Incidents from
3,900 students First name, last name Email address Postal address ID photo Phone number Partial payment card number, CVV, expiration date Enrolments, evaluation results
Last name, first name Nationality Email address Phone number Licence number Occupation
9,551 students Last name, first name Email address Postal address Phone number IBAN
First name, last name Email address Postal address Phone number Employer, position held
7,244 students First name, last name Email address Postal address Phone number
161,412 members Name, first name Postal address Email address Phone number Social security number Registration and termination date Content of listings
Surname, first name; date of birth; postal address; email address; landline and mobile phone numbers
205,403 prospects First name, last name Position Company Postal address Email address Phone number SIRET VAT number
60 GB, 97,000 files: FTP access, SQL files, system logs from 32 departments, 19 business applications
200 members; surname, first name; postal address; email address; phone number; IP address
89,463 customers First name, last name Email address Profile type Company name Position
Last name, first name Email address Desired role Qualification level Work experience Industries of interest Contract types sought Geographic mobility areas
74,877 customers Last name, first name Email address Postal address Phone number Account balance IBAN
probable ransomware
361,321 members Last name, first name Gender Date of birth Nationality Email addresses Phone numbers Postal address Licence type, season and validity date
first and last name, email address, postal address, phone number, shipment number, delivery status
161 customers Last name, first name Email address Postal address Last login date Last order date Number of orders
1.3 million members last name, first name licence number postal address email address phone number medical information parent contact details club
240,000 users name, first name MD5-hashed password (so effectively in plaintextβ¦) date of birth, gender postal address email address phone number height, weight, eye and hair color, measurements ethnic origin distinctive features photo & video book private message history payment data
5.76 GB, 3.8 million customers Network infrastructure Partners file Operational data Support tickets Prospect identities Postal address Phone number
1,100 justice professionals last name, first name judicial position personal address personal phone number professional information IBAN
860,000 people; surname, first name; email; address; parcel number
186 subscribers, 8 administrators Email address Hashed password
3.5 million households: first and last name, date of birth, gender, email address, postal address, phone number, category of aid received, organization code, social security number, INE number, CAF number, Pass Sport code
last name, first name email address postal address customer reference phone number
last name, first name date of birth postal address
browsing history
20% of users, 30 million profiles email public profile
"a number of files"
first name, last name email and postal address phone number contractual and order data encrypted password
credit card number, expiration date, CVV
1 million members first name, last name date of birth nationality postal address email phone number photo and ID document
ransomware
first name, last name date and place of birth nationality postal address email address phone number legal guardian's contact details consent status
name, first name date of birth social security number reimbursement record vision correction data phone number
title, first name, last name phone number email address
last name, first name gender date of birth email address phone number
title, last name, first name phone number email address
first and last name, date of birth, email address, postal address, social security number, subject of the teleconsultation, pre-consultation questionnaire, data exchanged with the practitioner
last name, first name phone number email address postal address date of birth loyalty program information
1.6 million young people last name, first name date of birth social security number France Travail identifier
A former Coupang employee accessed personal data on 33.7 million customer accounts of South Korea's largest e-commerce platform. Coupang announced a $1.17 billion compensation plan; its head of Korean e-commerce resigned.
financing file
first name, last name, gender date and place of birth nationality postal address email address phone number license number
last name, first name email phone number appointment time, date and location other items
first and last name, postal address, email address, phone number, health data
name, first name date of birth social security number reimbursement record vision correction data phone number
surname, first name; postal address; email address; phone number; health data
license number first name, last name date of birth photos postal address email address phone number hashed password
5 million patients last name, first name date of birth social security number reimbursement file
first and last name, postal address, email address, phone number, health data
294,639 customers Last name, first name Email address Postal address Reason for intervention Date of intervention
name, first name date of birth social security number reimbursement record vision correction data phone number
first and last name, postal code, city, email address, phone number
first and last name, postal code, email address, phone number
first and last name, postal code, city, email address, phone number
optical service quote requests
surname, first name; postal address; email address; phone number
ransomware, corporate data
294,075 customers: first and last name, email address, postal address, phone number, account balance, exchanged messages, comments, reason for visits, technician
First name, last name Email address Postal address Phone number
first and last name, email address, phone number
Claimed data leak concerning Resana.
first name, last name email phone number time, date and place of appointment
3,600 companies (BPCE, Auchan, CGI, Thales, SFR, Orangeβ¦) sensitive network infrastructure data VPN access credentials source code certificates emails SQL backups
50,000 residents: first and last name, postal address, email address, phone number
1.2 million people last name, first name social security number postal address date and place of birth name of bank Pajemploi number and accreditation number IBAN
Claimed data leak concerning Weda.
first name, last name postal address email address phone number password
last name, first name email address phone
5 million customers: username, first and last name, company, postal address, date of birth, password (MD5 hashed), email, phone number, IP address, social networks (Instagram, Facebook, Twitter, Snapchat), date of registration and last login
16,479 people authentication data in plaintext civil status address, phone number, email ID card RIB employment contracts tax notices Social Security attestation training certificate work authorization
Ransomware
licence no. civil status postal address email phone number
34 million patient medical records
Ransomware
first name, country, postal code, email address, phone number
Birth name, usual name, first name(s) Sex Date and place of birth Email address, phone number, postal address Social security number Nationality Organ donor status In some cases, weeks of amenorrhea at birth
student ID documents, CVs, academic transcripts
5,500 job seekers last name, first name France Travail identifier registration category email address RSA status CIR identifier
name, username payment information last 4 digits of payment card transaction history IP address messages exchanged with support ID card age verification documents
Qilin ransomware operators encrypted servers across Asahi's Japanese data centres, halting ordering, shipment, and production at 30 factories, leaking 27 GB of internal data, and exposing personal information of approximately 1.5 million customers, employees, and contacts.
