Editor's Message

Welcome to DBD. Cybercrime made global headlines in 2025. Attacks on well-known brands and organisations raised public awareness of the severity, frequency and impact of cyber attacks. Ransomware attacks were the highest ever recorded, and 2026 could be worse, as cyber criminals continue to extort their victims, with little chance of being brought to justice. It's a dangerous world out there, so please be extra vigilant and mindful of the risks and threats. Wishing you all the best for the New Year. Thanks again for all your support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.

Thursday, 22 January 2026

Ransomware Operator Claims - Week 3 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 12th January and 18th January 2026, kindly assisted by our partners.

DBD discovered and researched 150 Ransomware Victims over 32 Countries and Islands claimed by 23 Data-Leaking Ransomware Operators, including 1 Newly Discovered Ransomware Operator last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels:

Monday, 19 January 2026

Data Breaches Digest - Week 4 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 19th January and 25th January 2026.


22nd January

Attackers Continue to Target Trusted Collaboration Platforms: 12,000+ Emails Target Teams Users

Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations

BuyLottoOnline Investigating Alleged Data Breach Involving 38,000 User Records

Cambodian Voice Phishing Convict's Sentence Reduced to Eight Years

Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex

Cisco Patches Zero-Day Flaws Amid Chinese Hacker Exploits in 2026

Coupang Controversy: U.S. Investors Challenge South Korea Over Data Breach Fallout

Coupang investors call for U.S. probe of Seoul government's response to data breach

Coupang investors seek US probe over Korea's handling of data leak

Coupang Investors Want US to Investigate eCommerce Firm’s Data Breach

Credit Glory Data Breach Exposes 500k Customer Records

Critical Appsmith Flaw Enables Account Takeovers

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

Daedong-USA confronts US data-breach fallout and right-to-repair pressures

Dark Web Profile: Anubis Ransomware

Department of Justice (DOJ) Says Ransomware Gangs Used $1.2 Billion in Crypto to Fund Global Operations

Domain spoofing used in 90 percent of top phishing attacks

Energy sector orgs targeted with AiTM phishing campaign

Europe's GDPR cops dished out €1.2 Billion in fines last year as data breaches piled up

European Space Agency's cybersecurity in freefall as yet another breach exposes spacecraft and mission data

Exposed training apps are showing up in active cloud attacks

Fortinet Admins Report Active Exploits on “Fixed” FortiOS 7.4.9 Firmware

Gran Cursos Online Data Breach Exposes 570k User Records

Greek Police Arrest Scammers in Athens Using Fake Cell Tower for SMS Phishing Operation

Greek police bust car‑trunk cell tower scamming phones across Athens

Hackers Are Using LinkedIn DMs and PDF Tools to Deploy Trojans

Hackers breach Fortinet FortiGate devices, steal firewall configs

High-Profile Data Breach in Australia Sparks Renewed Push for Stronger Privacy Law Enforcement

How a hacker turned AI slop into VoidLink, a powerful new Linux malware

How to stop iPhone apps from tracking you (and why you shouldn't wait to do it)

INC ransomware operational security fail allowed data recovery for 12 US organizations

Ingram Micro Data Breach Affects Over 42,000 People After Ransomware Attack

Ireland proposes new law allowing police to use spyware

Jordan used Cellebrite phone-hacking tools against activists critical of Gaza war

LastPass Backup Phishing Campaign Exposed: Deceptive Requests Target Password Vaults

LastPass ‘create backup’ email is a phishing scam targeting your master password

LastPass “create backup” email is a scam, the company warns

LastPass Warns of Fake Maintenance Messages Tricking Users Into Stealing Master Passwords

LastPass Warns of Phishing Campaign Attempting to Steal Master Passwords

LastPass Warns of Phishing Campaign Targeting Its Customers

Linux users targeted: hackers invade Snap packages with crypto-stealing malware

Luxshare ransomware attack puts Apple, Nvidia data at risk

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

Menulux Data Breach Exposes 93,000 Customer Records

Microsoft tops phishing hit list as cybercriminals hunt login credentials

Mid-Sized Manufacturers Lead Ransomware Spike

Minnesota: Over 300,000 Impacted By MnCHOICES Program Data Breach

New ClickFix Campaign Exploits Fake Verification Pages to Hijack Facebook Sessions

