Comparitech.com
@comparitech.bsky.social
Providing in-depth tech research and the latest on cybersecurity threats. Follow for all the information on #ransomware attacks as they happen.
🚨 Ransomware gang Lynx has claimed the attack on Lakelands Public Health 🇨🇦
The Canadian health authority has been dealing with an attack since January 29, 2026. System restoration and data breach investigations are ongoing.
bit.ly/49Z375I
By: @pabischoff.bsky.social
The Canadian health authority has been dealing with an attack since January 29, 2026. System restoration and data breach investigations are ongoing.
bit.ly/49Z375I
By: @pabischoff.bsky.social
Cybercriminals say they hacked a local Ontario government health department - Comparitech
A ransomware group called Lynx yesterday took credit for a cyber attack on Lakelands Public Health in Ontario, Canada.
bit.ly
February 4, 2026 at 4:47 PM
🚨 Ransomware gang Lynx has claimed the attack on Lakelands Public Health 🇨🇦
The Canadian health authority has been dealing with an attack since January 29, 2026. System restoration and data breach investigations are ongoing.
bit.ly/49Z375I
By: @pabischoff.bsky.social
The Canadian health authority has been dealing with an attack since January 29, 2026. System restoration and data breach investigations are ongoing.
bit.ly/49Z375I
By: @pabischoff.bsky.social
🚨 Travelmarket A/S 🇩🇰 has confirmed it was hit by a #ransomware attack on January 15 with many systems encrypted.
The Danish travel website was added to Akira's site yesterday with 15 GB of data allegedly stolen.
bit.ly/3T0yGne
The Danish travel website was added to Akira's site yesterday with 15 GB of data allegedly stolen.
bit.ly/3T0yGne
February 4, 2026 at 3:49 PM
🚨 Travelmarket A/S 🇩🇰 has confirmed it was hit by a #ransomware attack on January 15 with many systems encrypted.
The Danish travel website was added to Akira's site yesterday with 15 GB of data allegedly stolen.
bit.ly/3T0yGne
The Danish travel website was added to Akira's site yesterday with 15 GB of data allegedly stolen.
bit.ly/3T0yGne
🚨 Herren Caflisch Rutsch - Notariat & Verwaltungen 🇨🇭 has been added to the data leak site of #ransomware gang Qilin.
The Swiss notary's office confirmed an attack in January 2026. A data breach involving client data is under investigation.
bit.ly/3T0yGne
The Swiss notary's office confirmed an attack in January 2026. A data breach involving client data is under investigation.
bit.ly/3T0yGne
February 4, 2026 at 10:55 AM
🚨 Herren Caflisch Rutsch - Notariat & Verwaltungen 🇨🇭 has been added to the data leak site of #ransomware gang Qilin.
The Swiss notary's office confirmed an attack in January 2026. A data breach involving client data is under investigation.
bit.ly/3T0yGne
The Swiss notary's office confirmed an attack in January 2026. A data breach involving client data is under investigation.
bit.ly/3T0yGne
🚨 Comune di Battipaglia 🇮🇹 has confirmed it's dealing with a cyber attack after #ransomware gang Medusa claimed an attack on the Italian government entity earlier this week.
Medusa is demanding $100K to delete all of the stolen data.
bit.ly/3T0yGne
Medusa is demanding $100K to delete all of the stolen data.
bit.ly/3T0yGne
February 4, 2026 at 9:32 AM
🚨 Comune di Battipaglia 🇮🇹 has confirmed it's dealing with a cyber attack after #ransomware gang Medusa claimed an attack on the Italian government entity earlier this week.
Medusa is demanding $100K to delete all of the stolen data.
bit.ly/3T0yGne
Medusa is demanding $100K to delete all of the stolen data.
bit.ly/3T0yGne
🚨 Kouei Co., Ltd. 🇯🇵 has confirmed it was targeted in a #ransomware attack on January 28, 2026. Servers have been shut down and data breach investigations are ongoing.
Qilin added the Japanese nickel alloy manufacturer to its site on Monday.
bit.ly/3T0yGne
Qilin added the Japanese nickel alloy manufacturer to its site on Monday.
bit.ly/3T0yGne
February 4, 2026 at 9:03 AM
🚨 Kouei Co., Ltd. 🇯🇵 has confirmed it was targeted in a #ransomware attack on January 28, 2026. Servers have been shut down and data breach investigations are ongoing.
