Data Breach

In December 2024, Central New York Cardiology (CNYC) experienced a cyberattack that compromised sensitive patient information. Unauthorized access to CNYC’s network occurred between December 26 and December 30, 2024, potentially exposing data such as names, addresses, dates of birth, driver’s license numbers, Social Security numbers, medical diagnoses, health insurance details, […]

On February 19, 2025, the Federal Home Loan Mortgage Corporation (“Freddie Mac”) reported a data breach to the Massachusetts Attorney General after discovering that an unauthorized party had accessed sensitive consumer information, including names and Social Security numbers. While details on the breach remain limited, Freddie Mac confirmed that confidential […]

In December 2024, YES Communities suffered a data breach where an unauthorized party accessed personal data, including names, Social Security numbers, and financial details. The breach occurred between December 9-11 and was discovered soon after. Affected individuals were notified starting February 25, 2025. If impacted, please sign up as you […]

On or around May 30, 2024, Restorix Health discovered that an unauthorized actor had accessed an employee’s email account, exposing sensitive personal and protected health information—including names, dates of birth, government-issued IDs, patient IDs, and various medical details—from May 7 to May 29, 2024; the company promptly secured the account, […]

St. Clair Orthopaedics & Sports Medicine has reported a data breach to the Department of Health and Human Services, affecting approximately 340,000 individuals. The breach potentially exposed a range of personal information, including basic contact details (name, address, date of birth, phone number, and email), health insurance data (policy details, […]

In January 2025, Via Credit Union detected suspicious activity within its computer network, leading to an investigation that revealed an unauthorized third party accessed and acquired certain files between January 18 and January 20. The compromised information includes names, addresses, dates of birth, Social Security numbers, Visa credit card numbers, […]

In February 2025, Reading Cooperative Bank experienced a data breach affecting 20,532 individuals in Massachusetts due to a phishing attack that compromised sensitive consumer data, including Social Security numbers, financial account details, and credit/debit card numbers. Upon discovery, the bank secured its systems, engaged third-party cybersecurity experts, and implemented additional […]

A data breach at DISA Global Solutions, a major U.S. employee screening company, exposed the personal information of over 3.3 million people, including Social Security numbers, credit card details, and government IDs. The cyberattack occurred on February 9, 2024, but went unnoticed for two months, and DISA only recently reported […]

Cardiology of Virginia, Inc. has reported a data breach affecting 21,085 individuals, exposing sensitive personally identifiable information, including medical images. The breach, linked to the ransomware group RansomHub, was first revealed on the dark web on September 7, 2024, with stolen data later confirmed to be published. The incident was […]

Nuna Baby Essentials, Inc. has disclosed a data breach affecting its website’s payment platform, potentially exposing customer payment details, including names, billing addresses, payment card numbers, expiration dates, and CVVs. The breach occurred between September 8, 2024, and December 6, 2024, with Nuna confirming the compromise on February 3, 2025. […]