9,971 job seekers email address title, first name, last name advisor email
email address
identity data medical data contact details social security and health insurance details
name email address
licence number last name, first name, gender date and place of birth nationality postal address email address phone number
100,000+ customers; contact data
email usernames hashed passwords
Data leak claimed concerning Eklo.
First name, last name Date of birth Postal address Email address Phone number
A cyberattack on Britain's biggest carmaker forced JLR to shut down its global IT network and halted vehicle production in the UK, China, Slovakia, India, and Brazil for five weeks β now considered the most economically damaging cyber incident in UK history.
salutation, name, first name email, postal address phone number loyalty card number customer status
20GB ransomware
2.25 million
ransomware
intrusion mailing list
last name, first name email address phone number technical identifier
title, last name, first name social security number date of birth postal address customer number phone number store concerned optician's name
name, first name contact information Flying Blue number and status subject of requests submitted
6.4 million customers; contact details; contractual data; civil status; IBAN
name email address
210,607 people; surname, first name; email address; phone
Claimed data leak concerning Orange.
last name, first name email address postal address phone number France Travail identifiers France Travail status
290 GB
34,000 people; ID document; IBAN; carte vitale; employment contract; administrative status; pension supporting document; sworn statement; diploma; CV
first name, last name, gender, country, phone number, postal address, email address, date of birth, purchase data, preferences
first name, last name personal and professional email address phone number postal address spouse and children's first and last names
8 million students first name, last name date of birth member's and parents' email address phone establishment, class disability photo licence activities
A junior developer at C&M Software β a Central Bank-authorized provider of Pix instant-payment connectivity β was paid roughly R$5,000 to hand over credentials. Attackers used the access to drain approximately R$800 million ($148 million) from reserve accounts at six Brazilian financial institutions in 2.5 hours.
64GB
530,000 patients last name, first name date of birth gender postal address phone NIR insurance and administrative documents consultation results
name; email address; country
last name, first name, gender date of birth email address, postal address phone number username, password customer number order history
name, first name email and postal address phone number license plate number
Data leak claimed concerning Dior.
last name, first name gender date of birth, place of birth postal address phone email medical data care pathway date and locations of hospitalisations
64,000 customers; phone number; email address; password; address; passport number
first name, last name date of birth
Social-engineering of a third-party service desk gave Scattered Spider a domain administrator, which they used to deploy DragonForce ransomware on M&S's VMware ESXi estate at Easter 2025 β knocking out contactless payments, Click & Collect, and online ordering for over six weeks.
email address license plate last name, first name phone number postal address
name, first name, date of birth postal address, email address phone number commercial information
name contact details date of birth driver's license credit card passport
50,000 individuals, 5,000 companies, wealth management
last name, first name email address postal address
name, gender, date of birth, marital and professional status, postal address, email address, phone number, income, assets, member number
6 million customers LDAP authentication SSO server authentication keys
private reports & projects; logins and user password hashes; source code; administrative documents
surname, first name; date of birth; postal address; social security number; supplementary health insurance scheme, mutuelle fund, rights end date
name, first name email and postal address phone number license plate
44,000 users first name, last name, gender date and place of birth address profession email, landline and mobile phone
3.4 million transaction number invoice number PayPal reference number transaction code start date / end date of the transaction debited or credited transaction gross amount of the transaction payer account number buyer's username delivery and billing address user ID first and last name, payment source loyalty card number
Data leak claimed concerning Direct Assurance.
tenant file ID documents RIB
Suspicious network activity at Yale New Haven Health led to the largest U.S. healthcare data breach of 2025: 5.5 million patients had names, contact details, dates of birth, medical record numbers, and Social Security numbers stolen. The health system later agreed to an $18 million class-action settlement.
identity email address phone number
first name, last name date of birth contact details loyalty program
last name, first name email, postal address year of birth phone number
30,000 people title, first name, last name date of birth address phone, email city and country of birth nationality social security number PΓ΄le Emploi number VTC card number qualification, education level
power plant intervention and maintenance plan results of security inspections and operations IDs of maintenance staff
67,000 people first name, last name email, phone IBAN
last name, first name phone address recipient number referring organisation RSA & CAF form CV rights opening date deregistration date personalised project notification support arrangements illiteracy status ability to use computer tools childcare solution support from a professional network number of applications professional life associative and professional experience training, skills targeted occupations interests language certification office tools proficiency driving licence
Lazarus operators substituted the implementation contract during a routine Safe multisig transaction, draining ~$1.5 billion in ETH and staked-ETH derivatives from Bybit's Ethereum cold wallet β the largest single cryptocurrency theft in history.
first name, last name gender date and place of birth nationality postal address email address phone number photo copy of ID document
login hashed password email
488,023 accounts first name, last name date of birth phone number email address
first and last name, email address, phone number, postal code
70,000 people
surname, first name; phone number; address; signature
last name, first name email phone number order details
full name postal address, email address phone number Thermomix preference data
name, first name date of birth postal address, phone, email address IBAN social security number health check-up result
first name, last name email address access login case number premium amount service description
808,881 accounts last name, first name postal address email address identifier date of birth phone number
625,434 accounts last name, first name gender date of birth postal address phone email address profile photo
64,512 accounts
last name, first name email address, postal address date and place of birth phone number licence number
Credential stuffing last name, first name date of birth IBAN
Infostealer malware on the endpoints of 15+ TelefΓ³nica employees gave the Hellcat ransomware group credentials into the company's internal Jira ticketing system. Social-engineering escalated the access to SSH. The group did not extort β it publicly published 2.3 GB including 24,000 employee emails, 470,000 internal Jira tickets, and 5,000 internal documents.