Comparitech.com
@comparitech.bsky.social
Providing in-depth tech research and the latest on cybersecurity threats. Follow for all the information on #ransomware attacks as they happen.
‼️ UPDATE: 9,756 in South Carolina are now being notified of a data breach following this #ransomware attack on Spartanburg County in August 2025.
Qilin claimed the attack on the government entity.
bit.ly/4gvF53Q
Qilin claimed the attack on the government entity.
bit.ly/4gvF53Q
🚨 #Ransomware gang Qilin says it hacked Spartanburg County, SC 🇺🇸 390 GB of data allegedly stolen.
Spartanburg County suffered an attack in early August 2025, making this the third confirmed attack on the government organization since 2018.
bit.ly/4gvF53Q
By: @pabischoff.bsky.social
Spartanburg County suffered an attack in early August 2025, making this the third confirmed attack on the government organization since 2018.
bit.ly/4gvF53Q
By: @pabischoff.bsky.social
December 30, 2025 at 5:09 PM
‼️ UPDATE: 9,756 in South Carolina are now being notified of a data breach following this #ransomware attack on Spartanburg County in August 2025.
Qilin claimed the attack on the government entity.
bit.ly/4gvF53Q
Qilin claimed the attack on the government entity.
bit.ly/4gvF53Q
🚨 Usdaw (Union of Shop, Distributive and Allied Workers) 🇬🇧 has been added to the data leak site of #ransomware gang SafePay.
The trade union confirmed a cyber attack had impacted systems on December 4. These were restored as of December 17.
bit.ly/3T0yGne
The trade union confirmed a cyber attack had impacted systems on December 4. These were restored as of December 17.
bit.ly/3T0yGne
December 30, 2025 at 10:22 AM
🚨 Usdaw (Union of Shop, Distributive and Allied Workers) 🇬🇧 has been added to the data leak site of #ransomware gang SafePay.
The trade union confirmed a cyber attack had impacted systems on December 4. These were restored as of December 17.
bit.ly/3T0yGne
The trade union confirmed a cyber attack had impacted systems on December 4. These were restored as of December 17.
bit.ly/3T0yGne
🚨 Kelsey School Division 🇨🇦 has been added to the data leak site of Ransomware Blog/MedusaLocker. A ransom of $40K is being demanded for the stolen data.
The Canadian school district confirmed a cyber attack had impacted systems on November 13, 2025.
bit.ly/3MYlXAH
By: @pabischoff.bsky.social
The Canadian school district confirmed a cyber attack had impacted systems on November 13, 2025.
bit.ly/3MYlXAH
By: @pabischoff.bsky.social
December 29, 2025 at 8:32 PM
🚨 Kelsey School Division 🇨🇦 has been added to the data leak site of Ransomware Blog/MedusaLocker. A ransom of $40K is being demanded for the stolen data.
The Canadian school district confirmed a cyber attack had impacted systems on November 13, 2025.
bit.ly/3MYlXAH
By: @pabischoff.bsky.social
The Canadian school district confirmed a cyber attack had impacted systems on November 13, 2025.
bit.ly/3MYlXAH
By: @pabischoff.bsky.social
‼️ Ellafi Federal Credit Union 🇺🇸 is issuing data breach notifications to 17,627 people following a cyber attack in Oct '25. SSNs and credit/debit card numbers affected.
#Ransomware gang Akira claimed the attack after allegedly stealing 17 GB of data.
bit.ly/4bsqDGS
#Ransomware gang Akira claimed the attack after allegedly stealing 17 GB of data.
bit.ly/4bsqDGS
December 29, 2025 at 4:19 PM
‼️ Ellafi Federal Credit Union 🇺🇸 is issuing data breach notifications to 17,627 people following a cyber attack in Oct '25. SSNs and credit/debit card numbers affected.
