It was another busy month in the cyber security sector, as we discovered 143 incidents that resulted in 1,098,897,134 breached records.
Ransomware was again one of the biggest contributors to that total, accounting for almost one in three data breaches.
As always, you can find the full list of incidents below, with those affecting UK organisations listed in bold.
In case you missed it, you may also be interested in our first quarterly review of data breaches and cyber attacks. The report takes the information collected in these lists and summarises our findings.
It includes year-on-year comparisons in the number of incidents that were detected, a review of the most frequently breached sectors and a running total of incidents for the year.
Contents
Cyber attacks
- Aneurin Bevan health board suffers cyber attack (unknown)
- Drinks giant C&C Group subsidiary shuts down IT systems following security incident (unknown)
- Colchester Institute suffers cyber security attack (unknown)
- Facebook users’ phone numbers leaked on hacking forum (533 million)
- California’s La Clinica de la Raza discloses malware attack (unknown)
- Manquen Vance notifies those affected by email breach (unknown)
- Squirrel Hill Health Center discloses malware attack (unknown)
- Italian municipalities Brescia and Rho hit by cyber attack (unknown)
- US Ivy League school Brown University hit by cyber criminals (unknown)
- Singapore’s National Trades Union Congress’ Employment and Employability Institute breached (30,000)
- Administrative Advantage notifies patients of Remedy Medical Group after email hack (unknown)
- California’s El Monte City Hall investigating unauthorized access (unknown)
- La Ville de Vallauris Golfe-Juan impacted by cyber attack (unknown)
- Atlantic Media says someone gained unauthorized access to its servers (unknown)
- Hacking group’s site Swarmshop targeted by fellow criminal hackers (12,344)
- Cyber criminals dump data from Canada’s Durham Region (unknown)
- Data from COVID-19 test centres in Hamburg, Berlin, Leipzig and Schwerte breached (14,000)
- Scraped Clubhouse user records leaked for free on a popular hacker forum (1.3 million)
- LinkedIn profiles has been put for sale on a popular hacker forum (500 million)
- Retail broking firm Upstox discloses security incident (unknown)
- CareFirst BlueCross BlueShield Community Health Plan District of Columbia discloses breach (unknown)
- ParkMobile breach exposes license plate data and mobile numbers of its users (21 million)
- Two New Jersey school districts report cyber attacks (unknown)
- Gay dating site Manhunt hacked, thousands of accounts stolen (6 million)
- Italian winery Asti DOCG targeted by criminal hackers (unknown)
- Celsius email system breach leads to phishing attack on customers (unknown)
- Switzerland: Schaffhausen hospitals suffer major IT failures (unknown)
- France’s Grésivaudan clinic victim of a cyber attack (unknown)
- French calibration services firm Trescal facing cyber attack (unknown)
- Codecov discloses 2.5-month-long supply chain attack (unknown)
- Geico admits fraudsters stole customers’ driver’s license numbers for months (unknown)
- Elliman’s property management arm suffers data breach (unknown)
- Canac hardware stores victims of a cyber attack (unknown)
- Cyber attack targets Santa Clara Valley Transportation Authority (unknown)
- Data compromised in cyber attack on Japan’s Cabinet Office (231)
- Malware attack on Radixx Res disrupts 20 airlines’ ticket reservation systems (unknown)
- Passwordstate hacked to deploy malware on customer systems (29,000)
- Champagne group Laurent Perrier has been victim of cyber attack (unknown)
- A cyber attack affected the Spanish city council of Xixona (unknown)
- Synchronised cyber attack affects Spanish government (unknown)
- Germany’s Grocer Tegut is the target of a cyber attack (unknown)
- Pharmaceutical company Mipharm SPA victim of a hacker attack (unknown)
- Nissan Securities reveals disruption following unauthorised access (unknown)
- Cyber attack disrupts Fiji’s government online services (unknown)
- DigitalOcean says customer billing data accessed in data breach (unknown)
- Fourth time’s a charm – OGUsers hacking forum hacked again (unknown)
- Hackers target Italian pharmaceutical company Zambon (unknown)
- Thrifty Drug Stores Inc. discloses security incident (unknown)
- St. John’s Well Child and Family Center discovers data compromise (unknown)
- France’s Invicta Group at a standstill since Monday after a cyber attack (unknown)
- Cyber spies target military organizations with new Nebulae backdoor (unknown)
- Toronto hit by ‘potential cyber breach’ from Accellion file transfer software (unknown)
- Data breach discovered at Achievement Center of LECOM Health (unknown)
Flash briefing: Navigate to Cyber Safety – Ransomware
On 26 May 2021, we’ll be hosting a flash briefing to discuss the growing threat of ransomware.
