June 2026 Data Breaches (So far)

01 Jun 2026

Major Cyber Attacks June 2026

If you think 2025 was the year of the breaches,2026 has already gotten worse. Modern-day attackers are now devising attacks that are undetectable even by sophisticated defense systems using AI-enabled tools and advanced social engineering methods.  

 

Data breaches are now impacting global economies, and regulators have become stricter about what they expect from organizations. Organizations are now facing added pressure to timely and effectively manage security and compliance risk.

 

Let us look at some of the top data breaches of June 2026:

June latest data breach news

Let us look at some of the top data breaches of June 2026:

Victim: Reliance Group (Kudankulam Nuclear Power Plant)

About

The Kudankulam Nuclear Power Plant project is one of the seven largest nuclear plants in India, and its major contractor is Reliance Group.

 

Industry

Critical infrastructure

 

What happened?

The Reliance group confirmed that some of the data on a server hosted on their third-party Indian data center service provider, Yotta, has been breached.

 

Impact

The ransomware group has claimed to have stolen 858000 Reliance Group’s files, out of which 19000 files are the most confidential files containing details of the Kudankulam Nuclear Power Plant, including blueprints and supplier details.

Source

Victim: Nissan

About

Nissan is a Yokohama-based automobile manufacturer that was founded in 1999. It sells vehicles through Infiniti, Datsun, Nismo, and Autech brands and is one of the top automotive manufacturers in the world.

 

Industry

Telecommunications

 

What happened?

Nissan became a victim of a cyber attack through the exploitation of an Oracle PeopleSoft flaw. The attack was orchestrated by the Shiny Hunterz ransomware group.

 

Impact

The incident has impacted current and former Nissan U.S., Canada, Mexico, and Brazil employees. The data exposed includes employee contact information, banking information, SSNs, Social Insurance Numbers, National Identification Numbers, financial and tax information, and dependent and beneficiary information.

Source

Victim: Central Bank of Libya

About

The Central Bank of Libya is Libya’s monetary authority. It is based in Tripoli and was founded in 1955, replacing the Libyan Currency Commission.

 

Industry

Public sector

 

What happened?

The CBL discovered unauthorized access to its systems and data published on the dark web. It is currently working with technical teams to determine the nature of the incident.

 

Impact

The complete nature and quantity of data exposed is currently under investigation.

Source


Victim: Prince George’s County

About

Prince George’s County is a Maryland-based county that offers multiple services to its residents, including mental health services, housing support, and emergency shelters.

 

Industry

Public sector

 

What happened?

Prince George’s County discovered unauthorized access and disruption of its systems on June 11.

 

Impact

The data exposed includes names, addresses, Dates of Birth, driver’s licenses, and Social Security Numbers.

Source

Victim: KDDI Corp.

About

KDDI Corporation is a Japan-based telecommunications operator that was established in 2000. It is known for its cellular services, using the Au brand along with subbrands UQ Mobile and Povo.

 

Industry

Telecommunications

 

What happened?

KDDI Corporation reported unauthorized access to its mailing system that was used by six internet providers.

 

Impact

The ransomware group has claimed to have exfiltrated 297 GB (429000 files) of Council of Europe data, including payslips, HR records, CVs, and financial information.

Source


Victim: Ukrposhta – Ukraine’s National Postal Service

About

JSC Ukrposhta is Ukraine’s national postal service located in Kyiv. It is the member of the Universal Postal Union since 1947 and has over 73000 employees.

 

Industry

Postal and public services

 

What happened?

Ukrposhta reported that due to a hostile attack on its IT systems, its applications have been temporarily disrupted.

 

Impact

The cyber attack caused the malfunction of its systems and applications. The complete nature of the incident is currently under investigation.

Source


Victim: Mount Royal University

About

Mount Royal University is an Alberta based public university that was founded in 1910 and gained university status in 2009. It educates over 12000 undergraduates with a faculty of over 700 educators.

 

Industry

Education

 

What happened?

Mount Royal University reported that it became a victim of a cyber attack.

 

Impact

The nature and quantity of data exposed is currently under investigation.

Source

Victim: London Hydro

About

London Hydro is an Ontario-based electricity distribution organization that is known for its safe and reliable supply of electricity. It offers electricity to over 169,000 customers in the city.

 

Industry

Electricity distribution

 

What happened?

On June 20th, London Hydro reported that hackers gained unauthorized access to its systems, and customers’ data was likely accessed.

