Editor's Message

Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and PRiSM celebrated it's third anniversary. Both projects have made a huge impact on my life and I'd like to thank each and everyone of you who have supported me, with special thanks to those individuals and communities who have helped me build up my knowledge on cybercrime and ransomware over the years. Thanks again for all your continued support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.

Tuesday, 26 May 2026

Ransomware Operator Claims - Week 21 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 18th May and 24th May 2026, kindly assisted by our partners.

DBD discovered and researched 152 Ransomware Victims over 38 Countries and Islands claimed by 31 Data-Leaking Ransomware Operators, including 3 Newly Discovered Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels: ,

Monday, 25 May 2026

Data Breaches Digest - Week 22 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 25th May and 31st May 2026.


29th May

Accounting firm Kennedy McLaughlin confirms ‘cyber incident’ following Qilin ransomware attack

AI-Generated npm Malware Leaks Its Own GitHub Token

California sues 23andMe over genetic data breach affecting 6.9 million users

Carnival Cruise Faces Cybersecurity Concerns as Data Breach Notifications Raise New Questions About Digital Safety in Tourism

Charter Communications data breach affects 4.9 million accounts

Chinese Hackers Exploit Iran War to Target Maritime and Energy Companies

Dutch police dismantle massive botnet controlling 17 million infected devices

FBI warns World Cup fans over fake FIFA ticket scams

From the Hammer to the Scalpel: The Evolution of Account Takeover

Google Chrome adds session cookie theft protection for all users

Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels

LinkedIn-themed phishing abuses Adobe’s A/B testing platform

Man sent to prison for selling data of 7 millions elderly Americans

New infostealer reaches enterprise devices through FortiClient EMS vulnerability

New Phishing Tool Lets Hackers Access Microsoft Accounts, FBI Says

Notepad++ requires urgent update: hackers swapping configs to run malware

OpenAI credential-stealing malware found hidden inside popular Codex tool

Phishing email led to a breach of US food giant Rich Products

Renting a smart apartment? Your landlord may have access to your cameras and locks

Silent Ransom Group Uses In-Person IT Impersonation to Breach Systems

The Beginning of the End of Human Penetration Testing

The behavioral signals that sharpen Trojan malware detection

US policymakers mad about phones betraying troops' location to foreign adversaries

Websites can spy on user activity by analyzing SSD behavior

Your AI assistant is breaking the law up to 90% of the time

Your OnlyFans may not be private - and neither are your passwords

28th May

6 Million Impacted by Carnival Cruise Data Breach

23andMe Sued by California Over Massive 2023 Data Breach

A security lapse at prison pay phone service Pay Tel publicly exposed over 300K callers’ driver’s licenses

AI Agent Conducted a Cyberattack on Its Own - It Took Less Than One Hour

AI threatens financial stability as Mythos-style models accelerate cyberattacks

AI-driven cybercrime industrializes as ransomware damage soars 389%

AI-Generated npm Malware Leaks Hacker’s Private GitHub Token

Anthropic confirms Claude Mythos-class models will roll out to the public

As Summer Closes In, the Travel Sector Is Unprepared

Attackers Move Past Typosquatting to Realistic Package Impersonation

Beware of Fake RSVP Links: Hackers Use Wedding and Graduation Invites to Steal Personal Data

BTMOB Android malware service generates custom phishing payloads

Bulk of Identities Are Unseen and Unmanaged in the Enterprise

California Attorney General Bonta Sues Chrome Holding Co., Formerly Known as 23andMe, Over 2023 Data Breach

California Attorney General sues 23andMe successor for 2023 data breach

California sues 23andMe over 2023 data breach

California sues 23andMe, alleging it failed to protect user data in 2023 breach

California sues former 23andMe over 2023 ancestry and genetic data breach

California sues 23andMe over alleged DNA data breach

Carnival begins notifying 6 million people of a data breach

Carnival confirms data breach impacting nearly 6 million

Carnival Corporation contacts clients after data breach

Carnival Corporation Discloses Details of Data Breach

Carnival Cruise confirms data breach affecting nearly 6 million people

Carnival Cruise Data Breach Exposes Millions of Customers’ Personal Information

Carnival Cruise Guests Are Now Receiving Data Breach Notifications

Carnival Cruise Line Notifies Victims Over Data Breach That Leaked Passport Numbers

