EXCLUSIVE
Fox Rothschild is a top-100 law firm whose articles and resources have been cited on DataBreaches.net and PogoWasRight.org dozens of times over the years. This time, however, they are the subject of a post because they w
Law firms hold the most sensitive corporate data outside the client itself — M&A, IP, litigation, settlements. They are systematically targeted by both criminal and state actors. Below is every law-firm breach LeakTrace has indexed.
Fox Rothschild is a top-100 law firm whose articles and resources have been cited on DataBreaches.net and PogoWasRight.org dozens of times over the years. This time, however, they are the subject of a post because they w
Xsolis, Inc. is a business associate in the healthcare sector, providing utilization and case management services. They describe themselves as applying “industry-leading AI and automation to ensure appropriate care
Alexandra Posadzki reports: Canadian hacker Aubrey Cottle has pleaded guilty to three charges stemming from a cyberattack linked to notorious hacktivist group Anonymous on the Texas Republican Party. Mr. Cottle, who appe
Another day, another injunction. When DataBreaches read the news headline, our first thought was that this was an injunction sought by Global Schools Group, but this appears to be a totally unrelated breach that has not
Esteban Morin, the Head of Legal at VRChat described a recent situation: Last week my company, VRChat, was the subject of multiple articles and social media outrage stemming from a data breach notice that was posted on t
Maine is still allowing companies to report breaches, but won’t make the portal easily available to the public until after it completes an audit of its procedures to stop such incidents, according to a press release from
Shane Fraser reports: A Saskatoon man who allegedly conspired to install malware, steal login credentials, and mine cryptocurrency from American educational institutions is facing extradition to the United States. The cy
Deon Guillory reports: St. George Fire Protection District No. 2 filed a lawsuit against its former IT security provider, alleging the company’s failures led to a cyberattack that compromised the fire district’s network.
Maine Attorney General portal lists a Discord breach notice claiming 10 million affected, but odd filing details leave it unverified and questionable.
Cybersecurity firm Resecurity reports Silent Ransom Group is using a fast flux botnet to hide data leak sites while targeting law firms with theft and vishing.
Waqas reports: Meta has disclosed a security incident involving an Instagram account recovery tool after attackers used a flaw to send password reset links to email addresses that were not connected to the targeted accou
Attorney General Rob Bonta filed the lawsuit against Chrome Holding Co., which 23andMe rebranded under after filing for bankruptcy last March. The post California Sues 23andMe, Alleging It Failed to Protect User Data in
Carnival disclosed a data breach affecting nearly 6 million people after hackers used social engineering to access employee accounts. Carnival Corporation is notifying nearly 6 million people after a data breach exposed
On July 1, 2025, Radiology Associates of Richmond (“RAR”) reported a breach to HHS that had occurred in April 2024 and affected more than 1.4 million patients. By the end of July 2025, the well-known radiolo
Other noteworthy stories that might have slipped under the radar: Supreme Court hacker sentenced, Lovable exposed user data, Google expands enterprise security. The post In Other News: Unauthorized Mythos Access, Planke
Jones Day wasn’t the only big law firm to recently fall prey to threat actors variously known as Silent Ransom Group, Luna Moth, Chatty Spider, or UNC3753. DataBreaches will refer to them as the Silent Ransom Group
Customer metadata and business information accessed
85K client records from Canadian offices exposed via supply chain compromise
Federal judges, DOJ attorneys, SEC staff data accessed — 118 .gov accounts compromised
340K transaction records compromised
Legal transcription vendor breach — sensitive court proceedings compromised via subcontractor
510K cross-border dispute records exposed via compromised document review platform
210K client records compromised via vendor
120K client records from 47 offices worldwide exposed via compromised email gateway