We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021.
But don’t be fooled by that number – it comes from 106 incidents, which is roughly average for the year.
It’s simply the case that in the majority of cases, the breached organisation didn’t reveal how much data was compromised, either because it didn’t know or wasn’t obliged to reveal it publicly.
June’s figures bring the annual running total of security incidents to 729 and the total number of breached records to 3,947,030,094.
As always, you can find the full list of incidents below, with those affecting UK organisations listed in bold.
And don’t forget to subscribe to our Weekly Round-up to receive the latest industry news and advice – including our Q2 review of data breaches and cyber attacks, based on these lists, which will be published in early July.
Contents
Cyber attacks
- Furniture Village discloses cyber attack (unknown)
- Police investigate ‘serious cyber attack’ at Brechin school (1,800)
- 20/20 Eye Care Network and Hearing Care Network notify health plan members of security incident (3,253,822)
- Data security breach at North Dakota’s Ralph Engelstad Arena (318)
- Montanta’s Glacier Medical Associates reports data security breach (unknown)
- New York’s M.T.A. breached by criminal hackers (unknown)
- Tokyo Games organizers hit by data breach and info leak (170)
- Michigan’s WMed warns employees and beneficiaries of phishing incident (2,474)
- Apache Pizza announce data breach associated with details of delivery customers (unknown)
- Des Moines Area Community College investigation potential security incident (unknown)
- Northwestern Illinois Area Agency on Aging notifying clients of breach (unknown)
- German mail order firm Pearl taken online shop offline after cyber attack (unknown)
- US truck and military vehicle maker Navistar discloses security incident (unknown)
- New York City Law Department hit by cyber attack (unknown)
- Michigan Fitness Foundation notice concerning email hack (unknown)
- Hackers steal wealth of data from game giant EA (unknown)
- Camaïeu retailer and municipality of Pont-Saint-Esprit suffer security incidents (unknown)
- Ohio-based Five Rivers Health Centers notified patients after phishing incident (155,748)
- McDonald’s hit by data breach, customer personal data exposed in South Korea, Taiwan (unknown)
- Menominee Casino Resort temporarily closes after cyber attack (unknown)
- South Korean shipping company HMM says its email systems affected by virus (unknown)
- Stillwater Medical Center officials investigating electronic security breach (unknown)
- UMass Lowell closed due to cyber security incident (unknown)
- Mississippi’s George County School District suffered a cyber security attack (unknown)
- Cruise operator Carnival discloses personal data breach (unknown)
- Coastal Medical Group notifies patients of security incident (unknown)
- Hackers steal data from CIUSSS de l’Est de Montréal (2,300)
- New York man pleads guilty to illegally accessing hundreds of Snapchat accounts (300)
- Criminal hacker claims to have breached The Woodruff Institute (unknown)
- Danish construction goods retailer Bauhaus suffers cyber attack (unknown)
- WorkForce West Virginia notifies residents of security incident (unknown)
- Brazilian medical Fleury hit by cyber attack (unknown)
- Crooks leak accounts from Pakistani music streaming site Patari (257,000)
- Westfield clerk, major battle over spyware installed on city hall computers (unknown)
- Vulgar messages appear as Bridgewater Schools’ websites hacked (unknown)
- The Institute of Planning and Development of the Capital The City of Prague suffers malware attack (unknown)
- Data from Argentina’s Municipality of San Pedro stolen in cyber attack (12,566)
- City Hall of Águas Lindas de Goiás suffers cyber attack (unknown)
- Austrian dairy SalzburgMilch in cyber security incident (unknown)
- Israeli organisation AcadeME suffers security incident (280,000)
- Attack on Hospital do Divino Espírito Santo impacting notification of COVID-19 test results (unknown)
- Physicians Dialysis provides notification of data security incident (unknown)
- Hackers use zero-day to mass-wipe My Book Live devices (unknown)
- Peoples Community Health Clinic notifying patients after discovering compromise of employee email account (unknown)
- Cyber attack at New York’s Massena Central School under investigation (unknown)
If you find yourself facing a cyber security disaster, IT Governance is here to help. Our Cyber Incident Response service provides the help you need to deal with the threat, as our experts guide you through the recovery process.
They’ll review the breach, mitigate the damage and ensure that you are up and running again as soon as possible.
