play has claimed responsibility for a cyberattack on Dairy Farmers of America, the largest dairy cooperative in the U.S. The attack disrupted multiple manufacturing plants and allegedly resulted in the theft of sensitive data.