New Osiris ransomware reveals sophisticated tactics and experienced attackers

One in Ten UK Businesses Fear They Would Not Survive a Major Cyberattack

One in ten UK businesses say a major cyber attack could shut them down

One in Ten UK Firms “Wouldn’t Survive” a Cyber-Attack

Over 160,000 Companies Notify Regulators of GDPR Breaches

PcComponentes denies data breach, confirms credential stuffing attack on customer accounts

PcComponentes Incident Was a Credential Stuffing Attack Using Infostealer Logs

Pentest tools left online are allowing hackers to exploit Fortune 500 firms

Phishing from risky URLs now top digital threat in The Philippines

Protecting HR & payroll from cyber-attacks in 2026 and beyond

QR Code Phishing Emails Surge Globally

RansomHub Ransomware breach exposes sensitive Apple Inc Data

Ransomware negotiators are one step away from the Wild West, with no rules of any kind

RealHomes CRM Plugin Flaw Affected 30,000 WordPress Sites

ReliaQuest Uncovers Social Media Phishing Campaign Built on Trusted Tools

Republic.com Alleged Data Breach Exposes 4.9 Million Users

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

Social Security numbers may have been exposed in data breach connected to Ohio car dealership

South Korea: Gwangju Prosecutors Lose Seized Bitcoin in Phishing Attack

South Korea: Gwangju prosecutors lose seized bitcoin in suspected phishing theft

South Korea: Phishing Suspect's Text Leads to Own Arrest

South Korea: Police Officer's Instinct Nabs Voice Phishing Suspect at ATM

South Korea: Supreme Prosecutors' Office to Punish Cambodian Fraud Suspects

South Korean Prosecutors Lose $48 Million in Seized Bitcoin to Phishing Scam

Spanish e-retailer PcComponentes denies report it was hacked

The internet’s oldest trust mechanism is still one of its weakest links

Third-party data breach prompts patient alert at Jupiter Medical Center

Top PC components store denies data breach - PcComponentes says it is safe, despite hacker claims

UK Executives Warn They May Not Survive a Major Cyber-Attack, Vodafone Survey Finds

Under Armour Ransomware Attack Exposes 72 Million Email Addresses

Under Armour says it’s ‘aware’ of data breach claims after 72 Million customer records were posted online

Understanding phishing threats is vital

Venezuela Domain Surge Signals Geopolitical Cyber Activity of Opportunistic Threat Actors Looking to Steal PII and Financial Data

VoidLink Malware Puts Cloud Systems on High Alert With Custom Built Attacks

We’ve Reached the “Customers Want Security” Stage, and AI Is Listening

Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure

Zoom and GitLab Patch RCE, DoS, and 2FA Bypass Vulnerabilities

21st January

60% of cyberattacks on logistics start with an email you nearly clicked

A new LinkedIn phishing scam is targeting executives online - make sure you don't fall for this

Afghan government offices subjected to phishing campaign

Afghan Government Workers Targeted with Phishing Lures in Nomad Leopard Campaign Delivering FalseCub Malware

AI phishing: How scammers use artificial intelligence to trick you

Alleged Ransomware Attack on Apple’s Second-Largest Manufacturer Luxshare - Confidential Data Exposed

Apple Supplier Luxshare Allegedly Hit by Ransomware, Customer R&D Data Leaked

Aultman Health System facing class action lawsuit over newly revealed data breach

BBSRadio Data Breach Exposes User Emails and IDs

Better Business Bureau (BBB) Alert: How the X Phishing Scam Locks Accounts and Pushes Fake Crypto Deals

Better Business Bureau (BBB) warns of X phishing scam locking accounts and pushing crypto

BHG Financial Data Breach Exposes Social Security Numbers

Black Basta Ransomware Group Exposed in Europe, Russian Leader Is Now Among EU’s Most Wanted

Black Basta’s alleged ringleader identified as authorities raid homes of other members