Carnival Cruise Line Sets the Record Straight on Latest Data Breach

Carnival Data Breach: Here’s Exactly How Scammers Got Your Personal Information

Carnival Data Breach Exposed 6 Million People

Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers

Carnival Data Breach Impacts 5.9 Million Individuals

Chinese-speaking fraud gang could be stealing millions from 2026 World Cup fans

Close to 200,000 Frost Bank customers affected by Sefas security breach

Companies built AI into core systems before figuring out how to govern it

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

CrowdStrike, Google smash Glassworm developer botnet

Cruise giant Carnival confirms data breach affecting nearly 6 million people

Cruise Operator Carnival Corp Data Breach Occurred Due to Social Engineering

Cruise Operator Carnival Discloses Personal Data Breach

Cybercriminals sail away with data from 6 million Carnival customers

Cybersecurity Staff Prefer CISOs With Real Attack Response Experience, Study Reveals

Dutch police arrest suspect for breaking into Ajax’s computer systems

Edwards, Faust & Smith (EFS) Data Breach: Social Security Numbers and Financial Account Information

Everest Ito Group Data Breach: Social Security Numbers Compromised

Fake Data Breach Emails on the Rise, Cybersecurity Experts Warn

FBI Flags Dangerous Microsoft 365 And Outlook Phishing Scam

FBI Issues Urgent Warning For Microsoft 365 Users: Kali365 Phishing Kit Bypasses MFA

FBI reveals top 4 internet crime trends from 2025 as losses hit $20.9 billion

FBI sounds alarm on phishing tool that steals Microsoft 365 accounts without passwords

FBI Warns Hackers Can Bypass Microsoft Outlook, Teams and 365 Without Your Password - Here's What You Should Do

FBI Warns Kali365 Phishing Kit Can Bypass Microsoft 365 MFA

FBI warns of fake FIFA websites running World Cup fraud schemes

FBI warns of major phishing scam, with hackers ‘hijacking' Microsoft Outlook, 365 users

FBI warns of new phishing scam targeting Microsoft 365 users

FBI warns of Ransomware groups sending individuals to steal Data physically

FBI warns OneDrive, Teams users about phishing scam. What it looks like

FBI warns scammers can access Outlook, Teams without passwords

Federal Officials Warn United States Firms of Phishing Invitation Scams

Federal Trade Commission (FTC) Warns of Phishing Scam Disguised as Party Invitations

FortiClient EMS Exploited via CVE-2026-35616 for EKZ Infostealer Deployment

Frontier AI models collapse under multi-turn AI attacks, Cisco finds

GCHQ Chief Urges Action as AI Reshapes Cyber Threats

GreyVibe hackers use ChatGPT, Gemini to power cyberattacks

Hacker Steals $700,000 from Polymarket via Compromised Private Key

Hacker Who Sold Access to Oregon Emergency Network Gets Prison

Hackers are trying to steal Signal users’ backups in new wave of phishing attacks

Hackers Deploy VIP Keylogger Through Phishing Emails Masquerading as Business Documents

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers tricked a Carnival employee and leaked customer names, addresses, and government IDs

House Republicans press FBI Director Patel to intensify fight against hospital ransomware

How AI is Changing Ransomware - and Why It’s Faster, Smarter, and Harder to Detect

Iconic 138-year-old South African sports club allegedly struck in 674,000-record cyber attack

India: Kanpur Municipal Corporation Website Hit by Cyber Attack

Inside the Charter Communications data breach: hackers leak 13 Million+ customer data

JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware

Juventus FC: Data Breach Communication

Kemper Corporation Exposes Approximately 270,000 Accounts Following ShinyHunters Breach Claim

Korea to Freeze Accounts Tied to Romance Scams, New Phishing from Next Month

Lakeview Health Systems Settles Class Action Data Breach Lawsuit

LoneStar Truck Group Data Breach Exposes Sensitive Personal Information

Louisiana Cat Data Breach: PHI and PII Exposed

Major data leak hits nearly 20% of Lithuania's population

Microsoft accused of leaking data of Dutch civil servants working on tech laws to US government