#Ransomware gang Akira claimed the attack after allegedly stealing 17 GB of data.
bit.ly/4bsqDGS
#Ransomware gang Akira claimed the attack after allegedly stealing 17 GB of data.
bit.ly/4bsqDGS
‼️BTU International 🇺🇸 is issuing data breach notifications to 373 people following a #ransomware attack in Aug '25. SSNs & financial account numbers affected. Hackers unknown.
This is the 2nd attack on the manufacturer. Also hit by DarkSide in Apr '21.
bit.ly/4bsqDGS
This is the 2nd attack on the manufacturer. Also hit by DarkSide in Apr '21.
bit.ly/4bsqDGS
Recent ransomware attacks visualized on US map
Map visualizes open ports with ransomed databases to highlight recent ransomware attacks across America.
bit.ly
December 29, 2025 at 2:07 PM
‼️BTU International 🇺🇸 is issuing data breach notifications to 373 people following a #ransomware attack in Aug '25. SSNs & financial account numbers affected. Hackers unknown.
This is the 2nd attack on the manufacturer. Also hit by DarkSide in Apr '21.
bit.ly/4bsqDGS
This is the 2nd attack on the manufacturer. Also hit by DarkSide in Apr '21.
bit.ly/4bsqDGS
🚨 Inha University 🇰🇷 has been added to the data leak site of Gunra. 650 GB stolen.
The South Korean university confirmed its systems were impacted in a #ransomware attack on December 28 but these were restored after 14 hours. A data breach is likely.
bit.ly/3T0yGne
The South Korean university confirmed its systems were impacted in a #ransomware attack on December 28 but these were restored after 14 hours. A data breach is likely.
bit.ly/3T0yGne
December 29, 2025 at 11:23 AM
🚨 Inha University 🇰🇷 has been added to the data leak site of Gunra. 650 GB stolen.
The South Korean university confirmed its systems were impacted in a #ransomware attack on December 28 but these were restored after 14 hours. A data breach is likely.
bit.ly/3T0yGne
The South Korean university confirmed its systems were impacted in a #ransomware attack on December 28 but these were restored after 14 hours. A data breach is likely.
bit.ly/3T0yGne
🚨 ATALIAN 🇫🇷 has been added to the data leak site of Qilin. 500 GB allegedly stolen.
ATALIAN confirmed a #ransomware attack had impacted systems on December 6 and that data had been breached.
Qilin has set a ransom deadline of just over 1 week.
bit.ly/3T0yGne
ATALIAN confirmed a #ransomware attack had impacted systems on December 6 and that data had been breached.
Qilin has set a ransom deadline of just over 1 week.
bit.ly/3T0yGne
December 29, 2025 at 10:48 AM
🚨 ATALIAN 🇫🇷 has been added to the data leak site of Qilin. 500 GB allegedly stolen.
ATALIAN confirmed a #ransomware attack had impacted systems on December 6 and that data had been breached.
Qilin has set a ransom deadline of just over 1 week.
bit.ly/3T0yGne
ATALIAN confirmed a #ransomware attack had impacted systems on December 6 and that data had been breached.
Qilin has set a ransom deadline of just over 1 week.
bit.ly/3T0yGne
🚨 Dom Development S.A. 🇵🇱 has been added to the data leak site of #ransomware gang Qilin.
This month, the Polish housing development firm confirmed hackers had stolen data from its systems, including PESEL numbers, ID cards, health & financial info.
bit.ly/3T0yGne
This month, the Polish housing development firm confirmed hackers had stolen data from its systems, including PESEL numbers, ID cards, health & financial info.
bit.ly/3T0yGne
December 29, 2025 at 10:22 AM
🚨 Dom Development S.A. 🇵🇱 has been added to the data leak site of #ransomware gang Qilin.
