The Royal and BlackSuit ransomware gangs, believed to be successors of the Conti syndicate, have compromised over 450 U.S. organizations since 2022, collecting more than $370 million in ransom payments.

Columbia University has disclosed a significant data breach that compromised the sensitive information of 868,969 individuals, including current and former students, employees, applicants, and their family members.

Bouygues Telecom, France’s third-largest mobile operator, has confirmed a significant cyberattack that compromised the personal data of approximately 6.4 million customer accounts.

Air France and KLM have disclosed a data breach resulting from unauthorized access to a third-party customer service platform. The breach exposed limited customer data but did not compromise sensitive information such as passwords or payment details.

Google has confirmed a data breach involving one of its Salesforce instances, attributed to the threat actor group UNC6040, linked to the notorious ShinyHunters. The attackers accessed contact information and related notes of SMB customers.

DaVita suffered a ransomware-related cyberattack that compromised the personal and clinical data of over 900,000 individuals. The Interlock ransomware group claimed responsibility, alleging the theft of 1.5 TB of data.

A significant data breach has occurred at Florida-based data solutions provider IMDataCenter, exposing over 38GB of sensitive personal and client data due to a misconfigured Amazon Web Services (AWS) S3 bucket.

PEAR (Pure Extraction and Ransom) ransomware group claimed responsibility for a data breach at Think Big Health Care Solutions, a healthcare management firm based in Florida. The group alleges it exfiltrated 60 GB of sensitive data in June 2025

TeaOnHer, a male-oriented app mimicking the viral Tea app, has exposed sensitive user data including government-issued IDs and selfies. The app suffers from multiple security flaws that put its 53,000 users at risk.

KLM Royal Dutch Airlines has confirmed a data breach involving a third-party system that exposed customer data from previous interactions with its customer service team. Affected users, including frequent flyers, were notified via email.