 

Impact

The company reported that the data exposed includes personal information, including names, addresses, email addresses, and phone numbers. It also includes account information, including account and billing numbers, service addresses, pricing plans, contract dates, meter numbers, and types.

Source


Victim: Kee Wah Bakery

About

Kee Wah Bakery is a Hong Kong-based chain of bakery stores that was founded in 1938. It is known for its traditional Chinese bakery items, including pastries and mooncakes.

 

Industry

Chinese Bakery

 

What happened?

Kee Wah Bakery reported that it detected unauthorized access to its systems and a malfunction in its internal network in June.

 

Impact

The nature and quantity of data exposed is currently under investigation.

Source

Victim: Klue

About

Klue is a Vancouver-based market intelligence solution provider. It is known for its platform that captures, manages, and communicates market insights from the web and across the organization.

 

Industry

Market intelligence

 

What happened?

Klue became a target of an OAuth attack orchestrated by the Icarus ransomware group. It enabled the group to steal Salesforce CRM data from multiple organizations, including HackerOne (bug bounty platform), Gong (sales intelligence platform), OneTrust (privacy/compliance software), Tanium (endpoint security), and Huntress (cybersecurity company).

 

Impact

Multiple companies have reported that their Salesforce/Klue data has been exposed, including customer names, business email addresses, phone numbers, job titles, Sales notes & CRM records, pricing information/quotes, and internal sales communications.

Source


Victim: Hacker One

About

HackerOne is a California-based cybersecurity company that was founded in 2012. It is known for its bug bounty platform, and its customers include the US Department of State, General Motors, PayPal, Slack, Hyatt, and Goldman Sachs.

 

Industry

Cybersecurity

 

What happened?

HackerOne was a part of the Klue supply-chain breach that exposed the Klue/Salesforce data of multiple companies.

 

Impact

The data exposed includes customer names, business email addresses, phone numbers, job titles, Sales notes & CRM records, pricing information/quotes, and internal sales communications. The exact quantity of data exposed is still under investigation.

Source


Victim: LastPass

About

LastPass is a Massachusetts-based solutions provider that was founded in 2008. It is known for its password manager application and was acquired by GoTo in 2015.

 

Industry

Password management

 

What happened?

LastPass became a part of the Klue supply-chain breach that exposed Klue/Salesforce data of multiple companies.

 

Impact

The data exposed includes customer names, business email addresses, phone numbers, job titles, Sales notes & CRM records, pricing information/quotes, and internal sales communications. The exact quantity of data exposed is still under investigation.

Source


Victim: OneTrust

About

OneTrust is a Georgia-based software company that was founded in 2016. It is known for its governance, risk, and compliance software that specializes in privacy, data protection, and AI governance.

 

Industry

Software

 

What happened?

OneTrust became a part of the Klue supply-chain breach that exposed the Klue/Salesforce data of multiple companies.

 

Impact

The data exposed includes customer names, business email addresses, phone numbers, job titles, Sales notes & CRM records, pricing information/quotes, and internal sales communications. The exact quantity of data exposed is still under investigation.

Source


Victim: Tata Electronics

About

Tata Electronics is a Bengaluru-based manufacturer of electronics that was founded in 2021. It is known for its electronics manufacturing, semiconductor assembly testing, semiconductor foundry, and design services.

 

Industry

Manufacturing

 

What happened?

Tata Electronics became a target of a ransomware attack by the World Leaks ransomware group.

 

Impact

The ransomware group has claimed to have stolen over 600 GB of data, including sensitive documents related to Apple and Tesla, like component specifications, manufacturing documents, and employee information.

Source


Victim: Bajaj Auto Technology Ltd.

About

Bajaj Auto is a Pune-based automotive manufacturing company that was founded in 1945. It is known for its motorcycles, scooters, and autorickshaws, and is part of the Bajaj Group that was founded in the 1940s.

 

Industry

Automotive

 

What happened?

Bajaj Auto detected an unauthorized activity in its systems at around 8:00 AM IST on June 23. It immediately launched its incident response and containment procedures.

 

Impact

The nature and quantity of data exposed is currently under investigation.

Source

Victim: Illinois Central College

About

Illinois Central College is an East Peoria-based community college that was founded in 1967. With an academic staff of over 600 and over 7000 students, it is one of the biggest colleges in the United States.

 

Industry

Education

 

What happened?

Illinois Central College became a target of a ransomware attack that was carried out by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have stolen over 28 GB of sensitive HR and payroll data.