Qilin added the Japanese nickel alloy manufacturer to its site on Monday.
bit.ly/3T0yGne
Qilin added the Japanese nickel alloy manufacturer to its site on Monday.
bit.ly/3T0yGne
🚨 Elabs AG 🇩🇪 has confirmed it was targeted in a #ransomware attack in January 2026. Systems have since been restored.
Rhysida added the German technology company to its site this week, demanding a 5 BTC ($392K) ransom to delete stolen data.
bit.ly/3T0yGne
Rhysida added the German technology company to its site this week, demanding a 5 BTC ($392K) ransom to delete stolen data.
bit.ly/3T0yGne
February 4, 2026 at 8:40 AM
🚨 Elabs AG 🇩🇪 has confirmed it was targeted in a #ransomware attack in January 2026. Systems have since been restored.
Rhysida added the German technology company to its site this week, demanding a 5 BTC ($392K) ransom to delete stolen data.
bit.ly/3T0yGne
Rhysida added the German technology company to its site this week, demanding a 5 BTC ($392K) ransom to delete stolen data.
bit.ly/3T0yGne
🚨 ULVAC 🇯🇵 has confirmed its subsidiary Pure Surface Technology 🇰🇷 has been hit by a #ransomware attack.
The attack took place on January 10 and hasn't impacted the rest of the ULVAC Group.
No groups have claimed the attack on the manufacturer yet.
bit.ly/3T0yGne
The attack took place on January 10 and hasn't impacted the rest of the ULVAC Group.
No groups have claimed the attack on the manufacturer yet.
bit.ly/3T0yGne
Map of worldwide ransomware attacks (updated daily) - Comparitech
Each dot represents the location of a ransomware attack, with the color of the dot indicating the sector affected (healthcare, education, government, and business). This map updates daily and pinpoint...
bit.ly
February 4, 2026 at 8:15 AM
🚨 ULVAC 🇯🇵 has confirmed its subsidiary Pure Surface Technology 🇰🇷 has been hit by a #ransomware attack.
The attack took place on January 10 and hasn't impacted the rest of the ULVAC Group.
No groups have claimed the attack on the manufacturer yet.
bit.ly/3T0yGne
The attack took place on January 10 and hasn't impacted the rest of the ULVAC Group.
No groups have claimed the attack on the manufacturer yet.
bit.ly/3T0yGne
❗️UPDATE: 4,928 US residents are now confirmed to have been impacted in this data breach on Money Mart 🇺🇸🇨🇦
#Ransomware gang Everest claimed this attack.
bit.ly/3NeWxPw
#Ransomware gang Everest claimed this attack.
bit.ly/3NeWxPw
‼️Money Mart 🇺🇸🇨🇦 is issuing data breach letters to US residents following a cyber attack in November 2025. SSNs affected.
#Ransomware gang Everest claimed the attack and alleged theft of 80K files from the finance company's US and Canadian offices.
bit.ly/3NeWxPw
By: @pabischoff.bsky.social
#Ransomware gang Everest claimed the attack and alleged theft of 80K files from the finance company's US and Canadian offices.
bit.ly/3NeWxPw
By: @pabischoff.bsky.social
February 3, 2026 at 6:01 PM
❗️UPDATE: 4,928 US residents are now confirmed to have been impacted in this data breach on Money Mart 🇺🇸🇨🇦
#Ransomware gang Everest claimed this attack.
bit.ly/3NeWxPw
#Ransomware gang Everest claimed this attack.
bit.ly/3NeWxPw
‼️ Neurological Associates of Washington 🇺🇸 is notifying 13,500 state residents of a December 2025 data breach following a #ransomware attack. SSNs & medical info affected.
DragonForce claimed the attack on the healthcare company after stealing 72.53 GB.
bit.ly/3NMLoWu
By: @pabischoff.bsky.social
DragonForce claimed the attack on the healthcare company after stealing 72.53 GB.
bit.ly/3NMLoWu
By: @pabischoff.bsky.social
Seattle-area neurologist warns 13,500 people of data breach that leaked SSNs, medical info - Comparitech
Neurological Associates of Washington warned 13,500 people of a ransomware breach that leaked SSNs and medical info. DragonForce took credit.
bit.ly
February 3, 2026 at 5:24 PM
‼️ Neurological Associates of Washington 🇺🇸 is notifying 13,500 state residents of a December 2025 data breach following a #ransomware attack. SSNs & medical info affected.