Britain International Academy Source Code Leak and Secrets Exposure

Cambodian scam mastermind finally arrested after being exposed years ago

Carlsberg Event Wristband Leaked PII, Researcher Told Not to Disclose

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

Chainlit AI framework bugs let hackers breach cloud environments

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

Cisco fixes Unified Communications RCE zero day exploited in attacks

Columbia Medical Data Breach Exposes Social Security Numbers

Critical Cloudflare flaw allowed hackers to reach web servers directly

Critical Vulnerability in Advanced Custom Fields: Extended Plugin Puts 100,000 WordPress Sites at Risk

Crooks impersonate LastPass in campaign to harvest master passwords

CSEA Local 1000 Data Breach Affects 47,352 Members Exposing Social Security Numbers

Cyber attack would put one in 10 firms out of business

Cyber attack would wipe out over 10% of UK businesses

Cyber Resilience in Healthcare: Lessons from 2025 and Priorities for 2026

Cybercriminals speak the language young people trust

Don't click on the LastPass 'create backup' link - it's a scam

EU Unveils Cybersecurity Overhaul with Proposed Update to Cybersecurity Act

Evelyn Stealer campaign weaponizes Microsoft’s Visual Studio Code ecosystem

Everest ransomware gang said to be sitting on mountain of Under Armour data

Everest Ransomware Group Allegedly Claims Breach of McDonald’s India Systems

Everest ransomware group claims McDonald’s India data breach

Expert Insight on Under Armour’s Exposed Customer Data

Experts Welcome Global Cybersecurity Vulnerability Enumeration Launch

Eye on Scams: Social media password reset phishing email scams

Fake Lastpass emails pose as password vault backup alerts

FBI warns QR code phishing used in North Korean cyber spying

Fortinet admins report patched FortiGate firewalls getting hacked

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718

GitLab warns of high-severity 2FA bypass, denial-of-service flaws

Greek police arrest scammers using fake cell tower hidden in car trunk

GrubHub Data Breach: Hackers Steal Data & Demand Ransom

Hackers exploit security testing apps to breach Fortune 500 firms

Hackers Weaponize 2,500+ Security Tools to Disable Endpoint Defenses Before Ransomware Attacks

Hackers Weaponized 2,500+ Security Tools to Terminate Endpoint Protection Before Deploying Ransomware

Hacktivists Became More Dangerous in 2025

Have I Been Pwned (HIBP) adds alleged Under Armour data breach impacting 72 million emails

Hopeful Co Ltd Data Breach Exposes 158k Customer Records

India’s breach brief: 5 structural security failures CISOs can no longer ignore

Ingram Micro admits 42,000 people impacted by ransomware attack

Ingram Micro Data Breach Exposes Sensitive Information of Over 40,000 People

Iranian TV Transmission Hacked With Message from Exiled Prince

Jupiter Medical alerts patients after third party data breach exposes health records

Jupiter Medical Center alerts patients to Cerner data breach affecting personal health records

Key Apple supplier suffers data breach that could expose confidential product files

LastPass issues alert as customers targeted in new phishing campaign

LastPass Users Targeted With Backup-Themed Phishing Emails

LastPass warns backup request is phishing campaign in disguise

LastPass Warns of Fake Maintenance Message Tracking Users to Steal Master Passwords

LastPass Warns of Fake Maintenance Messages Targeting Users' Master Passwords

LastPass warns of phishing campaign targeting vault credentials

LastPass warns of vault backup phishing emails

LastPass warns users of new phishing campaign sending out fake support messages

Lawsuit Filed After 320,000 Impacted by Monroe University Breach

Legal Aid Agency cyber-attack: what we know now

LinkedIn DM phishing campaign targets high-value execs with weaponized file downloads

LinkedIn Phishing Abuses DLL Sideloading for Persistent Access

Linux users targeted by crypto thieves via hijacked apps on Snap Store

Lumu 2026 Compromise Report Finds Key Trends Across Anonymizers, Droppers and Downloaders, Infostealers, and Ransomware Attack Vectors

Luxembourg state websites briefly disrupted by cyber attack

Luxury Doncaster hotel warns guests over WhatsApp scam after data breach

MacMulkin Chevrolet Data Breach: 1.4 Million Customer Records for Sale

Maine health system confirms data breach impacted 145K as lawyers ponder options

Major data breach could expose Apple secrets

McDonald’s India Faces Massive Data Breach from Ransomware Attack

McDonald’s India hit by alleged Everest ransomware attack

Minnesota DHS Announces Significant IT System Data Breach, Over 300,000 Affected

Monroe University Data Breach Exposes Information of About 320,000 People

More than 300 data breaches at North East Ambulance Service

Munson Healthcare data breach affects over 100,000 patients

Music streaming platform Raaga confirms data breach exposing personal information of 10.2 million users