Source

Victim: iRhythm

About

iRhythm is a San Francisco-based manufacturer of medical equipment for the detection, prediction, and prevention of disease. It is known for its heart health monitoring solution, iRhythm, which works based on wearable biosensors and cloud-based data analytics.

 

Industry

Medical equipment manufacturing

 

What happened?

iRhythm detected unauthorized activity on its systems on June 8 and was contacted by a threat actor on June 9, claiming to have stolen data.

 

Impact

The nature and quantity of data exposed is currently under investigation.

Source

Victim: Kedah Darul Aman State Government

About

The Kedah Darul Aman is a state government of Malaysia that is governed through a parliamentary constitutional monarchy. It offers multiple public and informational services to its citizens through its online portal.

 

Industry

Public sector

 

What happened?

The Kedah Darul Aman became a victim of a ransomware attack that was carried out by the Nova ransomware group.

 

Impact

The nature and quantity of data compromised is currently under investigation.

Source

Victim: Sysco corporation

About

Sysco Corporation is a Texas-based MNC that is known for distributing, selling, and marketing food products to restaurants, educational institutions, and healthcare institutions.

 

Industry

Wholesale

 

What happened?

Sysco Corporation became a target of a ransomware attack carried out by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have stolen over 61 million Salesforce records containing employee, customer, and internal corporate data.

Source

Victim: Great Marlow School

About

Great Marlow School is a secondary school based in Buckinghamshire that was founded in 1961. It offers education to over 1260 children from the ages of 11 to 18 with a focus on academic excellence, personal growth, and community engagement.

 

Industry

Education

 

What happened?

Great Marlow School became a victim of a cyber attack that disrupted its IT systems and communications.

 

Impact

The nature and quantity of data exposed is currently under investigation.

Source

Victim: Houston City College

About

The Houston City College is a Texas-based public community college that was founded in 1971. It has over 2535 faculty members, over 52000 students, and over 23 commuter campuses across the United States.

 

Industry

Education

 

What happened?

Houston City College became a target of a ransomware attack that was orchestrated by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have stolen hundreds of thousands of student records, including full names, home addresses, phone numbers, email addresses, dates of birth, gender, ethnicity, enrollment status, GPA, major, and student ID across all campuses.

Source

Victim: Glendale Community College

About

Glendale Community College is a California-based public community college that was founded in 1927. It educates over 16202 students through a 100-acre campus and 15 permanent buildings.

 

Industry

Education

 

What happened?

Glendale Community College became a victim of a ransomware attack that was carried out by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have stolen over 62 GB (304000 files) of Glendale Community College data, including 150000 student records with names, DoBs, and email addresses.

Source

Victim: Moody Bible Institute

About

Moody Bible Institute is an Illinois-based evangelical Christian Bible college that was founded in 1886. It is known for offering multiple undergraduate programs and the Moody Theological Seminary.

 

Industry

Education

 

What happened?

Moody Bible Institute became targeted by a ransomware attack that was carried out by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have stolen over 23 Gigabytes of data, including 46 million communication records, 2.2 million enrollment lead records, 108000 biodemographic master files with addresses and birthdates, 3.3 GBs of donor gift data, employee payroll XML with home addresses and earnings, over 1100 admission outreach files, and student housing assignment records.

Source

Victim: Golfview Developmental Center

About

Golfview Development Center is an Illinois-based social services organization that offers specialized care for individuals with developmental disabilities. It is known for services like vocational training, behavioral support, and occupational therapy.

 

Industry

Social Services

 

What happened?

Golfview Development Center became a victim of a ransomware attack that was carried out by the Qilin ransomware group.

 

Impact

The nature and quantity of data compromised is currently under investigation by cybersecurity experts.

Source

Victim: Texas Government

About

The Government of Texas offers information, services, and resources to its residents and businesses. Its services include driver license renewal, driver records & vital records request processing, and vehicle registration renewal.

 

Industry

Public sector

 

What happened?

The Government of Texas reported that it detected a cybersecurity incident that involved the Texas Parks and Wildlife Department license system vendor.

 

Impact

The investigation found that the hacker accessed data of over 3 million Texas hunting and fishing license customers, exposing their driver’s license information, email addresses, phone numbers, passport numbers, and residential addresses.

Source

Victim: One Medical

About

Amazon One Medical is a San Francisco-based primary healthcare service provider that was founded in 2007. It is known for offering in-person and online resources that are offered with Amazon’s Prime membership. It operates through 250 clinics across 19 major cities.