DragonForce claimed the attack on the healthcare company after stealing 72.53 GB.
bit.ly/3NMLoWu
By: @pabischoff.bsky.social
DragonForce claimed the attack on the healthcare company after stealing 72.53 GB.
bit.ly/3NMLoWu
By: @pabischoff.bsky.social
🚨 Iron Mountain 🇺🇸 has released a statement following the 1.4 TB data theft claim from Everest ransomware.
The tech company says no ransomware was used on its systems and a "single compromised login credential was used to gain access to one folder."
bit.ly/4bsqDGS
The tech company says no ransomware was used on its systems and a "single compromised login credential was used to gain access to one folder."
bit.ly/4bsqDGS
February 3, 2026 at 3:50 PM
🚨 Iron Mountain 🇺🇸 has released a statement following the 1.4 TB data theft claim from Everest ransomware.
The tech company says no ransomware was used on its systems and a "single compromised login credential was used to gain access to one folder."
bit.ly/4bsqDGS
The tech company says no ransomware was used on its systems and a "single compromised login credential was used to gain access to one folder."
bit.ly/4bsqDGS
🚨 Renatus has confirmed a #ransomware attack on its subsidiary - Sincere Co., Ltd 🇯🇵
The waste disposal company was hit by an attack on January 22, 2026. Services are operating as normal but orders are taking longer. Data breach investigations ongoing.
bit.ly/3T0yGne
The waste disposal company was hit by an attack on January 22, 2026. Services are operating as normal but orders are taking longer. Data breach investigations ongoing.
bit.ly/3T0yGne
Map of worldwide ransomware attacks (updated daily) - Comparitech
Each dot represents the location of a ransomware attack, with the color of the dot indicating the sector affected (healthcare, education, government, and business). This map updates daily and pinpoint...
bit.ly
February 3, 2026 at 9:13 AM
🚨 Renatus has confirmed a #ransomware attack on its subsidiary - Sincere Co., Ltd 🇯🇵
The waste disposal company was hit by an attack on January 22, 2026. Services are operating as normal but orders are taking longer. Data breach investigations ongoing.
bit.ly/3T0yGne
The waste disposal company was hit by an attack on January 22, 2026. Services are operating as normal but orders are taking longer. Data breach investigations ongoing.
bit.ly/3T0yGne
🚨 The first confirmed #ransomware attack of February 2026 - Sapienza Università di Roma 🇮🇹
The attack is causing widespread disruption and the Russian hackers (unknown) have given the Italian university just 72 hours to meet their demands.
bit.ly/3T0yGne
The attack is causing widespread disruption and the Russian hackers (unknown) have given the Italian university just 72 hours to meet their demands.
bit.ly/3T0yGne
Map of worldwide ransomware attacks (updated daily) - Comparitech
Each dot represents the location of a ransomware attack, with the color of the dot indicating the sector affected (healthcare, education, government, and business). This map updates daily and pinpoint...
bit.ly
February 3, 2026 at 8:49 AM
🚨 The first confirmed #ransomware attack of February 2026 - Sapienza Università di Roma 🇮🇹
The attack is causing widespread disruption and the Russian hackers (unknown) have given the Italian university just 72 hours to meet their demands.
bit.ly/3T0yGne
The attack is causing widespread disruption and the Russian hackers (unknown) have given the Italian university just 72 hours to meet their demands.
bit.ly/3T0yGne
🚨 Distinctive Systems 🇬🇧 has confirmed it has contained a cyber attack following a claim from #ransomware group INC late last week.
The tech company believes its systems are now secure. Personal data from its services in Australia was not affected.
bit.ly/3T0yGne
The tech company believes its systems are now secure. Personal data from its services in Australia was not affected.
bit.ly/3T0yGne
February 3, 2026 at 8:21 AM
🚨 Distinctive Systems 🇬🇧 has confirmed it has contained a cyber attack following a claim from #ransomware group INC late last week.