Microsoft Condemns "Uncoordinated" Zero Day Disclosures

Microsoft email and Teams users are being warned of phishing trick that doesn’t need your password

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

Mt. Baker Imaging seeks settlement in ransomware attack lawsuits

Multiple German hospitals impacted in billing provider data breach

NetLine Data Breach Exposes Social Security Numbers

New Gogs zero-day flaw lets hackers get remote code execution

New phishing scam targets Microsoft Outlook and Teams users

New Threat Actor Jinx-0164 Targets Crypto Developers on macOS

Oil shipments, drone makers, and a poisoned code library targeted in recent APT campaigns

One Email Could Give Hackers Access to Your Microsoft Account: FBI Warns They Don't Even Need Your Password

Passports and selfies of 100,000 UK visa applicants leaked, issue remains unaddressed

Perma-Chink Systems Data Breach Exposes Social Security Numbers

Phishing most prevalent cyber attack, confirms UK survey

Police arrest suspect in Ajax football club hack that exposed 300,000 fan records

Ransomware attacks are now targeting businesses nobody expected

Ransomware dominates 58% of Singapore’s cyber incidents

Ransomware group adds New Zealand health company to its leak site

Researchers question alleged IBM breach spreading across underground forums

Romanian gets 5 years in prison for hacking Oregon government network

Russian hacker network exposed in the Netherlands. 800 servers were seized

Shadow AI Continues to Expose Company IP

South Africa: Pick n Pay confirms data breach affecting delivery service users

South Africa: Telkom says no evidence that its systems were compromised after hacker claimed to have customer records for sale

South Korea: Government to freeze accounts tied to scam crimes beyond voice phishing

SpeedX data leak exposes more than 840 million customer and driver records

The FBI warns Microsoft 365 services are being bombarded with new phishing emails - here are 3 steps you can take to stay safe

The Gentlemen is Making Its Mark in the Ransomware World

The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

The Real Microsoft Site Phishing Scam Bypassing Your Security

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

US says troops were targeted with location data, as senator warns ad industry is a ‘national security threat’

Users report phishing emails coming from Microsoft’s system, and the company is digging in

VaultJacking Attack Exposes Google Password Vaults via Single PIN

Watch Out for Fake FIFA Websites Appearing Ahead of the 2026 World Cup, FBI and Internet Crime Complaint Center (IC3) Warn

Zapier exploit chain shows how known anti-patterns compose into critical risk

27th May

7-Eleven Breach: Hackers Claim 600,000 Records Stolen

7-Eleven data breach exposes 185,000 people, including names, addresses and SSNs

68% of UK Firms Plan to Increase Cyber Spending as AI Risks Rise

300+ Fake Domains Used in GHOST STADIUM Campaign Targeting World Cup Fans

A Krispy Kreme data breach may qualify thousands of Americans for payouts over $3,000

AI Accelerating Data Breach Attacks from Months to Hours

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

AI Is Making Software Autonomous, and Governance Must Follow

AI-powered phishing a growing threat

Ameriprise Financial Data Breach: ShinyHunters Leaks 200GB, Over 502,000 Accounts Added to Have I Been Pwned (HIBP)

Apple and Google warn Canada bill could force secret backdoors into encrypted devices

Attackers disguising phishing as Google AppSheet notifications

BadHost Exploit Exposes Sensitive AI Agent Server Endpoints

Caesars Entertainment Data Breach Impacts 44k: Social Security Numbers Compromised

CERT-In Urges Firms to Patch Critical Vulnerabilities Within 12 Hours Amid AI Threat Surge

Charter Communications confirms data breach - ShinyHunters blamed after threat to leak user info online

CISA gives feds 4 days to patch actively exploited cPanel plugin flaw

CISA Warns of Exploited LiteSpeed cPanel Plugin Flaw

CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks

CrowdStrike, Google Take Down Glassworm Botnet

Cruise operator Carnival discloses personal data breach

Cyber attackers are hijacking Microsoft Outlook, Teams and 365 log-ins, FBI says

Data of 340 million OnlyFans users put up for sale on the dark web

Delivery mega leak: 840 Million+ files exposed as US delivery company leaks massive file storage