 

Industry

Healthcare

 

What happened?

One Medical became a target of a ransomware attack that was orchestrated by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have stolen 8.8 TB of data. The nature and quantity of data compromised is currently under investigation by cybersecurity experts.

Source

Victim: Brazil’s Civil Defense

About

Brazil’s Civil Defense is a Ministry of Defence wing of Brazil that is responsible for protecting citizens from natural and human-made disasters. It collaborates with various agencies in the country to improve the preparedness for disasters and response.

 

Industry

Public sector

 

What happened?

The Brazilian Civil Defense reported on 20th June that its official alert system became a target of a cyber attack.

 

Impact

The full nature of the cyber incident, including the data exposed, is currently under investigation by cybersecurity experts.

Source

Victim: Kodak

About

The Eastman Kodak Company, which is known as Kodak, is a New York-based manufacturer that was founded in 1892. It is known for its film photography products.

 

Industry

Electronics/Imaging

 

What happened?

Kodak became a victim of a ransomware attack that was carried out by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have stolen over 2.2 million records, including customer PII and other internal corporate data.

Source 

Victim: Illinois Central College

About

Illinois Central College is an East Peoria-based community college that was founded in 1967. With an academic staff of over 600 and over 7000 students, it is one of the biggest colleges in the United States.

 

Industry

Education

 

What happened?

Illinois Central College became a target of a ransomware attack that was carried out by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have stolen over 28 GB of sensitive HR and payroll data.

Source

Victim: Novo Nordisk

About

Novo Nordisk A/S is a Denmark-based pharmaceutical company that is known for manufacturing and marketing products and services for diabetes and obesity. It operates across 168 countries with a team of 48000 people globally.

 

Industry

Pharmaceuticals/ Healthcare

 

What happened?

On June 11th, Novo Nordisk A/S identified unauthorised access to a limited number of internal IT systems, including personal data stored on the systems.

 

Impact

The data exposed includes 4750 source code repositories, 41000 proprietary drug compounds with structures, over 30 trained AI models, 73 datasets, 11500 clinical trial patient data, 163000 employee records, data from 5 undisclosed drug programs, and exact manufacturing recipe of one of the company’s major drugs.

Source


Victim: Council of Europe

About

The Council of Europe is an international organization that was founded in 1949 and is responsible for upholding democracy, human rights, and the rule of law in Europe.

 

Industry

Public sector

 

What happened?

The Council of Europe became a target of a ransomware attack that was carried out by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have exfiltrated 297 GB (429000 files) of Council of Europe data, including payslips, HR records, CVs, and financial information.

Source


Victim: The University of Oxford

About

The University of Oxford is the oldest university in the English-speaking world and the world’s second oldest university in operation. It is made up of 43 colleges, out of which 36 are colleges, 4 are private halls, and three are societies.

 

Industry

Education

 

What happened?

On June 1, Oxford identified a security breach of its career services platform that gave hackers unauthorized access to the personal information of students.

 

Impact

The data breach exposed personal information, including first names, last names, and email addresses of CareerConnect users. The number of records exposed is currently under investigation.

Source


Victim: Nintendo

About

Nintendo Co. Ltd. is a Kyoto-based video game company that is known for developing, publishing, and manufacturing video games and video game consoles.

 

Industry

Video games

 

What happened?

Nintendo became a target of a ransomware attack orchestrated by the ShadowByt3$ ransomware group.

 

Impact

The ransomware group has claimed to have stolen 859 MB of data containing personal information of employees(including names, last names, and email IDs), surveys, exported reports, progress plans, reports from 2016 to 2026, analytics of employees containing personal feelings about work, content library of personal questions, TINYpulse, and Nintendo’s top employees.

Source


Victim: Madison Square Garden Sports Corp.

About

Madison Square Garden is a New York City-based sports holding company known for managing sports teams like the Basketball Association’s New York Knicks, the National Hockey League’s New York Rangers, and the Hartford Wolf Pack.

 

Industry

Sports Entertainment

 

What happened?

Madison Square Garden Sports Corp. became a victim of a ransomware attack that was carried out by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have stolen over 26 million records containing PII of customers and other internal data.

Source


Victim: Ralph Lauren

About

Ralph Lauren Corporation is a New York City-based apparel and fashion company that was founded in 1967. It is known for its luxury clothing, footwear, furniture, and fragrances.

 

Industry

Fashion

 

What happened?

