Academic Urology & Urogynecology of Arizona has notified over 73,000 individuals of a data breach that compromised sensitive personal, financial, and medical information. The breach is attributed to the ransomware group Inc.

A critical security vulnerability at DavaIndia Pharmacy exposed customer data and allowed unauthorized administrative access. The flaw was due to an exposed admin subdomain, which permitted unauthenticated access to super-admin APIs.

Eurail B.V. has confirmed a data breach where sensitive traveler information is now for sale on the dark web. A sample of this data has been published on Telegram, highlighting the immediacy and visibility of the threat.

Figure Technology Solutions, a US-based fintech firm known for its blockchain-based HELOCs and other lending products, has disclosed a data breach following a phishing attack on an employee.

Canada Goose is investigating a data leak involving over 600,000 customer records, allegedly stolen by the data extortion group ShinyHunters. The company has stated that there is no evidence of a breach in their systems.

Odido, a major telecommunications provider in the Netherlands, has experienced a significant data breach affecting 6.2 million customers. The breach exposed various personal data.

The Qilin ransomware gang exfiltrated nearly 1TB of sensitive data from Conpet S.A., including financial records, passport scans, and personal information such as names, postal addresses, personal identification numbers, and bank account numbers.

A significant data breach at ApolloMD, a Georgia-based healthcare provider, occurred between May 22 and May 23, 2025, compromising the sensitive information of 626,540 individuals. The breach was executed by the Qilin ransomware gang.

A significant data breach at Conduent has impacted over 25 million individuals, including 17,000 employees of Volvo Group North America. The breach exposed sensitive personal data, making it one of the largest breaches in recent history.

A cyber incident in Poland's energy sector targeted OT and ICS systems, affecting renewable energy plants, a combined heat and power plant, and a manufacturing company. The attack exploited vulnerable edge devices.