Our panel of experts will offer a high-level overview and practical advice on how these attacks could have been mitigated – and what your organisation needs to do to avoid suffering the same fate.
Register now:
Ransomware
- University of Portsmouth closes campus due to ransomware attack (unknown)
- UK rail network Merseyrail likely hit by Lockbit ransomware(unknown)
- University of Maryland, Baltimore latest to confirm Accellion breach (unknown)
- Hackers hit Italian menswear brand Boggi Milano with ransomware (unknown)
- Missouri’s Affton School District discloses ransomware attack (400)
- The largest supplier of car parts based in Cluj-Napoca blackmailed by hackers (unknown)
- Canadian retailer Home Hardware hit by ransomware (unknown)
- J&B Importers falls victim to a ransomware attack (unknown)
- TriHealth says employees and staff were affected by ransomware (unknown)
- National College of Ireland hit by ransomware attack (unknown)
- Technological University of Dublin victim of ransomware attack (unknown)
- Ransomware attack forces Haverhill Schools to cancel classes (unknown)
- Thousands of schools potentially affected by Axios Italia cyber attack (unknown)
- City of Lawrence hit with significant ransomware attack (unknown)
- Saint-Gaudens hospital latest French hospital to suffer cyber attack (unknown)
- Austria’s Nah&Frisch Wieser Türnitz hit by ransomware attack (unknown)
- Dutch transport company Bakker Logistiek hit by ransomware (unknown)
- Czech city of Olomouc paralyzed by a cyber attack (unknown)
- French city Isle-sur-la-Sorgue victim of ransomware (unknown)
- Realty firm Ansal Housing fears data loss following multiple ransomware attacks (unknown)
- Italy’s Gino Group car dealership notifies customers of ransomware attack (unknown)
- Italian healthcare facility USL Umbria2 attacked with ransomware (unknown)
- French City of Morières-lès-Avignon hit by ransomware (unknown)
- The town hall of Douai suffers ransomware attack (unknown)
- Hardware company Würth France involved in suspected ransomware attack (unknown)
- Belgian city of Floreffe victim of a suspected ransomware infection (unknown)
- Czech consumer electronics firm Asbis hit by ransomware (unknown)
- Turin Territorial Housing Agency infected with ransomware (unknown)
- Swiss firm Griesser AG victim of ransomware attack (unknown)
- Houston Rockets hit by Babuk ransomware (unknown)
- Maritime services provider Bourbon Group hit by a cyber attack (unknown)
- Brazil’s National Library website falls victim to a ransomware attack and goes offline (unknown)
- Phone House Spain hit by Babuk ransomware (3 million)
- Malta’s Nationalist Party affected by ransomware (unknown)
- State institution in Slovakia target of ransomware attacks (unknown)
- Hackers post files from Broward School District following ransomware attack (26,000)
- Bavarian city of Kammelta hit by ransomware (unknown)
- University of Castilla-La Mancha (UCLM) suffers a ransomware attack (unknown)
- Hackers target Japan’s Hoya Corp with ransomware (unknown)
- Cegos Group victim of ransomware attack (unknown)
- Illinois Attorney General’s Office in suspected ransomware attack (unknown)
- Germany’s Madsack publishing group hit by ransomware (unknown)
- Ransomware attack on Norway’s Nordlo knocked out systems in several care institutions (unknown)
- Queensland hospitals and aged care facilities crippled by ransomware (unknown)
- New York’s Guilderland Central School District hit with ransomware (unknown)
- Oregon’s Centennial schools shuttered after hackers breach systems (unknown)
- France’s Bourg-Saint-Maurice town hall is the target of a cyber attack (unknown)
- Italy’s Banca di Credito Cooperativo suffers cyber attack (unknown)
- Presque Isle police data leaked by threat actors (unknown)
- Baclesse cuts its Internet connection to prevent the spread of a computer worm (unknown)
- Cyber attack against the company involved with the 1915 Çanakkale bridge and motorway project (20,000)

If you find yourself facing a cyber security disaster, IT Governance is here to help. Our Cyber Incident Response service provides the help you need to deal with the threat, as our experts guide you through the recovery process.
