DragonForce, a ransomware group operating under a Ransomware-as-a-Service (RaaS) model, has claimed responsibility for a data breach targeting Belk, a North Carolina-based department store chain.

Indian Springs School District 109, located in Justice, Illinois, disclosed a ransomware attack that compromised the personal data of 11,542 individuals. The breach is attributed to the RansomHub ransomware group.

The Lorain County Auditor’s Office in Ohio was targeted by the Global ransomware group in a cyberattack that occurred on May 27. Global RaaS)group, has claimed responsibility and alleges possession of private data, including bank account information.

Dordt University has notified 34,251 individuals of a data breach stemming from a ransomware attack by the BianLian group. The breach occurred between April 21 and May 16, 2024, but notifications were only issued in July 2025—14 months later.

Louis Vuitton, the flagship brand of French luxury conglomerate LVMH, has confirmed a cyber-attack targeting its UK operations, resulting in the unauthorized access and theft of customer data.

The Pierce County Library System (PCLS) has notified 336,826 individuals of a ransomware attack by the Inc group in April 2025, which exposed names and dates of birth. Inc posted images of stolen driver’s licenses, passports, and internal documents.

Bitcoin Depot has disclosed a data breach affecting nearly 27,000 customers. The breach exposed sensitive personal information typically collected during Know-Your-Customer (KYC) verification processes

Nippon Steel Solutions disclosed a data breach resulting from a zero-day attack on its network equipment. The breach led to unauthorized access and potential leakage of personal data belonging to customers, partners, and employees.

A critical security vulnerability in McDonald’s AI-powered hiring platform, McHire.com, exposed the personal data of millions of job seekers. The breach was caused by the use of the weak password “123456” for administrative access.

A significant data exposure incident has been uncovered involving Rockerbox, a Texas-based tax credit consultancy. The exposure involved 245,949 records totaling 286.9 GB of data, including highly sensitive personal and financial information.