Date
Victim
Summary
Threat Actor
Business Impact
Source Link
October 01, 2025
Allianz Life
1.5 Million Impacted by Allianz Life Data Breach
Scattered Spider
Approximately 1.5 million individuals were affected in the Allianz Life data breach, where the Scattered Spider threat actor accessed sensitive personal information—including names, addresses, dates of birth, and Social Security numbers—through a compromise of the company’s cloud-based customer relationship management (CRM) system.
Source: Security Week
October 01, 2025
WestJet
Data breach at Canadian airline WestJet affects 1.2M passengers
Scattered Spider
Roughly 1.2 million passengers had their names, dates of birth, postal addresses, passport and other identity document details, loyalty account info, and travel-related preferences compromised in the WestJet breach carried out by the Scattered Spider threat actor.
October 01, 2025
Oracle E‑Business Suite
Clop extortion emails claim theft of Oracle E-Business Suite data
Clop Ransomware
Extortion emails in late September 2025 claimed that operators had stolen sensitive documents and private files from Oracle E‑Business Suite instances—threatening to publish or sell the data—and the activity has been linked to the Clop ransomware gang (with at least one related account tied to FIN11), although investigators said the theft claims were still under review.
Source: Bleeping Computer
October 01, 2025
Red Hat Consulting
Red Hat confirms security incident after hackers breach GitLab instance
Crimson Collective, ShinyHunters
Approximately 570 GB of compressed data was exfiltrated from 28,000 internal GitLab repositories used by Red Hat Consulting, including ~800 Customer Engagement Reports (CERs) containing sensitive client infrastructure details, authentication tokens, and network configurations; the breach was claimed by the Crimson Collective, with subsequent extortion attempts escalating through the ShinyHunters group.
Source: Bleeping Computer
October 01, 2025
Allianz Life Insurance Company and Motility Software Solutions
Millions impacted by data breaches at insurance giant, auto dealership software firm
Pear Ransomware
Two major data breaches in the insurance and automotive dealership sectors have compromised sensitive information of over 2.25 million individuals. Allianz Life Insurance Company confirmed that on July 16, 2025, cybercriminals accessed a third-party CRM system, exposing personal data such as names, addresses, dates of birth, and Social Security numbers of 1.49 million customers and employees. Motility Software Solutions, a provider of dealership management software, suffered a ransomware attack on August 11, 2025, which was detected on August 19, 2025. The attack led to the theft of personal information—including names, addresses, Social Security numbers, and driver’s license numbers—of 766,670 individuals. The Pear ransomware group claimed responsibility for the Motility breach, stating they stole 4.3 terabytes of data from Motility’s parent company, Reynolds & Reynolds.
Source: The Record
October 07, 2025
Discord
Discord says sensitive information stolen during cyber attack on customer service provider
Unknown
A cyber attack compromised Discord’s third-party customer service provider, exposing sensitive information of an undisclosed number of users who had interacted with Discord’s Customer Support or Trust & Safety teams. The breach exposed approx. 70,000 users’ government-ID photos, as well as names, Discord usernames, email addresses, IPs, messages with customer-service agents, last 4 digits of credit cards, purchase history, training materials and internal presentations; the threat actor(s) claimed to have stolen 1.5 TB of age-verification photos (including >2million images)
Source: The Record
October 08, 2025
Williams & Connolly law firm
Major US law firm says hackers broke into attorneys’ emails accounts
Unknown
The incident resulted in unauthorised access to email accounts of a handful of attorneys at law-firm Williams & Connolly, and though the actor is believed to be a China-nexus state-linked threat group, the firm found “no evidence that confidential client data was taken from central databases”.
Source: The Record
October 13, 2025
Nintendo Corp
Crimson Collective claims to have hacked Nintendo
Crimson Collective
The impact of the cyber attack was that the hacker group Crimson Collective claimed access to sensitive production assets, developer files, and backups of Nintendo Co., Ltd.’s internal systems.
Source: computing.co.uk
October 13, 2025
The Harvard University
Harvard says ‘limited number of parties’ impacted by breach linked to Oracle zero-day
Cl0p Ransomware
The Harvard University breach impacted a limited number of parties tied to a small administrative unit via a vulnerability in Oracle E‑Business Suite, with the Cl0p gang claiming responsibility.
Source: The Record
October 15, 2025
Jewett‑Cameron Trading
Ransomware gang steals meeting videos, financial secrets from fence wholesaler
Unknown
The attack on Jewett‑Cameron Trading resulted in stolen video-meeting images and non-public financial data and an encryption of internal systems .
Source: The Record
October 16, 2025
Verisure
Verisure Unit Hit by Data Breach the Week After Stock Market Debut
Unknown
The cyber attack on Verisure’s newly acquired Swedish business led to unauthorised third-party access to sensitive data, including customer and employee information, just one week after the company’s stock market debut.
Source: The Wall Street Journal
October 16, 2025
Sotheby’s
Auction giant Sotheby’s says data breach exposed financial information
Unknown
Auction giant Sotheby’s suffered a data breach exposing employee full names, Social Security numbers, and financial account details after unauthorised actors exfiltrated sensitive data, though no threat group has claimed responsibility.
Source: Bleeping Computer
October 17, 2025
Envoy Air
Envoy Air targeted in Oracle-linked hacking campaign
CL0P Ransomware
The cyber attack on Envoy Air, American Airlines’ largest regional carrier, occurred in recent days prior to October 17, 2025, as part of a widespread extortion campaign exploiting vulnerabilities in Oracle’s E-Business Suite applications. The attack was attributed to the cybercriminal group CL0P, which listed American Airlines as a victim on its website. While no sensitive or customer data was reportedly compromised, a limited amount of business information and commercial contact details may have been accessed.
Source: Reuters
October 20, 2025
Prosper Marketplace
Prosper Confirms Data Breach Impacting 17 Million Users
Unknown
The cyber attack on Prosper Marketplace exposed personal data—including names, Social Security numbers, and income details—of approximately 17.6 million users due to unauthorised access via compromised administrative credentials, posing significant identity theft risks.
Source: Tech Republic
October 21, 2025
Radiologic Medical Services (RMS)
Levi & Korsinsky, LLP Investigates Radiologic Medical Services Data Breach
Unknown
The cyber attack on Radiologic Medical Services (RMS) compromised the personal and health information of 56,902 individuals.
Source: ktsm.com
October 21, 2025
Dodo, and iPrimus
Dodo, iPrimus data breach sees email and SIM cards hacked
Unknown
The cyber attack on Dodo and iPrimus, Australian telecommunications providers owned by Vocus, led to the unauthorised access of approximately 1,600 Dodo email accounts, resulting in 34 unauthorised SIM swaps. These SIM swaps allowed cyber criminals to intercept calls and text messages, including two-factor authentication codes, potentially compromising other services used by the victims.
October 21, 2025
Dukaan, an Indian e-commerce platform
Shopify rival suffered a million-dollar leak
Unknown
A significant data breach at Dukaan, an Indian e-commerce platform, exposed sensitive merchant and customer information—including payment gateway tokens for Stripe, PayPal, and RazorPay—via an unsecured Apache Kafka instance, potentially allowing attackers to access millions of dollars in funds; the security lapse went undetected for over two years, affecting over 3.5 million merchants and 16 million customers.
Source: cybernews.com
October 23, 2025
Toys “R” Us Canada
Toys “R” Us Canada warns customers’ info leaked in data breach
Unknown
The breach at Toys “R” Us Canada exposed customer names, addresses, email addresses and phone numbers after data stolen from its systems was posted online on July 30 2025, though the specific threat actor remains unidentified.
Source: Bleeping Computer