National Cyber Security Centre (NCSC) Warns of Rising Russian-Aligned Hacktivist Attacks on UK Organisations

New Android malware uses AI to click on hidden browser ads

New EU Vulnerability Platform GCVE Goes Live, Reducing Reliance on Global Systems

New Research Exposes Critical Gap: 64% of Third-Party Applications Access Sensitive Data Without Authorization

New York union breach: 47K members’ SSNs exposed in May 2025 hack

North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews

North West Ambulance Service explains rise in data breaches

November 2025 Healthcare Data Breach Report

One in ten UK businesses unlikely to survive major cyber attack

Online retailer PcComponentes says data breach claims are fake

OnlineSkills Data Breach Exposes 1.5 Million Records

Over 10% of UK businesses unlikely to survive a Cyber Attack

Pakistan: Punjab Safe Cities Authority (PSCA) Continues Action Against Fake, Phishing E-challan Websites

Pakistan: Punjab Safe Cities Authority (PSCA) Launches Crackdown Against Fake & Phishing e-Challan Websites

Pakistan: Safe Cities Authority cracks down on fake e-challan websites, blocks over 100 phishing domains

ParkWhiz Alleged Data Breach Exposes 1.6 Million User Records

Patients file class-action suit against Aultman over data breach

Peruvian Loan Scam Harvests Cards and PINs via Fake Applications

Pharma corporation leaks 8 Million+ messages, employee records

Phishing and Spoofed Sites Remain Primary Entry Points For Olympics

Phishing Campaign Zeroes in on LastPass Customers

Phishing Scam Uses Fake PNB MetLife Payment Gateway for UPI Fraud Targeting Policyholders

Pro-Russian hacktivist campaigns continue against UK organizations

Protected Health Information Compromised in Middlesex Sheriff’s Office Data Breach

RansomHub claims alleged breach of Apple partner Luxshare

RansomHub Ransomware Hits Apple Supplier Luxshare, Steals 1TB of Unreleased Product Data

Ransomware Attackers Target Enterprises Adopting GenAI

Ransomware attacks showed a 45 percent increase in 2025

Ransomware Doesn't Need to Lock Your Files Anymore - Here's Why That's Terrifying

Ransomware is on the rise. Again

Ransomware Victims and Threat Groups Surge to Record Levels

Remote Code Execution (RCE) flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045)

Report Fraud Promises to Streamline Fight Against Economic Crime

Researchers Uncovered LockBit’s 5.0 Latest Affiliate Panel and Encryption Variants

Risk of AI Model Collapse to Drive Zero Trust Data Governance

Russian APT28 Cyber Attacks German Air Traffic Control

Scammers Are Targeting Your Verizon Outage Refund

South Western Ambulance Service data breaches cost £32,375 since 2022

The Email Insider Threat Has Evolved in the Era of Generative AI

The thin line between saving a company and funding a crime

Two Unique DHS Cyber Incidents Exposed 1 Million People’s Data

UAE’s Telecommunications and Digital Government Regulatory Authority (TDRA) warns against rising phishing scams on social media

UK ambulance data breaches surge past 4,000 in three years

Under Armour customers exposed: hackers post 72.7 million emails with purchase histories

Use LastPass? Watch Out for This Email Phishing Scam

UStrive Mentorship Platform Security Breach Exposes Sensitive User Data, Including Children

Valley Family notifies patients of data breach with third-party vendor

Verizon Outage Triggers Phishing Scams for Fake $20 Credits

Vodafone Business Survey Shows Staff Phishing Vulnerability Poses Major Threat

VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code

VoidLink Linux Malware Was Built Using an AI Agent, Researchers Reveal

Wholesale and Retail Sector Faces Critical Supply Chain Risks, Black Kite TPRM 2026 Report Says

Will the Next Data Breach Cost You Your Freedom, Not Just Your Bonus?

You Got Phished? Of Course! You're Human...

