Gravy Analytics
17B location data points exposed including precise GPS tracking
Latest Disclosures
Federal Aviation Administration
340K pilot certificate records compromised
Axis Bank (India)
1.1M customer records exposed via third-party vendor
Pearson Education (UK)
15M student learning records exposed via compromised cloud infrastructure — test scores leaked
Shaw Communications (remnant)
560K legacy customer records exposed
Philips NV
340K employee and product records compromised
POSCO (South Korea)
340K employee records stolen in targeted attack
Leonardo DRS (US)
450K defense electronics records compromised
Bank Central Asia (Indonesia)
560K customer records stolen
Coles Group
560K customer records compromised via third-party platform
Ethiopian Airlines
450K passenger records stolen
Hydro-Quebec
560K customer records exposed in phishing campaign
Anna Jaques Hospital
316K patient records stolen in Christmas Day ransomware attack on Massachusetts hospital
GLAMIRA
874,594 records exposed — Email addresses, Names, Phone numbers, Purchases
Community Health Center Inc
1M patient records exposed in data breach
Community Health Center (Connecticut)
1M+ patient records including SSNs and health diagnoses accessed by threat actor
US Treasury (China-Linked)
State-sponsored actors accessed Treasury workstations via compromised BeyondTrust API key
Zacks Investment Research
12M user records exposed — emails, usernames, IP addresses leaked
SickKids Toronto
Patient and research data temporarily encrypted in LockBit attack — decryptor provided after backlash
US Dept of Treasury (BeyondTrust)
Chinese state-sponsored hackers accessed Treasury workstations via BeyondTrust zero-day
PowerSchool (student health records)
62M student and staff records including health data exposed
Houston ISD
90K student records exposed via PowerSchool
Katy ISD (TX)
84K student records exposed via PowerSchool
Broward County Schools (FL) (2024)
270K student records exposed via PowerSchool