The tech company believes its systems are now secure. Personal data from its services in Australia was not affected.
bit.ly/3T0yGne
The tech company believes its systems are now secure. Personal data from its services in Australia was not affected.
bit.ly/3T0yGne
‼️Portland Public Schools 🇺🇸 is issuing data breach notifications to 12,128 people following a cyber attack in Feb '25. SSNs, medical info & financial data affected.
#Ransomware gang RansomHub claimed the attack after allegedly stealing 110 GB of data.
bit.ly/4qhJoTn
By: @pabischoff.bsky.social
#Ransomware gang RansomHub claimed the attack after allegedly stealing 110 GB of data.
bit.ly/4qhJoTn
By: @pabischoff.bsky.social
Portland, ME schools warn 12,000+ people of data breach that leaked SSNs, financial and medical info - Comparitech
Portland Public Schools in Maine notified 12,128 people of a data breach that compromised SSNs, finances, and medical info.
bit.ly
February 2, 2026 at 8:28 PM
‼️Portland Public Schools 🇺🇸 is issuing data breach notifications to 12,128 people following a cyber attack in Feb '25. SSNs, medical info & financial data affected.
#Ransomware gang RansomHub claimed the attack after allegedly stealing 110 GB of data.
bit.ly/4qhJoTn
By: @pabischoff.bsky.social
#Ransomware gang RansomHub claimed the attack after allegedly stealing 110 GB of data.
bit.ly/4qhJoTn
By: @pabischoff.bsky.social
‼️ Alpine Ear, Nose & Throat, P.L.L.C. 🇺🇸 is issuing data breach notifications to 65,648 people following a cyber attack in November 2024. SSNs, medical info & credit card data affected.
#Ransomware gang BianLian claimed the attack.
bit.ly/45NHuTo
By: @pabischoff.bsky.social
#Ransomware gang BianLian claimed the attack.
bit.ly/45NHuTo
By: @pabischoff.bsky.social
Colorado clinic warns 65,000+ people of data breach that leaked SSNs, credit cards, and medical info - Comparitech
Alpine Ear, Nose & Throat notified 65,648 people of a data breach that compromised SSNs, credit cards, and medical info.
bit.ly
February 2, 2026 at 7:33 PM
‼️ Alpine Ear, Nose & Throat, P.L.L.C. 🇺🇸 is issuing data breach notifications to 65,648 people following a cyber attack in November 2024. SSNs, medical info & credit card data affected.
#Ransomware gang BianLian claimed the attack.
bit.ly/45NHuTo
By: @pabischoff.bsky.social
#Ransomware gang BianLian claimed the attack.
bit.ly/45NHuTo
By: @pabischoff.bsky.social
🚨 Zurflüh-Feller 🇫🇷 has been added to the data leak site of #ransomware gang Akira. 66 GB allegedly stolen.
The French manufacturer confirmed its systems and telephones were severely impacted in an attack on January 13. Restoration ongoing.
bit.ly/3T0yGne
The French manufacturer confirmed its systems and telephones were severely impacted in an attack on January 13. Restoration ongoing.
bit.ly/3T0yGne
February 2, 2026 at 3:04 PM
🚨 Zurflüh-Feller 🇫🇷 has been added to the data leak site of #ransomware gang Akira. 66 GB allegedly stolen.
The French manufacturer confirmed its systems and telephones were severely impacted in an attack on January 13. Restoration ongoing.
bit.ly/3T0yGne
The French manufacturer confirmed its systems and telephones were severely impacted in an attack on January 13. Restoration ongoing.
bit.ly/3T0yGne
‼️ Michigan Sugar Company 🇺🇸 is notifying 16,689 people of a data breach following a cyber attack in August 2025. Names & SSNs affected.
#Ransomware gang Akira claimed the attack on the sugarbeet processing company after allegedly stealing 40 GB of data.
bit.ly/4bsqDGS
#Ransomware gang Akira claimed the attack on the sugarbeet processing company after allegedly stealing 40 GB of data.
bit.ly/4bsqDGS
February 2, 2026 at 2:48 PM
‼️ Michigan Sugar Company 🇺🇸 is notifying 16,689 people of a data breach following a cyber attack in August 2025. Names & SSNs affected.