Zendesk ticket systems hijacked in massive global spam wave

Zimbabwe Republic Police (ZRP) Issues Red Alert on EcoCash Scams: Are Warnings Enough to Stop the Phishing Wave?

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws

20th January

750K investors’ income exposed after phishing attack hit Canadian Investment Regulatory Organization (CIRO)

ACF plugin bug gives hackers admin on 50,000 WordPress sites

Adapt Integrated Health Care reports data breach at vendor, assures patient info safety

AI Supercharges Attacks in Cybercrime's New 'Fifth Wave'

APT-Grade PDFSider Malware Used by Ransomware Groups

Badr Satellite Breach Disrupts Iranian State TV, Protest Footage Broadcast

Canadian Investment Regulatory Organization (CIRO) Reports Data Security Incident Affecting 750,000 Canadian Investors

Chainlit Security Flaws Highlight Infrastructure Risks in AI Apps

ClickFix to CrashFix: KongTuke Used Fake Chrome Ad Blocker to Install ModeloRAT

Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers

Cloudflare Zero-Day Let Attackers Bypass WAF via ACME Certificate Validation Path

Cyber Risks Among CEOs’ Top Worries Amid Weak Short Term Growth Outlook

Cyber Warfare in Iran Amid Public Unrest, Government Bans, and Geo-Political Tensions

Cybersecurity Firm Detects a Wave of Crypto Phishing Following BlockFi Bankruptcy

Data Breach at Appalachian Community FCU Exposes Sensitive Member Information

Data of 42,000 people stolen in ransomware attack at Ingram Micro

Dutch police trick thousands into buying fake football and Lady Gaga tickets

Early warning: Australia’s critical infrastructure is not ready for a drone-enabled cyber attack

Ethereum surge tied to address poisoning scams after Fusaka upgrade

EU Launches GCVE to Track Vulnerabilities Without Relying on US

EU plans cybersecurity overhaul to block foreign high-risk suppliers

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Evelyn Stealer Malware Targets Software Developers via Visual Studio Code Extensions

Everest Group Data Breach Hits McDonald’s India, ASRock Rack & Others

Everest Ransomware Claims McDonalds India Breach Involving Customer Data

Finnish data breach exposed thousands of patients

FirstFruits Farms Data Breach Affects 6,335 Residents of Washington, Exposing SSN

Gemini AI assistant tricked into leaking Google Calendar data

Google Gemini Prompt Injection Flaw Exfiltrated Private Data via Calendar Invites

Hackathon Projects Show AI Wellness Apps Can Leak Sensitive User Info

Hacker exploits One-Time Password (OTP) flaw at AliExpress Korea, diverts 8.6 billion won

Hackers claim McDonald’s breach as leaked files deadline nears

Hackers target Afghan government workers with fake correspondence from senior officials

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

How the Food and Beverage Industry Can Mitigate Ransomware Attacks

Ingram Micro data breach affects 42,000 individuals

Ingram Micro Ransomware Attack by SafePay Exposes 42,000 Employee Records

Ingram Micro says July 2025 ransomware compromised data of more than 42,000 people

Ingram Micro reveals ransomware attack hit 42,000 people

Initial access broker pleads guilty to selling access to 50 corporate networks

Key Apple, Nvidia, and Tesla supplier sees confidential files allegedly exposed in major breach - here's what we know so far

Linkedin Phishing Campaign Exploits Open-Source Pen Testing Tool to Compromise Business Execs

Luxshare investigates alleged ransomware breach threatening Apple, Nvidia and LG Data

MecMatica Italy Data Breach: Sarcoma Ransomware Leak Details

Microsoft Remains the Most Imitated Brand in Phishing Attacks in Q4 2025, as Technology and Social Media Platforms Continue to Dominate

Microsoft Tops Global Brand Phishing Ranking for Q4 2025

Microsoft Tops Phishing Brand Imitation in Q4 2025

Minnesota Department of Human Services data breach impacts 300K

Murray Irrigation: Data breach investigation continues

New Spear-Phishing Campaign Abuses Argentine Federal Court Rulings to Deliver Covert RAT

