In August 2025, DataBreaches added the Colorado Health Network (CHN) to our non-public worksheets after threat actors called Cephalus added the provider to its’ dark web leak site with a claim that they had acquired 900 GB of data. Cephalus disappeared from public view days later, and never leaked the data on any server that...

Source

Two members of Scattered Spider, who were arrested in 2024 and 2025, have reportedly changed their pleas to guilty just before their trials were set to begin. Victoria Collins reports: Two men have pleaded guilty to offences in connection with a massive cyber attack which caused Transport for London (TfL) months of disruption and cost...

Source

Xsolis, Inc. is a business associate in the healthcare sector, providing utilization and case management services. They describe themselves as applying “industry-leading AI and automation to ensure appropriate care settings and accelerate collaboration across a connected network of providers and payers.” On June 19, California Attorney General’s Office posted a copy of a breach notification...

Source

On April 19, 2026, Cherry Health in Michigan detected suspicious network activity. Investigation revealed that an unknown person or persons had gained access to its network and copied data. On June 18, Cherry Health published a preliminary notice on its website.  The notice makes no mention of any earlier reporting on the incident that had...

Source

June was a challenging month for Novo Nordisk regarding cybersecurity and intellectual property protection. The pharma giant allegedly had some of its data — including intellectual property — stolen by two independent groups of threat actors. Unaware of each other, each group claimed to have acquired a large amount of valuable information. One demanded $25...

Source

Ahmed Humble reports that 41,485 Texans may have had personal and protected health information exposed in a data breach involving a Houston-based Blue Fish Pediatrics. The breach reportedly occurred between July 11 and July 17, 2025, but patients are only first being notified now. The types of information included: Full names Dates of birth Social...

Source

Emily Hill reports: One Medical, the primary care provider acquired by Amazon in 2023, is facing questions after the cybercriminal group ShinyHunters claimed it stole 8.8 terabytes of company data and threatened to publish the information unless negotiations begin by June 22. The allegation remains unverified, and the group has not released any sample data to support...

Source

The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) today announced a settlement with Spencer Gifts LLC Flexible Benefits and Welfare Benefit Plans (the Plan), the employer-sponsored group health plan of Spencer Gifts LLC, a national retail company, over potential violations of the Health Insurance Portability and Accountability Act of...

Source

In February 2025, after the Medusa ransomware gang claimed responsibility for an attack on the UK healthcare provider HCRG Care Group, HCRG confirmed it had been breached but would only say it was investigating. While they remained silent, SuspectFile obtained and reported on data provided to them by Medusa. SuspectFiles‘s reporting made it clear that...

Source

Russell Myers reports: A hospital worker at the private clinic where the Princess of Wales had abdominal surgery is set to face a criminal prosecution following an investigation into claims that the Princess’ medical records had allegedly been accessed by staff in 2024, it is understood. A total of three trusted employees, who worked at The...

Source

Louise Hickey reports: The HSE has been fined €300,000 by the Data Protection Commission (DPC) over a breach of patient’s personal data in 2018 at the Midland Regional Hospital, Tullamore. The Data Protection Commission has announced its final decision on the fine following an inquiry into a ransomware attack on the laboratory information system in...

Source

Yesterday, DataBreaches reported that FulcrumSec had hacked Danish pharmaceutical giant Novo Nordisk. FulcrumSec followed up on that reporting by releasing their own very detailed report on their dark web leak site about the incident and what they had acquired. This morning, DataBreaches woke up to find messages waiting on Signal from someone claiming they, too, had hacked...

Source

Danish pharma giant Novo Nordisk disclosed a cybersecurity incident last week, and although the firm’s name may not be familiar to everyone, they are a major producer of insulin and semaglutide. Semaglutide is marketed as Wegovy for weight loss and Ozempic for Type 2 diabetes. In its June 11 update, the firm stated that the...

Source

Eric Sagonowsky reports: As cybersecurity threats have proliferated across industries in recent years, biopharma companies have emerged as prominent targets, with intellectual property, patient data and other sensitive information at stake. Now, Novo Nordisk is the latest drug giant to report a data breach. In a Thursday incident notice, Novo said it recently identified a security...

Source

Do you remember the horrific American Medical Collection Agency (Retrieval-Masters Creditors Bureau Inc.) breach in 2019?  You can refresh your memory by scrolling through the Related posts below this one, but TL;DR: LabCorp was one of AMCA’s clients that was affected by the breach, and in July 2019, they notified HHS that 10,251,784 patients had...

Source

In July 2025, the Nova ransomware gang stole cervical cancer screening data on 850,000 women held by Clinical Diagnostics (“Eurofins”). The lab paid them an undisclosed ransom amount, but that has not been the end of the lab’s problems. In May 2026, the Dutch Health and Youth Care Inspectorate concluded that the laboratory had failed...

Source

Genevieve Serra reports: In a shocking breach of privacy, the confidential medical records of almost 3 000 local police officers have been leaked among staff, raising serious concerns about the security of sensitive data within the South African Police Service (SAPS). With an independent investigation currently taking place, the matter has prompted a widespread call...

Source

NHK News reports: Japan’s National Hospital Organization says hard drives from two hospitals in Hokkaido were listed on auction sites, resulting in a leak of personal information from at least 180,000 patients and employees. The group warns that the leak could potentially affect up to 510,000 people. Last June, the Hokkaido Medical Center — part...

Source

Mason Lewsey reports: Thousands of Essex patient records were compromised in a cyber attack linked to a major NHS data breach, MSE has confirmed. Mid and South Essex NHS Foundation Trust revealed that around 2,380 patient test records were stolen in the attack, which affected data held by third-party provider Synnovis. The trust operates Southend...

Source

Michel Gribouille reports: A major French health-care payments middleman says hackers broke into a key authorization portal and may have exposed sensitive personal data, including France’s equivalent of a Social Security number, setting off warnings about identity theft and scam attempts. Almerys, a company that helps process “third-party payment” transactions so patients don’t have to...

Source