Data Breach

In late 2024, Andy Frain Services, Inc., a U.S. provider of security and event staffing, experienced a ransomware attack that compromised the personal data of 100,964 individuals. Discovered on October 23, the breach involved unauthorized access to human resources files containing names, Social Security numbers, dates of birth, and other […]

In December 2024, Ascension, one of the largest private healthcare systems in the U.S., experienced a significant data breach involving a former business partner. On December 5, 2024, Ascension became aware that patient information might have been compromised. Following an internal investigation, it was determined on January 21, 2025, that […]

On March 3, 2025, Culinary Services of America, Inc. (CSA) discovered that a phishing email led to unauthorized access to certain personal information. The breach occurred when an employee was targeted, and the attacker gained access to data on the same day. Attorneys are investigating a potential class action lawsuit […]

Between February 12 and February 15, 2024, Valsoft Corporation Inc. (doing business as AllTrust) and its subsidiary Aspire USA, LLC experienced a data breach involving unauthorized access to a non-production computer network. The breach was discovered on February 14, 2024, and an investigation confirmed that sensitive personal information may have […]

On December 7, 2024, the Center detected suspicious activity on its systems and promptly took action to contain the incident by blocking the activity and taking affected systems offline. Law enforcement was notified, and a formal investigation was launched with the support of external cybersecurity experts to assess the nature […]

Between January 27 and February 1, 2025, Caltrol experienced a cybersecurity incident involving unauthorized access to its systems, resulting in the exfiltration of data. The breach was discovered on February 1, 2025, prompting immediate action to secure the network and initiate an investigation with the help of outside cybersecurity experts. […]

On July 29, 2024, The Neurological Institute of Savannah & Center for Spine, P.C. identified a cybersecurity incident involving the ransomware group Ransomhub. The breach was later disclosed in a filing dated May 1, 2025, indicating that 32,548 individuals were affected. The organization provides comprehensive neurological care, suggesting that the […]

Union Health recently notified 262,831 individuals of a data breach involving its electronic records vendor. On February 24, 2025, an unknown party contacted Union Health claiming to have possession of patient information. After verifying the legitimacy of the data, Union Health launched an investigation and informed law enforcement. The compromised […]

In late April 2025, MAK Anesthesia, a Georgia-based anesthesia services provider, reported a data breach affecting 24,079 individuals across the United States. The breach involved both personally identifiable information (PII) and protected health information (PHI), including names, dates of birth, addresses, medical information, and Social Security numbers. The incident was […]

On October 23, 2024, Starkville Utilities in Mississippi discovered unauthorized activity within its computer network, prompting an immediate shutdown of access and the engagement of third-party forensic specialists. The investigation, concluded on December 11, 2024, revealed that an external threat actor had gained limited access to the network and potentially […]