#Ransomware gang Akira claimed the attack on the sugarbeet processing company after allegedly stealing 40 GB of data.
bit.ly/4bsqDGS
#Ransomware gang Akira claimed the attack on the sugarbeet processing company after allegedly stealing 40 GB of data.
bit.ly/4bsqDGS
‼️ 1st MidAmerica Credit Union 🇺🇸 has confirmed 131,070 people were impacted in an Aug '25 data breach following the #ransomware attack on Marquis Software Solutions.
Total affected in the Marquis tech company breach to date = 1.64M.
Hackers unknown.
bit.ly/4pc4mmE
Total affected in the Marquis tech company breach to date = 1.64M.
Hackers unknown.
bit.ly/4pc4mmE
Software vendor serving 700+ banks hacked, credit union says - Comparitech
Marquis Software Solutions suffered a data breach that compromised SSNs, says Community 1st Credit Union, which notified 6,876 people.
bit.ly
February 2, 2026 at 2:00 PM
‼️ 1st MidAmerica Credit Union 🇺🇸 has confirmed 131,070 people were impacted in an Aug '25 data breach following the #ransomware attack on Marquis Software Solutions.
Total affected in the Marquis tech company breach to date = 1.64M.
Hackers unknown.
bit.ly/4pc4mmE
Total affected in the Marquis tech company breach to date = 1.64M.
Hackers unknown.
bit.ly/4pc4mmE
🚨 MACT Health Board 🇺🇸 has been added to the data leak site of #ransomware gang Rhysida with a $661K ransom demand.
This month, the California tribal clinics network notified patients of a breach from November 2025. Medical data affected.
bit.ly/45FCIas
By: @pabischoff.bsky.social
This month, the California tribal clinics network notified patients of a breach from November 2025. Medical data affected.
bit.ly/45FCIas
By: @pabischoff.bsky.social
January 30, 2026 at 6:27 PM
🚨 MACT Health Board 🇺🇸 has been added to the data leak site of #ransomware gang Rhysida with a $661K ransom demand.
This month, the California tribal clinics network notified patients of a breach from November 2025. Medical data affected.
bit.ly/45FCIas
By: @pabischoff.bsky.social
This month, the California tribal clinics network notified patients of a breach from November 2025. Medical data affected.
bit.ly/45FCIas
By: @pabischoff.bsky.social
🚨 Cooperativa de Hostelería de Navarra 🇪🇸 has been added to the data leak site of #ransomware gang Qilin.
The Spanish retailer was hit by a cyber attack earlier this month but systems were restored within a few hours.
bit.ly/3T0yGne
The Spanish retailer was hit by a cyber attack earlier this month but systems were restored within a few hours.
bit.ly/3T0yGne
January 30, 2026 at 3:24 PM
🚨 Cooperativa de Hostelería de Navarra 🇪🇸 has been added to the data leak site of #ransomware gang Qilin.
The Spanish retailer was hit by a cyber attack earlier this month but systems were restored within a few hours.
bit.ly/3T0yGne
The Spanish retailer was hit by a cyber attack earlier this month but systems were restored within a few hours.
bit.ly/3T0yGne
‼️ Insightin Health 🇺🇸 is issuing data breach notifications following a cyber attack in September 2025.
Ransomware gang Medusa claimed the attack on the medical technology company with a $500K ransom. 378 GB allegedly stolen.
bit.ly/4bsqDGS
Ransomware gang Medusa claimed the attack on the medical technology company with a $500K ransom. 378 GB allegedly stolen.
bit.ly/4bsqDGS
January 30, 2026 at 11:22 AM
‼️ Insightin Health 🇺🇸 is issuing data breach notifications following a cyber attack in September 2025.
Ransomware gang Medusa claimed the attack on the medical technology company with a $500K ransom. 378 GB allegedly stolen.
bit.ly/4bsqDGS
Ransomware gang Medusa claimed the attack on the medical technology company with a $500K ransom. 378 GB allegedly stolen.
bit.ly/4bsqDGS
📣 Our 2025 healthcare ransomware roundup is live!
Attacks on healthcare providers plateaued in 2025 (when compared to 2025), but attacks on healthcare businesses (e.g. medical manufacturers & billing providers) increased by 25%.
