A ransomware attack by the Qilin cybercrime group in June 2024 targeted Synnovis, a pathology services provider for the NHS, resulting in the exposure of highly sensitive medical data of over 900,000 patients.

A ransomware attack targeting the state of Nevada was traced back to a malware-laced tool downloaded by a state employee from a spoofed website. The attack, which culminated in ransomware deployment on August 24, impacted over 60 state agencies.

A data breach has impacted the TISZA Világ service resulting in the exposure of nearly 200,000 user records. The breach, which occurred in October 2025, has led to the widespread redistribution of sensitive personal data online.

The U.S. Congressional Budget Office (CBO) has confirmed a cybersecurity incident involving unauthorized access to its network, suspected to be the work of a foreign threat actor.

The University of Pennsylvania has confirmed a significant data breach involving the compromise of internal systems related to development and alumni activities. The breach resulted in the theft of sensitive donor data and internal documents.

SonicWall has confirmed that a September 2025 security breach involving its MySonicWall cloud backup service was the result of a sophisticated attack by a state-sponsored threat actor.

Hyundai AutoEver America (HAEA) has disclosed a data breach involving unauthorized access to its IT environment. The breach affected HAEA’s internal systems, potentially compromising the personal data of individuals associated with the company.

A recent data breach at Japanese media conglomerate Nikkei has compromised the personal information of 17,368 individuals, including employees and business partners, following unauthorized access to its Slack messaging platform.

A significant data breach at Swedish IT systems supplier Miljödata has compromised the personal data of approximately 1.5 million individuals. The breach is attributed to the threat actor Datacarry.

A major exploit targeting the decentralized finance (DeFi) protocol Balancer has resulted in the theft of over $120 million in cryptocurrency, with at least $99 million in ETH alone. The attack exploited faulty access control mechanisms.