New Windows backdoor emerges in ransomware attack

New Windows Flaw Lets Attackers Bypass Mark of the Web

NightSpire ransomware gang alleges Hyatt breach, leaks data

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North West Ambulance Service sees sharp rise in data breach incidents

Pass’Sport Data Breach Exposing 6.4 Million Accounts Originated from the French Ministry of Sports

Privacy teams feel the strain as AI, breaches, and budgets collide

Prompt Injection Bugs Found in Official Anthropic Git MCP Server

Prosecutors seek 40 years for Thailand-based voice phishing ring

Qilin Ransomware Attack Hits Altius Geotecnia and Yumark Enterprises

Raaga Confirms Major Data Breach Exposing Personal Information of 10.2 Million Users

RansomHouse Claims Data Breach at Major Apple Contractor Luxshare

Ransomware and Supply Chain Attacks Set Records in 2025

Ransomware gang claims breach of Hyatt Hotel Network, alleges theft of internal logins and financial data

Record data breach penalty challenged by SK Telecom

Researchers report increased ransomware and hacktivist activities targeting industrial systems in 2025

Risk of AI Model Collapse to Drive Zero Trust Data Governance

SafePay Emerges as Key Ransomware Actor After Ingram Micro Attack

Scam Marketplace Tudou Guarantee Shutters Telegram Operations

Secret gagging order should not have been used to cover up Afghan data breach, Former Defence Secretary Sir Ben Wallace says

SK Telecom (SKT) challenges record data breach fine

SK Telecom sues to overturn $91 million data breach fine

Spear-Phishing Campaign Abuses Argentine Federal Court Rulings to Deliver Covert RAT

Tech giants’ data possibly exposed in RansomHub-claimed Luxshare hack

The Gentlemen Targets Kontena Nasional, San Carlo, and Pao Hwa

The Post-Breach Narrative: Winning Back Trust After the Headlines Fade

The ultimate "must-have" brand for 2026 is Microsoft - but only if you’re a phishing scammer

Three Flaws in Anthropic Model Context Protocol (MCP) Git Server Enable File Access and Code Execution

TriApex US Laboratories Breached by Nightspire Ransomware Group

Tudou Guarantee Marketplace Halts Telegram Transactions After Processing Over $12 Billion

Türkiye Cyber Attack Report Announced

UAE Cybersecurity Council warns public against rising phishing scams

UK launches landmark 'Report Fraud' service to tackle cybercrime and fraud

UK public sector ransomware mandate: New backup standards must protect organisations to ensure recovery

UK warns of sustained cyberthreat from pro-Russian hacktivists

US Supreme Court system hacker admits guilt

VoidLink cloud malware shows clear signs of being AI-generated

VoidLink cloud malware shows clear signs of being AI-generated

What’s On the Tube Or Rather in the Tube: Kimwolf Targets Android-based TVs and Streaming Devices

When Language Becomes the Attack Surface: Inside the Google Gemini Calendar Exploit

Why Secrets in JavaScript Bundles are Still Being Missed

Why Security Teams Keep Missing AI-Generated Phishing Attacks

19th January

659 JPMorgan clients affected by data breach at Fried Frank

42,000 Impacted by Ingram Micro Ransomware Attack

A Broadband Internet Provider Had a Data Breach Impacting Over 1 Million Customers

A Hacker Breached the US Supreme Court and Posted Victims’ Data on Instagram

A new European standard outlines security requirements for AI

Apple, Nvidia, and Tesla confidential files allegedly exposed in supplier breach

Attack Surface Visibility Tops CISO Infrastructure Security Priorities for 2026

BehMusic Data Breach Exposes 257k User Records

Black Basta ransomware boss placed on EU and Interpol ‘most wanted’ lists

Brightspeed probes cybersecurity incident after hackers claim access to data of 1 million customers

British Army to spend £279 million on permanent cyber regiment base

Broker who sold malware to the FBI set for sentencing

Canada’s Investment Regulator Investigates Cyber Incident, Data Exposure Confirmed

Canadian Investment Regulatory Organization (CIRO) Confirms Data Breach - 750,000 Canadian Investors Have been Impacted

Canadian Investment Regulatory Organization (CIRO) Confirms Data Breach Impacting 750,000 Canadian Investors