Read the report here: bit.ly/45Aaq10
By: @becmoody.bsky.social
Attacks on healthcare providers plateaued in 2025 (when compared to 2025), but attacks on healthcare businesses (e.g. medical manufacturers & billing providers) increased by 25%.
Read the report here: bit.ly/45Aaq10
By: @becmoody.bsky.social
Healthcare Ransomware Roundup: 2025 stats on attacks, ransoms, and data breaches - Comparitech
Throughout 2025, we recorded 445 ransomware attacks on hospitals, clinics, and other direct care providers. A further 191 attacks hit businesses operating within the healthcare sector (e.g. pharmaceut...
bit.ly
January 27, 2026 at 2:04 PM
📣 Our 2025 healthcare ransomware roundup is live!
Attacks on healthcare providers plateaued in 2025 (when compared to 2025), but attacks on healthcare businesses (e.g. medical manufacturers & billing providers) increased by 25%.
Read the report here: bit.ly/45Aaq10
By: @becmoody.bsky.social
Attacks on healthcare providers plateaued in 2025 (when compared to 2025), but attacks on healthcare businesses (e.g. medical manufacturers & billing providers) increased by 25%.
Read the report here: bit.ly/45Aaq10
By: @becmoody.bsky.social
‼️ FullBeauty Brands, Inc. 🇺🇸 is issuing data breach notifications to 1K+ following a cyber attack in Oct '25. Names and SSNs affected.
Ransomware gang Everest claimed the attack on the retailer after allegedly stealing 161 GB of data. Data leaked.
bit.ly/3LVrasM
By: @pabischoff.bsky.social
Ransomware gang Everest claimed the attack on the retailer after allegedly stealing 161 GB of data. Data leaked.
bit.ly/3LVrasM
By: @pabischoff.bsky.social
January 27, 2026 at 11:45 AM
‼️ FullBeauty Brands, Inc. 🇺🇸 is issuing data breach notifications to 1K+ following a cyber attack in Oct '25. Names and SSNs affected.
Ransomware gang Everest claimed the attack on the retailer after allegedly stealing 161 GB of data. Data leaked.
bit.ly/3LVrasM
By: @pabischoff.bsky.social
Ransomware gang Everest claimed the attack on the retailer after allegedly stealing 161 GB of data. Data leaked.
bit.ly/3LVrasM
By: @pabischoff.bsky.social
🚨 A recent cyber attack on Cytek Biosciences 🇺🇸 has been claimed by ransomware gang Rhysida. The group says it has already sold the data.
The healthcare manufacturer previously issued data breach letters to 331 following an attack in Nov '25.
bit.ly/3ZFq7jT
By: @pabischoff.bsky.social
The healthcare manufacturer previously issued data breach letters to 331 following an attack in Nov '25.
bit.ly/3ZFq7jT
By: @pabischoff.bsky.social
January 27, 2026 at 11:26 AM
🚨 A recent cyber attack on Cytek Biosciences 🇺🇸 has been claimed by ransomware gang Rhysida. The group says it has already sold the data.
The healthcare manufacturer previously issued data breach letters to 331 following an attack in Nov '25.
bit.ly/3ZFq7jT
By: @pabischoff.bsky.social
The healthcare manufacturer previously issued data breach letters to 331 following an attack in Nov '25.
bit.ly/3ZFq7jT
By: @pabischoff.bsky.social
🚨 Langley Twigg Law 🇳🇿 has confirmed it suffered a cyber attack on January 11, which led to a data breach.
Ransomware gang Anubis added the New Zealand legal firm to its leak site yesterday, posting various IDs as part of its proof pack.
bit.ly/3T0yGne
Ransomware gang Anubis added the New Zealand legal firm to its leak site yesterday, posting various IDs as part of its proof pack.
bit.ly/3T0yGne
January 27, 2026 at 8:38 AM
🚨 Langley Twigg Law 🇳🇿 has confirmed it suffered a cyber attack on January 11, which led to a data breach.
Ransomware gang Anubis added the New Zealand legal firm to its leak site yesterday, posting various IDs as part of its proof pack.
bit.ly/3T0yGne
Ransomware gang Anubis added the New Zealand legal firm to its leak site yesterday, posting various IDs as part of its proof pack.
bit.ly/3T0yGne