Dutch police arrest man over cyber breach at Ajax football club

Dutch Police Arrest Suspect in AFC Ajax Football Club Data Breach

Dutch police arrests suspect linked to Ajax football club hack

Easy Dynamics Data Breach Compromises Personal Information of Employees

Ermi Data Breach Compromises Health Records

European AI adoption hits 99% with regulated data driving most policy violations

Fake ChatGPT and Claude installers on GitHub are dropping Deno RAT malware

Fake LinkedIn Collaboration Emails Abuse Adobe Target to Track Victims in Phishing Campaign

FBI Issues Scam Warning for Users of Microsoft Outlook, Teams

FBI issues serious warning for Outlook, Teams, OneDrive users

FBI Issues Warning To Microsoft 365 Users

FBI links First VPN Service to ransomware gangs, botnets, criminal dark web activity; calls for layered defensive controls

FBI Warning: IT Personnel Impersonated by Cybercriminals

FBI warns extortion hackers are visiting US law firms to steal data

FBI warns law firms of cyber gang impersonating IT staff to steal sensitive data

FBI warns law firms of in-person data theft by Silent Ransom Group

FBI warns Microsoft users about a new AI scam that can steal accounts without passwords

FBI warns of cybercrime group targeting US law firms

FBI warns of in-person data theft attacks from extortion gang

FBI warns of Kali365 phishing platform hijacking Microsoft 365 accounts

FBI warns of Kali365 phishing-as-a-service targeting Microsoft 365 access tokens

FBI warns of phishing scam targeting Microsoft 365 accounts

GHOST STADIUM Phishing Campaign Targets FIFA World Cup Fans With 300+ Fake Domains

Gitea Vulnerability Exposes Private Container Images without Authentication

Glassworm botnet disrupted after resilient C2 infrastructure takedown

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

Google flags KnowledgeDeliver flaw and Chinese phishing surge

GPU mining malware spreads via SEO poisoning, AI chatbots

Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users

Hacker Mints 5.4 Trillion Tokens in StakeDAO Exploit, Nets $91K

Hackers Abuse Trusted Google Domains to Hide Phishing Links From Email Gateways

Hackers adopt double-tap tactics: steal gaming accounts, return with a convincing recovery scam

Hackers are knocking on office doors pretending to be IT staff

Hackers Sending Operatives in Person to Insert USB Drives and Steal Data

Healthcare Data Breaches, Developer Tool Abuse, and Supply Chain Ransomware Risks Rise

‘Hostile states' behind massive data breach, Lithuanian president says

How the Canvas data breach further frayed families’ trust in ed tech

India: Central Board of Secondary Education (CBSE) denies security breach in On Screen Marking (OSM) evaluation system after student hacker’s claims

Interstate Management Data Breach: 22k Individuals Impacted

Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages

Iran’s Nimbus Manticore Used Trojanized Zoom Installers Against US Firms

Iranian intelligence service behind hack of Los Angeles transit system, researchers say

Iranian-Backed Group Behind Attacks on Transit Systems in Los Angeles, South Florida

Kali365 phishing kit bypasses MFA and steals Microsoft logins

Kali365 Phishing-As-A-Service Bypasses MFA To Hijack Microsoft 365 Accounts

Lithuania: Foreign involvement suspected in record data breach

Lithuania: President Gitanas NausÄ—da says indications point to hostile states behind major data breach

Lithuania Data Breach: 600,000 Records Expose Spy Home Addresses to Hostile States

Lithuania Investigates State Registry Breach of 600,000 Records

Lithuanian Prime Minister says government will not resign over major data breach

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

Mass database extortion causes significant damage despite low payment rates

Massive Data Breach: Fake UK Visa Portal Leaks Over 100,000 Passports, Selfies Online

Metropolitan Marine Maintenance Contractors' Association (MMMCA) Data Breach Exposes PHI and PII for 25,528 Individuals