Canadian Investment Regulatory Organization (CIRO) Data Breach Exposes Sensitive Information of 750,000 Canadian Investors in Major 2025 Cyberattack

Coupang loses 18 trillion won as data leak, regulation, backlash hit shares

Covenant Health sued after data breach put over 478,000 patients at risk of identity theft

CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures

Cyber Attack on Monroe University Exposes Personal Data of Over 320,000 People

Cyber attack on South East Technological University (SETU) Waterford cost €2.3 million

Cyber Breaches, Compliance and Reputation Top UK Corporate Concerns

Cyber risk keeps winning, even as AI takes over

Daniel H Cook Associates Data Breach: 37k Affected & Social Security Numbers Exposed

Data breach: Why first 72 hours define a company’s future

Dutch Appeals Court Jails Hacker for 7 Years in Port Cocaine Case

EU and INTERPOL Hunt Black Basta Ransomware Kingpin, Suspects Identified in Ukraine

European Space Agency (ESA) Data Breach: Hackers Steal Sensitive Space Mission Data

Fake ad blocker extension crashes the browser for ClickFix attacks

Fake browser crash alerts turn Chrome extension into enterprise backdoor

Former UK PM warns of vibe hacking, wants mandatory cyber insurance for larger firms

Fraudsters jailed for laundering voice phishing ring’s $1 million in USDT

German Authorities Identify Black Basta Ringleader, Now Added to EU Most-Wanted and Interpol Red Notice Lists

Germany to boost federal service hacking, cut US intel reliance

Global tensions are pushing cyber activity toward dangerous territory

Google Gemini AI Tricked Into Leaking Calendar Data via Meeting Invites

Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites

Google shows how easy it is to crack old Microsoft Windows logins

Google to pay $8.25 Million after lawsuit over tracking children through apps

Grubhub Confirms New Data Breach, Hackers Reportedly Demand Ransom

Hacker admits to leaking stolen Supreme Court data on Instagram

Hacker Alert for Idaho: Change These Passwords Right Now!

Hacker pleads guilty to hacking Supreme Court, AmeriCorps, and VA Systems

Hacker-hit Nuneaton school makes big announcement as head issues warning

Hackers Exploiting PDF24 App to Deploy Stealthy PDFSIDER Backdoor

How crypto criminals stole $700 million from people - often using age-old tricks

How Cybercriminals Weaponize AI to Launch Convincing Deepfake Phishing Attacks

How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot

How to Remove Saved Passwords From Google Chrome (And Why You Should)

Huge data breach reveals info on 750,000 investors - here's what we know, and how to see if you're affected

Ingram Micro admits summer ransomware raid exposed thousands of staff records

Ingram Micro says ransomware attack affected 42,000 people

Inside the Leaks that Exposed the Hidden Infrastructure Behind a Ransomware Operation

Insurance Office of America discloses data breach following a June ransomware attack

Iranian state TV feed reportedly hijacked to air anti-regime messages

Jordanian Man Pleads Guilty to Selling Stolen Logins for 50 Companies

Jordanian pleads guilty to selling access to 50 corporate networks

Laurel Health Centers Data Breach Exposes Protected Health and Personally Identifiable Information

Law enforcement tracks ransomware group blamed for massive financial losses

LOTUSLITE Backdoor Targets U.S. Government and Policy Organizations via Venezuela-Themed Spear Phishing: Mustang Panda Cyber-Espionage Campaign Analysis

Malicious Google Chrome Extensions Hijack Workday and Netsuite

Mastertech International Data Breach Exposes Employee Records

Minnesota radiology group will pay $2 Million to settle class action lawsuit over data breach

