Qdos, a UK-based business insurance and employment status specialist serving tech contractors, has confirmed a data breach involving unauthorized access to one of its web applications, mygoqdos.com.

Morgan County 911, based in Decatur, Alabama, confirmed a ransomware attack by the Qilin group in May 2025. While administrative systems were disrupted, critical dispatch operations remained unaffected.

NASCAR experienced a data breach. The Medusa ransomware group claimed responsibility, demanding a $4 million ransom with a deadline around April 19. The breach exposed names and Social Security numbers of an undisclosed number of individuals.

North Providence, Rhode Island, has disclosed a ransomware attack that compromised the personal data of 1,804 individuals. The Medusa ransomware group claimed responsibility and demanded a $100,000 ransom.

The AMEOS Group, a Swiss-owned healthcare provider operating over 100 hospitals across Europe, has suffered a significant cyberattack, prompting a complete shutdown of its IT systems.

A significant data exposure incident has been identified involving the cybercrime forum Leak Zone, which inadvertently leaked the IP addresses and login timestamps of its users due to a misconfigured Elasticsearch database.

France Travail, the French employment agency, experienced a data breach affecting approximately 340,000 jobseekers. The initial access vector was an infostealer malware that compromised a user account associated with a training organization.

A significant data breach has impacted global fashion brand SABO, exposing over 3.5 million customer records due to a misconfigured and unsecured database. The breach poses serious risks of phishing, social engineering, and financial fraud.

A ransomware group known as Lynx has claimed responsibility for a cyberattack on gaming PC manufacturer iBUYPOWER and its sister brand HYTE. The attack disrupted several internal systems and has been listed on Lynx’s data leak site.

Farnsworth Intelligence is offering access to data stolen by infostealer malware, claiming legality by sourcing it via a third-party vendor. The $50 entry-level version operates on a credit-based model.