Microsoft adds automatic endpoint isolation to Defender platform

More than 185,000 affected in 7-Eleven data breach linked to ShinyHunters

Multiple sophisticated fraud campaigns target FIFA World Cup

National Institute of Standards and Technology (NIST) Releases Special Publication Draft to Focus on Ransomware Response and Recovery in Manufacturing Networks

Netherlands blocks US firm Kyndryl from buying national ID system provider

New BTMOB Malware Enables Remote Control of Android Devices

New ransomware threat group, The Gentlemen, has become one of the most active ransomware operators, accounting for 10% of all attacks

New Zealand: ManageMyHealth warned before massive data breach

NHS trust issues public apology over Nottingham attacks medical data breaches

Oncology Institute says third-party vendor breach compromised patient data

OverlayPhantom Android Banking Trojan Targets 180+ Financial Apps Across 10 Countries

PureLogs Variant Steals Data via Purchase Order Lures

Ransomware Actors Show Up In Person to Steal Law Firm Data

Ransomware recovery rarely ends when the ransom is paid

Romanian Hacker Gets Nearly 5 Years in US Prison Over Network Intrusion

Romanian hacker sentenced to 56 months for selling access to Oregon government network

Romanian Hacker Sentenced to Prison in US for Selling Access to State Network

Romanian national sentenced to more than 4 years for hacking Oregon government systems

Scammers are sending phishing emails from a real Microsoft address

Silent Ransom Group Sends Operatives Into Law Firm Offices: 38 Firms Already Leaked

South African Revenue Service (SARS) Denies Being Hacked by Nullsec Nigeria, Hacker Group

Spain: The ‘hacker’ Alcasec accepts two years and seven months in prison for stealing more than half a million bank details

TeamPCP Hackers Weaponize LiteLLM for Credential Harvesting Attacks

The AI Phishing Revolution: From Spray-and-Pray to Autonomous Operations

The Gentlemen emerging as key ransomware player

The Lithuanian Prime Minister said her family was also affected by a major data breach

The LLM Effect: Why Ransomware in 2026 Is Faster, Smarter, and More Targeted

The Next AI Security Failure May Start With a Trusted Assistant

The Oncology Institute Confirms Unauthorized Access to Systems Due to Vendor Breach

The Rise Of “New Brand” Cybercrime Groups And The Business Of Ransomware

Thousands of Fake FIFA Domains Target World Cup Fans

Tycoon 2FA Adversary-in-the-Middle (AiTM) Kit Bypasses MFA on Entra ID and Google Workspace Accounts

Tycoon 2FA Adversary-in-the-Middle (AiTM) Kit Targets Entra ID and Google Workspace In MFA Bypass Campaigns

‘UK Visa Portal’ Compromises 100,000 Applicant Passports and Biometric Data

Ukrainian Authorities Help Uncover VPN Admin Who Shielded Hacker Attacks

United Medical Systems Data Breach: Social Security Numbers Exposed

Why Burnout in Cybersecurity Demands Risk-Based Response

Why phishing as a service is a growing threat

Why the Surge in DDoS Attacks Should Worry Security Leaders

Windows Kernel Flaw Lets Attackers Modify Memory Counters

Windows Users Targeted in New Phishing Campaign

26th May

7-Eleven data breach affects over 185,000 people’s personal data

7-Eleven data breach exposes personal information of 185,000 people

185,000 Likely Impacted by 7-Eleven Data Breach

600,000 Lithuanian National Register Entries Leaked

Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)

Alleged Mercedes-Benz customer data listed for sale on cybercrime marketplace

Anthropic: Claude Mythos identified 10,000+ software flaws

Australia: Practice lost $150,000 after cyber attack locked staff out of Best Practice

Automotive ransomware more than doubled - and AI is partly to blame

Beacon Mutual Begins Notifying Those Affected by Data Breach

Bomco Data Breach Exposes Social Security Numbers and Health Information

BTMOB Android RAT Spreads Through No-Code Builder Tooling

CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

Charter Communications confirms data breach after ShinyHunters extortion threat

Chinese phishing gangs grow into a force to be reckoned with

Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception

Chinese-Language Phishing Services Adopt AI and Real-Time MFA Bypass

CISA orders feds to patch actively exploited Drupal vulnerability

Claude Mythos AI Identified 10,000+ Software Vulnerabilities in One Month

CMD Outsourcing Solutions Data Breach Exposes SSNs

Critical Ghost CMS Vulnerability Exploited to Hack 700+ Websites

Cyber attack costs the Town of Huntsville $59,000

Cyber insurers warn AI is accelerating phishing and business email compromise attacks