This month, the Polish housing development firm confirmed hackers had stolen data from its systems, including PESEL numbers, ID cards, health & financial info.
bit.ly/3T0yGne
This month, the Polish housing development firm confirmed hackers had stolen data from its systems, including PESEL numbers, ID cards, health & financial info.
bit.ly/3T0yGne
🚨 Over the weekend, BQTLOCK added 4 Dubai-based leisure companies to its site 🇦🇪
3 of the websites are displaying a message from the #ransomware group. These are:
- Hatta Heritage Village
- Dhow Cruise Dubai Harbour
- Morning Desert Safari
bit.ly/3T0yGne
3 of the websites are displaying a message from the #ransomware group. These are:
- Hatta Heritage Village
- Dhow Cruise Dubai Harbour
- Morning Desert Safari
bit.ly/3T0yGne
December 29, 2025 at 9:49 AM
🚨 Over the weekend, BQTLOCK added 4 Dubai-based leisure companies to its site 🇦🇪
3 of the websites are displaying a message from the #ransomware group. These are:
- Hatta Heritage Village
- Dhow Cruise Dubai Harbour
- Morning Desert Safari
bit.ly/3T0yGne
3 of the websites are displaying a message from the #ransomware group. These are:
- Hatta Heritage Village
- Dhow Cruise Dubai Harbour
- Morning Desert Safari
bit.ly/3T0yGne
🚨 Chuo Gakuin University 🇯🇵 has confirmed it was targeted in a #ransomware attack on December 23. Investigations are ongoing.
No hacker groups have claimed the attack as of yet.
It's the 8th confirmed attack on the Japanese education sector this year.
bit.ly/3T0yGne
No hacker groups have claimed the attack as of yet.
It's the 8th confirmed attack on the Japanese education sector this year.
bit.ly/3T0yGne
Map of worldwide ransomware attacks (updated daily) - Comparitech
Each dot represents the location of a ransomware attack, with the color of the dot indicating the sector affected (healthcare, education, government, and business). This map updates daily and pinpoint...
bit.ly
December 29, 2025 at 9:06 AM
🚨 Chuo Gakuin University 🇯🇵 has confirmed it was targeted in a #ransomware attack on December 23. Investigations are ongoing.
No hacker groups have claimed the attack as of yet.
It's the 8th confirmed attack on the Japanese education sector this year.
bit.ly/3T0yGne
No hacker groups have claimed the attack as of yet.
It's the 8th confirmed attack on the Japanese education sector this year.
bit.ly/3T0yGne
🚨 PT Clipan Finance Indonesia Tbk 🇮🇩 was one of the victims added to #ransomware group LockBit's site.
The Indonesian finance company confirmed an attack impacted internal systems on November 26, 2025.
bit.ly/3T0yGne
The Indonesian finance company confirmed an attack impacted internal systems on November 26, 2025.
bit.ly/3T0yGne
December 26, 2025 at 4:58 PM
🚨 PT Clipan Finance Indonesia Tbk 🇮🇩 was one of the victims added to #ransomware group LockBit's site.
The Indonesian finance company confirmed an attack impacted internal systems on November 26, 2025.
bit.ly/3T0yGne
The Indonesian finance company confirmed an attack impacted internal systems on November 26, 2025.
bit.ly/3T0yGne
🚨 Over the last few days, LockBit has added 54 victims to its site.
Most targeted countries:
🇹🇷x6 Turkey
🇪🇸x5 Spain
🇨🇿🇫🇷x3 Czechia & France
Most targeted sectors:
🏭x8 manufacturers
🧑🍳x6 food and beverage companies
🏫x5 education
🏗️x4 construction
bit.ly/3T0yGne
#ransomware
Most targeted countries:
🇹🇷x6 Turkey
🇪🇸x5 Spain
🇨🇿🇫🇷x3 Czechia & France
Most targeted sectors:
🏭x8 manufacturers
🧑🍳x6 food and beverage companies
🏫x5 education
🏗️x4 construction
bit.ly/3T0yGne
#ransomware
Map of worldwide ransomware attacks (updated daily) - Comparitech
Each dot represents the location of a ransomware attack, with the color of the dot indicating the sector affected (healthcare, education, government, and business). This map updates daily and pinpoint...
bit.ly
December 26, 2025 at 4:51 PM
🚨 Over the last few days, LockBit has added 54 victims to its site.