Mustang Panda Uses Venezuela News to Spread LOTUSLITE Malware

New PDFSider Windows malware deployed on Fortune 100 firm's network

New Spear-Phishing Attack Abusing Google Ads to Deliver EndRAT Malware

New Spear-Phishing Campaign Abuses Google Ads to Deliver EndRAT Malware

New StackWarp Hardware Flaw Breaks AMD SEV-SNP Protections on Zen 1–5 CPUs

North Korea-linked hackers weaponize Google ads in malware campaign

Pass’Sport data breach exposed 6.4 million account holders in France

Phishing attack on hardware wallet leads to $282 Million crypto theft

Phishing Kits Now Operate Like SaaS Platforms

Phishing wave likely after password reset email surge

Police nail Thailand-based voice phishing ring

Qilin Ransomware Attack Hits Vietnam Airlines, Casadei, and Law Firms

Ransomware: What It Is And Why It’s Your Problem

Ransomware attack on Ingram Micro impacts 42,000 individuals

Ransomware Attacks Expose Data of Hyatt Hotels and Ingram Micro

Ransomware 'Most Wanted': Cops Seek Head of Black Basta

Ransomware up 60% as Gen AI Data Risk Soars

Researchers Exploit Bug in StealC Infostealer to Collect Evidence

Researchers Gain Access to Hacker-Controlled Domain Server via Name Server Delegation Flaw

Researchers Gained Access to Hacker Domain Server Using Name Server Delegation

Researchers Hijack Hacker Domain Using Name Server Delegation

Researchers Uncover PDFSIDER Malware Built for Long-Term, Covert System Access

Russian Hacktivists Intensify Disruptive Cyber Pressure on UK Organizations

Schools across Inverclyde offline after phishing scam email

Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

Should you be afraid of smart home hacking? What it is, and how experts prevent it

SK Telecom Files Administrative Suit Challenging Record Fines over Data Breach

SK Telecom files lawsuit to revoke record $91 million fine over data breach

SK Telecom to fight regulator over record data breach fine

South Korea: Funeral Industry Faces Security Gaps as Top Firms Lack Key Certifications

South Korea: Seoul police bust Thailand-based voice-phishing ring targeting South Koreans

Spear-Phishing Campaign Leverages Google Ads to Distribute EndRAT Malware

Supreme Court Hacker Details Emerge: Stolen Data Posted on Instagram, AmeriCorps and Department of Veterans Affairs Also Breached

Suspects Linked to Black Basta Ransomware Group Raided in Ukraine

Tengu Ransomware Breaches GSM Portal and Deck India

The Year Ransomware Went Fully Decentralized: Cyble’s 2025 Threat Analysis

Top Ransomware Attack Vectors and Prevention: Remote Access Compromise, Phishing, Social Engineering, and Rapid Flaw Exploitation

TotalEnergies investigates alleged data breach after hackers post customer records online

UK government warns about ongoing Russian hacktivist group attacks

Ukraine Police Expose Russian Hacker Group Specializing in Ransomware Attacks

Ukraine Police Exposed Russian Hacker Group Specializing in Ransomware Attacks

Unicancer Data Breach: Employee Database Leaked on Hacking Forum

Unmasked by Leaks: The Hidden Backbone of a Ransomware Operation

US Attorney Jeanine Pirro announces victory over hacker who infiltrated Supreme Court, other government agencies

US hotel giant Hyatt allegedly attacked as stolen data appears online

Victorian Department of Education data breach gave hackers access to students’ data

VirginiaHasJobs.com Data Breach Exposes 5,500 Job Seeker Records

When the Olympics connect everything, attackers pay attention

Who are the most spoofed brands in phishing scams? Let's be honest, you can probably guess most of them - but there are a few surprises

With 39% of organizations still paying, Here's how Asia can break the ransomware cycle

Zero Trust and Active Directory: What Modern AD Audits Reveal

Posted by at
Labels:

Saturday, 17 January 2026

Data-Leaking Ransomware Report - Q4 2025

Welcome to the fourth, and final, quarter of last year's DLR Report, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed between 1st October and 31st December 2025.


DBD discovered and researched 2433 Global Ransomware Victims over 103 Countries and Islands, including 1241 US Ransomware Victims over 50 States and Districts, claimed by 80 Data-Leaking Ransomware Operators in Q4 2025.

DBD also discovered and researched 16 New Active Ransomware Operators in Q4 2025, further details of which can be found in our PRiSM application.

Download PDF



Data Source: Data Breaches Digest.

Posted by at
Labels:

Wednesday, 14 January 2026

Ransomware Operator Claims - Week 2 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 5th January and 11th January 2026, kindly assisted by our partners.

DBD discovered and researched 158 Ransomware Victims over 35 Countries and Islands claimed by 27 Data-Leaking Ransomware Operators, including 2 Newly Discovered Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels:
Subscribe to: Comments (Atom)