Dutch authorities arrest men suspected of providing infrastructure for Russian cyber operations

Dutch Authorities Seize 800 Servers Linked to Russian Cyberattacks, Arrest Two Individuals

Dutch consultant and concert pianist arrested for hosting servers for pro-Russian hackers

East Coast Regional Workers Comp Insurer Reports Data Breach

Eight Years In, GDPR Changed Everything

FBI Warns: ‘Kali365’ Phishing Service Targets Microsoft 365 Accounts

FBI warns about Phishing-as-a-Service (PhaaS) platform used to access Microsoft 365 environments

FBI warns Microsoft 365 users about a new phishing tool that bypasses two-factor authentication

FBI warns Microsoft users about a sophisticated phishing scam

FBI warns Microsoft 365 users about another phishing as a service attack - here's how to avoid it

FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts - no password required

Fraudsters Target Ukrainians with Fake Tax Debt Emails Impersonating the State Tax Service

Ghost hackers: the cybersecurity mystery that nobody has solved

Google blocks AI Powered Cyber Attack on 2FA and Megalodon Malware attack on GitHub

Hacker offers data of 340 million OnlyFans users for sale

High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659)

India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws

Investigation launched into data breach at Telford & Wrekin Council

Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages

Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign

Iranian hackers blamed for breach of Los Angeles transit system that took weeks to recover

Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning

Iranian Islamic Revolutionary Guard Corps (IRGC)-affiliated Nimbus Manticore group attacks defense, aerospace, telecom sectors using Minifast malware toolkit

Jailbroken Gemini AI Model Supercharged Russian-Speaker’s Fraud Campaign

KnowledgeDeliver flaw exploited as a zero-day to install web shells

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

KnowledgeDeliver LMS ViewState Deserialization Flaw (CVE-2026-5426) Exploited for Cobalt Strike Backdoor and Godzilla Malware Deployment

Krispy Kreme settles 2024 data breach suit for $1.6 million

Law firm Wiley Rein hit with class action over data breach tied to Chinese hackers

Lithuania investigates theft of 600,000 state registry records by foreign actor

Lithuania Suspects Foreign Involvement in Data Leak of Over 600,000 National Register Entries

Marketing and merchandise firm Branded Products listed by Qilin ransomware

Megalodon Supply Chain Attack Hits 5,500+ GitHub Repositories in Six Hours

Microsoft Dismantles Fox Tempest Cybercrime Platform Linked to Hospital and School Ransomware Attacks

Microsoft Disrupts Fox Tempest Malware-Signing Service Used in Ransomware Attacks

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions

Mission Community Hospital Pays $1.55M to Settle Data Breach Lawsuit

Motorola’s pre-installed app hijacks Amazon app

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

MyPillow must decide whether to be firm or soft as ransomware criminals demand pay

Mythos may not be an evil AI hacker, but it’s a warning that cybercrime can now go machine speed

New Research Says Every WiFi Router Can Be Turned ‘Into A Potential Means For Surveillance’

NightSpire Ransomware Abuses RDP for Stealthy Persistence

NightSpire Ransomware Uses RDP Access and Remote Admin Tools for Stealthy Persistence

Noll & Tam Architects Data Breach Exposes Social Security Numbers

Nottingham Village Data Breach Impacts 7,919 Individuals: PII Exposed

Payload Ransomware Uses ChaCha20 and Curve25519 ECDH to Encrypt Windows Files

Personal information of 185,000 people exposed after cyberattack on 7-Eleven

Phishing Campaigns Exploit RCS and iMessage to Evade SMS Security Filters

Phishing Services Use RCS and iMessage to Bypass Traditional SMS Security Filters

Private radiology practice reports security breach impacting over 250,000 individuals