Most targeted countries:
🇹🇷x6 Turkey
🇪🇸x5 Spain
🇨🇿🇫🇷x3 Czechia & France
Most targeted sectors:
🏭x8 manufacturers
🧑🍳x6 food and beverage companies
🏫x5 education
🏗️x4 construction
bit.ly/3T0yGne
#ransomware
Most targeted countries:
🇹🇷x6 Turkey
🇪🇸x5 Spain
🇨🇿🇫🇷x3 Czechia & France
Most targeted sectors:
🏭x8 manufacturers
🧑🍳x6 food and beverage companies
🏫x5 education
🏗️x4 construction
bit.ly/3T0yGne
#ransomware
‼️Persante Health Care 🇺🇸 is notifying 111,815 people of a data breach following a cyber attack in January 2025. SSNs, medical info & payment card data are among the data affected.
#Ransomware gang INC claimed the attack.
bit.ly/4bsqDGS
#Ransomware gang INC claimed the attack.
bit.ly/4bsqDGS
December 26, 2025 at 1:37 PM
‼️Persante Health Care 🇺🇸 is notifying 111,815 people of a data breach following a cyber attack in January 2025. SSNs, medical info & payment card data are among the data affected.
#Ransomware gang INC claimed the attack.
bit.ly/4bsqDGS
#Ransomware gang INC claimed the attack.
bit.ly/4bsqDGS
🚨 Eastern Townships School Board 🇨🇦 has been added to the data leak site of #ransomware gang Qilin.
The Canadian school district confirmed its network had been disrupted in a cyber attack on December 18 but that "sensitive databases" weren't breached.
bit.ly/3T0yGne
The Canadian school district confirmed its network had been disrupted in a cyber attack on December 18 but that "sensitive databases" weren't breached.
bit.ly/3T0yGne
December 26, 2025 at 1:16 PM
🚨 Eastern Townships School Board 🇨🇦 has been added to the data leak site of #ransomware gang Qilin.
The Canadian school district confirmed its network had been disrupted in a cyber attack on December 18 but that "sensitive databases" weren't breached.
bit.ly/3T0yGne
The Canadian school district confirmed its network had been disrupted in a cyber attack on December 18 but that "sensitive databases" weren't breached.
bit.ly/3T0yGne
🚨 South Africa's National Credit Regulator 🇿🇦 has been added to the data leak site of #ransomware gang DragonForce. 42.02 GB allegedly stolen.
The government entity confirmed its systems had been impacted in a cyber attack on December 12.
bit.ly/3T0yGne
The government entity confirmed its systems had been impacted in a cyber attack on December 12.
bit.ly/3T0yGne
December 26, 2025 at 11:44 AM
🚨 South Africa's National Credit Regulator 🇿🇦 has been added to the data leak site of #ransomware gang DragonForce. 42.02 GB allegedly stolen.
The government entity confirmed its systems had been impacted in a cyber attack on December 12.
bit.ly/3T0yGne
The government entity confirmed its systems had been impacted in a cyber attack on December 12.
bit.ly/3T0yGne
🚨 Logic Vein Co., Ltd. 🇯🇵 has been added to the data leak site of #ransomware gang Qilin.
The Japanese tech company confirmed it had detected unauthorized access to its systems on December 8. Data breach investigations are ongoing.
bit.ly/3T0yGne
The Japanese tech company confirmed it had detected unauthorized access to its systems on December 8. Data breach investigations are ongoing.
bit.ly/3T0yGne
December 26, 2025 at 11:13 AM
🚨 Logic Vein Co., Ltd. 🇯🇵 has been added to the data leak site of #ransomware gang Qilin.