They’ll review the breach, mitigate the damage and ensure that you are up and running again as soon as possible.
Data breaches
- Social worker shared confidential details of someone in care on Facebook (unknown)
- Furious Football Index investors have their identities revealed by DCMS email gaffe (500)
- HMRC outlines late-filing penalty notices data breach (18,496)
- New Zealand’s Allied Press hit by data breach (unknown)
- Woolfson Eye Institute says employee laptop was stolen (unknown)
- Education nonprofit Edraak ignored a student data leak for two months (20,000)
- Signify Health notifies covered entities’ patients of possible access to their PHI (unknown)
- Q Link Wireless exposes data of its customer base (2 million)
- Certis exposes personal data from e-mails (62,000)
- Chattanooga Library card owners revealed in data breach (5,000)
- Privacy breach at Algoma Public Health (unknown)
- Swinburne University confirms that staff and students affected in data breach (5,300)
- Chesterfield County Public Schools mistakenly releases names of students, staff with COVID (1,000)
- Wake Forest University Counseling Center sends errant email to hundreds (860)
- Reverb discloses data breach exposing musicians’ personal info (5.6 million)
- Wyoming Department of Health leaking data online (164,021)
- Maine government website displayed mental health patients’ confidential information (unknown)
- Israel: Private patient cases of deceased psychologist found on the street (unknown)
- Contact tracing data breach exposes health information of Pennsylvanians (72,000)
Financial information
- Arup staff hit by cyber hacker attack at payroll provider (unknown)
- Hacker grabs users’ payment details from Cardpool.com (330,000)
- University of Colorado data breach affects social security numbers and financial information (310,000)
- AmeriFirst warns customers of December data breach (unknown)
- Tennessee-based First Horizon discloses data security breach (unknown)
- Breached online ordering platforms expose hundreds of restaurants (340,000)
- Hotbit cryptocurrency exchange down after hackers targeted wallets (500,000)
Malicious insiders and miscellaneous incidents
- VA staffer used medical records to stalk and harass female vet (unknown)
- Winnipeg Regional Health Authority contacted those affected by data breach (58)
- Privacy breach at Canada’s RDRHC Diagnostic Imaging department (3,224)
- Montefiore Medical Center discloses another insider-wrongdoing breach (unknown)
- Software developer charged with damaging the computer system of a Cleveland company (unknown)
- A hard disk with data people stolen from the Amsterdam tax office (30,000)
- Peak Vista Community Health patient information on stolen computers (unknown)
- Calgary Police officer charged with privacy breaches (unknown)
In other news…
- Buying breached data: When is it ethical?
- Maze/Egregor ransomware cartel estimated to have made $75 million
- Brokerage firm agrees to $3 million deal for New York cyber security rule violations
- National Australia Bank repays customers $687k for 2019 data breach
Will you be next?
No one thinks their organisation will fall victim to a security incident until it happens to them – but as we’ve demonstrated here, data breaches are so prevalent that everyone must have a plan.

If you find yourself staring down disaster, IT Governance is here to help. Our Cyber Incident Response service provides the help you need to deal with the threat, as our experts guide you through the recovery process.
They’ll review the breach, mitigate the damage and ensure that you are up and running again as soon as possible.
Hi Luke!
I’m writing a scientific article on cybercrime and was wondering how to distinguish cyber attack from data breaches?
Under Cyber attack there is even a title including data breaches:
“Data breach discovered at Achievement Center of LECOM Health”
Good question — because most reports of cyber attacks involve data breaches (i.e. compromised sensitive information). We define cyber attacks strictly as incidents caused by criminal hackers, and data breaches as incidents caused by internal actors (e.g. employees misconfiguring a database).
There is definitely overlap, and sometimes we’re limited by what has been reported at the time, but the distinction allows us to see a general trend in the ways security incidents occur.