Q-Day Could Arrive by 2029, Raising Global Encryption Security Fears

Radiology Associates of Richmond reports data breach affecting 266,000 individuals

Ransomware Attack Costs Medical Practice $150,000 in Repairs and Lost Revenue

Ransomware attacks on automotive and smart mobility more than doubled in 2025

Ransomware Uses ChaCha20 and Curve25519 to Encrypt Windows Files

Reported ransomware incidents are just the tip of the iceberg

Rhode Island workers' comp insurer faces class action over data breach

Russian Hacker Allegedly Used Jailbroken Gemini in Global Cyber Fraud Operation

ShinyHunters extorts Charter Communications after data breach

Some developers seeing 7-fold increase in supply chain compromises

South African Revenue Service (SARS) and South African Information Technology Agency (SITA) refutes false claims of a data breach

South African Revenue Service (SARS) denies alleged cyberattack and data breach claims

South Korea cuts voice phishing cases and losses for seven straight months

Station Casinos Data Breach Highlights Ongoing Cybersecurity Risks

Station Casinos Reveals Data Breach Took Place in March 2026

Stolen passwords, phishing emails and data loss – how secure is your Microsoft 365?

Taiwan Cyber Incidents in 2025: Fake Messaging Apps, Custom Ransomware, Supply Chain Vulnerabilities

Texas-based DocketWise reports data breach impacting thousands

Thailand warns of phishing scams targeting ‘Thai Help Thai Plus’ registrations

The Hidden Ransomware Economy Running on Exposed Databases

Third-Party Cyberattack Impacts Patient Information at The Oncology Institute

Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning

Trump Mobile probes data breach of 27,000 T1 pre-order customers

UK Visa Portal spilled thousands of applicants’ passports and selfies online - and hasn’t fixed the leak

Ukraine: Fraudsters send letters about "tax debt" on behalf of the State Tax Service. How to avoid becoming a victim of phishing

Uniswap Phishing Scam Through Google Ads Steals $400K

What happens when security teams inherit identity

When ransomware shutters the ER, cyber resilience can help teams mitigate the damage

Why AI-Native Cybersecurity Matters in the Age of Machine-Speed Threats

25th May

7-Eleven Data Breach Exposes Over 185,000 Accounts in ShinyHunters Extortion Campaign

90 Days to Full NHI Management, Agentic AI Security and Operational Efficiency

266,000 Affected by Data Breach at Radiology Associates of Richmond

A massive data breach involving government registries has been uncovered in Lithuania

AI-driven exploitation beats phishing as most popular initial access strategy

Anthropic’s Mythos Finds 10,000 Security Flaws, Exposes Patching Obstacles

Australia: Foreign state actor hacked parliamentarian's WhatsApp account

Australia: Victorian regional newspaper allegedly hacked by ransomware group

Authorities seize 800 servers used for cyberattacks and disinformation

Billion-Dollar Bank To Hand Out up to $25,000 per Customer in Settlement Over Data Breach That Impacted 2,187,170 Americans

Breaking The Silo: What the Economic Crime and Corporate Transparency Act (ECCTA) Information-Sharing Gateway Means for Security Leaders

British drivers may be exposed after Mercedes data surfaces on hacker market

Canadian man arrested over massive KimWolf DDoS botnet that infected millions of devices worldwide

Carnival class action claims cruise line failed to notify customers of data breach

Cybercrime is 3rd largest economy sparing no country or enterprise

DocketWise Data Breach Impacts 143,000

Europol: Cybercriminal VPN used by ransomware actors dismantled in global crackdown

Fake Streams, Counterfeit Merchandise and Other Scams: How Fraudsters Target Formula 1 (F1) Fans

FBI Chief Kash Patel’s Clothing Store Hacked in ClickFix Infostealer Attack

FBI director Kash Patel’s merchandise website taken offline after malware attack

FBI Flags Kali365 as New Phishing Threat Targeting Microsoft 365 Users

FBI warning on Kali365 phishing kit exposes limits of weaker authentication

FBI Warns Kali365 Can Bypass Microsoft 365 MFA Using OAuth Tokens

FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens

FBI warns of Kali phishing scam hitting Microsoft OAuth tokens - warns 'Kali365 lowers the barrier of entry, providing less-technical attackers access to AI-generated phishing lures'

FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

Forget facial recognition, WiFi can accurately tell who you are, researchers say

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS SQL Injection Vulnerability Facilitates Large-Scale ClickFix Campaigns

GitHub bans vindictive security researcher dropping Windows zero-days

GitHub Hacker Claims Security Breach Involved About 4,000 Internal Repositories, Takes Bids on Stolen Data

Hacker Lists 340 Million OnlyFans User Records for Sale

Hacker Selling 340 Million OnlyFans User Records Built From Old Breaches

Halton Hills Chamber of Commerce warns of phishing email seeking unpaid invoices

India: Cyber Fraudsters Misuse Cockroach Janata Party Name in WhatsApp Phishing Scam, Warn Ludhiana Police

Indian Cyber Crime Coordination Centre (I4C) Cautions Apple iPhone Users About Phishing Scam Targeting Lost Devices

Is OnlyFans Facing A Massive Data Breach? Hackers Claim 340 Million-Record Leak

Kali365 phishing service targets Microsoft 365 accounts

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

Lessons for organizations from the Verizon 2026 Data Breach Investigations Report

Lithuania investigates massive data breach, suspects foreign intelligence operation

Most ransomware attacks are opportunistic. Here’s how you can stop attackers

Netherlands Busts Bulletproof Hosting Network Linked to Disinformation and Cybercrime

Network Nightmares: America’s printers carry hidden hacker risks

Oncology Institute Discloses Data Breach

Only 1 in 4 Australian farmers eye cyber insurance as ‘smart’ farms become hacker targets

OnlyFans Data May Be Under Threat As Hacker Sells Records Of 340 Million Users

OnlyFans denies a 340-million-record breach, and so does the hacker selling it

OnlyFans mega leak reveals 340 Million user records, hackers claim

Pro-Palestinian hackers leak Israeli Navy officers allegedly involved in Gaza Flotilla interception

South Africa: State Information Technology Agency (SITA) refutes suffering cyber attack

South African Revenue Service (SARS) denies it was breached by Nigerian hacker group

South African Revenue Service (SARS) denies social media claims of data breach

South African Revenue Service (SARS) dismisses data breach claims, says no evidence of system compromise

South African Revenue Service (SARS) refutes ‘false’ claims of data breach

South African Revenue Service (SARS) refutes false claims of major data breach

South African Revenue Service (SARS) responds to data breach claims

South Korea: CJ Group Identifies Insider in Corporate Personal Data Breach

Station Casinos Confirms Cybersecurity Breach

Station Casinos Discloses Data Breach That Occurred in March, Begins Notifying Affected Customers

Store Chain 7-Eleven Confirms Data Breach Linked to the ShinyHunters Ransomware Gang

Taiwan Flags Five Major Cyber Risks After 726 Security Incidents in 2025

The AI Governance Gap Is Bigger Than We Think

The Surprising Tactic Your Company Should Use If It’s the Victim of a Ransomware Attack

'This is a sales tactic': Experts warn ransomware hackers will often lower their prices - with some giving discounts up to 96%

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor Supply Chain Attack Targets npm, PyPI, and Crates.io, Steals Credentials, Crypto

Trump Mobile data breach may affect far more than its own customers

Turns out the C-suite loves shadow AI

Ukraine: Mass phishing emails purporting to be from the State Tax Service has been recorded – do not open fraudulent emails

US states step up cyber defenses to protect local communities

WhatsApp Local Storage Claim Raises Apple Privacy Questions

WhatsApp users on alert after hacker drops massive dataset

Wireshark 4.6.6 Resolves Robust Header Compression (ROHC) Parser and Buffer Overflow Vulnerabilities

Posted by at
Labels:

Thursday, 21 May 2026

Ransomware Operator Claims - Week 20 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 11th May and 17th May 2026, kindly assisted by our partners.

DBD discovered and researched 173 Ransomware Victims over 44 Countries and Islands claimed by 40 Data-Leaking Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels: ,
Subscribe to: Posts (Atom)