The Japanese tech company confirmed it had detected unauthorized access to its systems on December 8. Data breach investigations are ongoing.
bit.ly/3T0yGne
The Japanese tech company confirmed it had detected unauthorized access to its systems on December 8. Data breach investigations are ongoing.
bit.ly/3T0yGne
🚨 47CLUB 🇯🇵 was added to the data leak site of #ransomware gang SafePay this week. This comes after the Japanese food retailer confirmed it had been hit by an attack on November 28.
Some servers were affected and data breach investigations are ongoing.
bit.ly/3T0yGne
Some servers were affected and data breach investigations are ongoing.
bit.ly/3T0yGne
December 26, 2025 at 9:58 AM
🚨 47CLUB 🇯🇵 was added to the data leak site of #ransomware gang SafePay this week. This comes after the Japanese food retailer confirmed it had been hit by an attack on November 28.
Some servers were affected and data breach investigations are ongoing.
bit.ly/3T0yGne
Some servers were affected and data breach investigations are ongoing.
bit.ly/3T0yGne
🚨 Omnibus Japan Co., Ltd. 🇯🇵 has been added to the data leak site of #ransomware gang Lynx.
The Japanese video production company confirmed its systems had been impacted in an attack on December 9, 2025. Tohokushinsha Co., Ltd. was unaffected, however.
bit.ly/3T0yGne
The Japanese video production company confirmed its systems had been impacted in an attack on December 9, 2025. Tohokushinsha Co., Ltd. was unaffected, however.
bit.ly/3T0yGne
December 23, 2025 at 3:29 PM
🚨 Omnibus Japan Co., Ltd. 🇯🇵 has been added to the data leak site of #ransomware gang Lynx.
The Japanese video production company confirmed its systems had been impacted in an attack on December 9, 2025. Tohokushinsha Co., Ltd. was unaffected, however.
bit.ly/3T0yGne
The Japanese video production company confirmed its systems had been impacted in an attack on December 9, 2025. Tohokushinsha Co., Ltd. was unaffected, however.
bit.ly/3T0yGne
🚨 Clínica Dávila 🇨🇱 has been added to the data leak site of #ransomware gang Devman. 250 GB allegedly stolen, inc. IDs & HIV test results.
The Chilean healthcare company suffered an attack last week which caused widespread disruption to systems.
bit.ly/3T0yGne
The Chilean healthcare company suffered an attack last week which caused widespread disruption to systems.
bit.ly/3T0yGne
December 23, 2025 at 10:31 AM
🚨 Clínica Dávila 🇨🇱 has been added to the data leak site of #ransomware gang Devman. 250 GB allegedly stolen, inc. IDs & HIV test results.
The Chilean healthcare company suffered an attack last week which caused widespread disruption to systems.
bit.ly/3T0yGne
The Chilean healthcare company suffered an attack last week which caused widespread disruption to systems.
bit.ly/3T0yGne
🚨 National Biscuit Industries Ltd SAOG 🇴🇲 has been added to the data leak site of #ransomware gang Qilin.
The biscuit manufacturer confirmed it had experienced a cyber attack on December 6 but that business operations continued with minimal impact.
bit.ly/3T0yGne
The biscuit manufacturer confirmed it had experienced a cyber attack on December 6 but that business operations continued with minimal impact.
bit.ly/3T0yGne
December 23, 2025 at 10:12 AM
🚨 National Biscuit Industries Ltd SAOG 🇴🇲 has been added to the data leak site of #ransomware gang Qilin.
The biscuit manufacturer confirmed it had experienced a cyber attack on December 6 but that business operations continued with minimal impact.
bit.ly/3T0yGne
The biscuit manufacturer confirmed it had experienced a cyber attack on December 6 but that business operations continued with minimal impact.
bit.ly/3T0yGne
‼️ Brevard Skin and Cancer Center 🇺🇸 is notifying 55.5K people of a data breach following a cyber attack in September 2025. SSNs and medical info among the data affected.