Ransomware
- Tunbridge Wells: Skinners’ Kent schools closed after cyber attack (unknown)
- Investigation sparked after Northampton college hit by hackers (unknown)
- Gateley suffers data breach following ‘cyber security incident’ (unknown)
- The Salvation Army hit by ransomware attack (unknown)
- Scripps Health begins notifying those affected by ransomware attack (147,000)
- Steamship Authority hit by ransomware attack (unknown)
- Two UF Health Florida hospitals hit by ransomware (unknown)
- Dutch pizza chain discloses breach after hacker tries to extort company (unknown)
- Ransomware group hits one of India’s financial software powerhouses (unknown)
- Produits de Revêtement du Bâtiment hit by ransomware (unknown)
- Fujifilm refuses to pay ransomware demand, restores network from backups (unknown)
- Computer storage suplier ExaGrid ‘paid $2.6m ransomware demand’ (unknown)
- LineStar Integrity Services hit by cyber attackers (unknown)
- Taiwan Kadokawa notifies consumers while responding to ransomware attack (unknown)
- CA: Victor Valley Union High School District in suspected ransomware infection (unknown)
- Meat processor JBS paid $11 million in ransom to hackers (unknown)
- Computer memory maker ADATA hit by Ragnar Locker ransomware (unknown)
- Healthcare entities in Saudi Arabia, Illinois, and Mississippi fall prey to Xing Team (520,779)
- Brazil’s Macaé municipality hit by ransomware (unknown)
- Toronto-based Humber River Hospital hit by ransomware (unknown)
- Azusa, CA, police department data stolen in cyber attack (unknown)
- Reproductive Biology Associates and My Egg Bank notify patients of ransomware incident (38,538)
- Savannah hospital system experiences outage after ransomware attack (unknown)
- SP Sports Club reports ransomware attack (unknown)
- Japanese manufacturer Ito Yogyo Co hit by ransomware (unknown)
- Lucky Star Casino confirms ransomware attack (unknown)
- City of Liege, Belgium, hit by ransomware (unknown)
- HOYA Optical Labs of America notifying patients of ransomware incident (3,259)
- Frederick Public Schools in Oklahoma up and running after ransomware attack (unknown)
- Municipality of Cagliari services interrupted by cyber attack (unknown)
- Bordeaux-Gironde Chamber of Commerce & Industry hit by ransomware (unknown)
- German textile retail chain Gerry Weber hit by ransomware attackers (unknown)
- University Medical Center of Southern Nevada attacked by REvil threat actors (unknown)
- Bucks County behavioural health and substance abuse non-profit struck in cyber attack (unknown)
- Japan Airport Refueling Co. discloses ransomware incident (unknown)
Data breaches
- Boxes of patient medical records found in abandoned care home in Kent (unknown)
- UK’s Cake Box says customers informed about 2020 data breach (unknown)
- Top secret UK military documents found ‘in soggy heap’ at bus stop (unknown)
- Personal information released in Anchorage Police Department data leak (11,402)
- Australia’s National Disability Insurance Agency accidentally leaked private information to abusive father (unknown)
- Northwest Territories residents’ student loan information breached (11,000)
- Medical records from Georgia-based Hope Medical found along a road (unknown)
- NJ school worker accidentally leaked Social Security numbers of staff to public (300)
- Volkswagen says a vendor’s security lapse exposed 3.3 million drivers’ details (3.3 million)
- Thai government apologises for data leak, blames “temporary glitch” (unknown)
- Your pricey Peloton has another problem for you to sweat over (unknown)
- Wegmans notifies customers of database security breach (unknown)
- Pennsylvania-based Springfield Psychological provides notice of security incident (unknown)
- Ohio Medicaid providers’ data may have been exposed in data breach (334,690)
- Indian tech startup exposed Byju’s student data (unknown)
Financial information
- San Juan Regional Medical Center notifies patients of cyber security breach (68,792)
- Mercedes-Benz data breach exposes SSNs, credit card numbers (1.6 million)
Malicious insiders and miscellaneous incidents
- Hospital worker in Birmingham COVID ward used dead patient’s bank card to buy crisps, sweets and fizzy drinks (unknown)
- Former chiropractor found guilty of healthcare fraud charges (unknown)
- Mayo Clinic surgeon charged with invading patient privacy, accessing records improperly (unknown)
- Hay River health authority warns of potential privacy breach after break-in at local hospital (unknown)
- Aultman Health Foundation notifying patients of insider wrongdoing (7,300)
- Mounties suspected person leaking secrets had high-level computer access, search warrants show (unknown)
In other news…
- U.S. Justice Department announces seizure of domain names used in spear phishing campaign posing as U.S. Agency for International Development
- IBM gives school districts grants to harden security against ransomware attacks
- UK businesses in the South East get access to Police CyberAlarm
- HSE seeks order to help find who uploaded or downloaded files stolen in cyber attack
Will you be next?
No one thinks their organisation will fall victim to a security incident until it happens to them – but as we’ve demonstrated here, data breaches are so prevalent that everyone must have a plan.
If you find yourself staring down disaster, IT Governance is here to help. Our Cyber Incident Response service provides the help you need to deal with the threat, as our experts guide you through the recovery process.
They’ll review the breach, mitigate the damage and ensure that you are up and running again as soon as possible.
Thank you for another great monthly summary. This is the most comprehensive free summary list of incidents that I have come across. I check it each month for my research. Keep up the good work.