#Ransomware gang PEAR claimed the attack on the healthcare company. 1.8 TB stolen.
bit.ly/4p98Aei
By: @pabischoff.bsky.social
#Ransomware gang PEAR claimed the attack on the healthcare company. 1.8 TB stolen.
bit.ly/4p98Aei
By: @pabischoff.bsky.social
December 22, 2025 at 5:02 PM
‼️ Brevard Skin and Cancer Center 🇺🇸 is notifying 55.5K people of a data breach following a cyber attack in September 2025. SSNs and medical info among the data affected.
#Ransomware gang PEAR claimed the attack on the healthcare company. 1.8 TB stolen.
bit.ly/4p98Aei
By: @pabischoff.bsky.social
#Ransomware gang PEAR claimed the attack on the healthcare company. 1.8 TB stolen.
bit.ly/4p98Aei
By: @pabischoff.bsky.social
🚨 Stadt Fürth 🇩🇪 has been added to the data leak site of #ransomware gang Qilin.
The German city recently warned residents of a cyber attack on its drainage system, which may have resulted in a data breach.
bit.ly/3T0yGne
The German city recently warned residents of a cyber attack on its drainage system, which may have resulted in a data breach.
bit.ly/3T0yGne
December 22, 2025 at 2:52 PM
🚨 Stadt Fürth 🇩🇪 has been added to the data leak site of #ransomware gang Qilin.
The German city recently warned residents of a cyber attack on its drainage system, which may have resulted in a data breach.
bit.ly/3T0yGne
The German city recently warned residents of a cyber attack on its drainage system, which may have resulted in a data breach.
bit.ly/3T0yGne
🚨 Eanes Independent School District 🇺🇸 has been added to the data leak site of #ransomware gang Qilin.
The district appears to have suffered a cybersecurity incident about 2 weeks ago (according to a Reddit thread) but the school is yet to confirm.
bit.ly/4bsqDGS
The district appears to have suffered a cybersecurity incident about 2 weeks ago (according to a Reddit thread) but the school is yet to confirm.
bit.ly/4bsqDGS
December 22, 2025 at 2:20 PM
🚨 Eanes Independent School District 🇺🇸 has been added to the data leak site of #ransomware gang Qilin.
The district appears to have suffered a cybersecurity incident about 2 weeks ago (according to a Reddit thread) but the school is yet to confirm.
bit.ly/4bsqDGS
The district appears to have suffered a cybersecurity incident about 2 weeks ago (according to a Reddit thread) but the school is yet to confirm.
bit.ly/4bsqDGS
‼️The University of Phoenix 🇺🇸 has confirmed that 3,489,274 people have been impacted in its August 2025 data breach following the Oracle zero-day vulnerability exploit.
#Ransomware gang Clop claimed the attack.
bit.ly/4bsqDGS
#Ransomware gang Clop claimed the attack.
bit.ly/4bsqDGS
December 22, 2025 at 1:26 PM
‼️The University of Phoenix 🇺🇸 has confirmed that 3,489,274 people have been impacted in its August 2025 data breach following the Oracle zero-day vulnerability exploit.
#Ransomware gang Clop claimed the attack.
bit.ly/4bsqDGS
#Ransomware gang Clop claimed the attack.
bit.ly/4bsqDGS
🚨 DXS International 🇺🇸 has confirmed it was hit by a cyber attack on December 14. Impact on services was minimal but data breach investigations are ongoing in conjunction with NHS England.
#Ransomware group Devman claimed the attack. 300 GB stolen.
bit.ly/3T0yGne
#Ransomware group Devman claimed the attack. 300 GB stolen.
bit.ly/3T0yGne
December 19, 2025 at 8:57 AM
🚨 DXS International 🇺🇸 has confirmed it was hit by a cyber attack on December 14. Impact on services was minimal but data breach investigations are ongoing in conjunction with NHS England.
#Ransomware group Devman claimed the attack. 300 GB stolen.
bit.ly/3T0yGne
#Ransomware group Devman claimed the attack. 300 GB stolen.
bit.ly/3T0yGne