Ralph Lauren became a target of a ransomware attack that was carried out by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have stolen 220 GB, including PII, purchase histories, and financial transaction data.

Source


Victim: American Tower Corporation

About

American Tower Corporation is a Boston-based real estate investment trust that is known for owning, developing, and operating wireless and broadcast communication infrastructure globally.

 

Industry

Real estate investment trust/Communication services

 

What happened?

American Tower Corporation became a target of a ransomware attack that was carried out by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have stolen over 5.2 million records, including customer and landowner PII, asset records, GPS data, and access codes. The exact nature and quantity of data compromised is currently under investigation

Source


Victim: Nexstar.tv

About

Nexstar Media Group Inc. is a Texas-based multimedia conglomerate that was founded in 1996. It is the largest television broadcasting company in the United States, owning up to 265 television stations.

 

Industry

Mass media

 

What happened?

Nexstar.tv became a victim of a ransomware attack that was orchestrated by the ShinyHunters ransomware group.

 

Impact

The ransomware group has claimed to have stolen over 1 million Salesforce records and other internal corporate data containing PII.

Source

 

Victim: Mackay Sugar

About

Mackay Sugar Limited is a Queensland-based sugar manufacturer that was established in 1988 through a merger of Farleigh, North Eton, Cattle Creek, Marian, and Racecourse sugar mill co-operatives. It is the largest sugar manufacturer in Queensland.

 

Industry

Sugar manufacturing

 

What happened?

Mackay Sugar Limited became a victim of a cyber attack that affected its operations across multiple units.

 

Impact

The cyber attack forced sugar milling and cane haulage across Mackay’s Farleigh and Racecourse mills, and many cane growers were advised to cease harvesting. The attack affected multiple aspects of the business.

Source


Victim: South African Police Service (SAPS)

About

The South African Police Service (SAPS) is South Africa’s national police force that was formed in 1995. It operates through a network of over 1154 police stations with over 171692 employees.

 

Industry

Public sector

 

What happened?

The South African Police Service (SAPS) became targeted by a cyber attack, where confidential medical records of police officers were leaked.

 

Impact

The data breach exposed confidential medical records of 3000 local police officers, containing sensitive information related to diagnoses, including alcoholism, post-traumatic stress, surgeries, cancer, and other ailments and sickness.

Source


Victim: Tchap – French Government’s messaging app

About

Tchap is a messaging and collaboration application built by DINUM, the digital affairs directorate of the French government, and ANSSI, France’s cybersecurity agency. It has been used exclusively by the French government since the ban on the use of foreign chat apps like Signal and WhatsApp for work communication in 2025.

 

Industry

Public sector

 

What happened?

Tchap was hacked in June, exposing the data of its users. A threat actor going by the username misere claimed responsibility for the attack.

 

Impact

The attacker has claimed to have stolen 13.5 GB of data, including 73467 user accounts (including personnel from French Ministries), 643459 messages, 876 chat rooms with message history, and 59,386 shared media files.

Source


Victim: ServiceNow

About

ServiceNow is a California-based software company that is known for its cloud-based platform for creating and automating business workflows.

 

Industry

Software

 

What happened?

Service Now confirmed that it got data breached and that it affected its operations and exposed its data.

 

Impact

The company has not disclosed which data was accessed. However, the instances compromised commonly store sensitive information, including employee records, internal documents, IT support tickets, asset inventories, security incident reports, workflow data, and configuration details.

Source


Victim: University of Nottingham

About

The University of Nottingham is a public research university that was founded in 1881. Apart from Nottingham, the university also has campuses in Nottinghamshire and Derbyshire.

 

Industry

Education

 

What happened?

The University of Nottingham became a victim of a ransomware attack orchestrated by the ShinyHunters ransomware group.

 

Impact

Over 10GB of data was exposed, including 4,54,600 unique email addresses, names, addresses, phone numbers, ethnicities, disabilities, passport numbers, fee payments, and information related to academic enrolments.

Source

 

Victim: Evanston school

About

Evanston Township High School (ETHS) is a Chicago-based public high school that was established in 1883. It offers education from grades 9 to 12 through a 65-acre campus.

 

Industry

Education

 

What happened?

Evanston Township High School (ETHS) became a victim of a ransomware attack that forced it to cancel its classes.

 

Impact

The ransomware attack disrupted the school district’s operations severely, causing the phone systems to be unavailable, limited access to email and Home Access Center, and cancellation of classes. The nature and quantity of data compromised is currently under investigation.

Source

Victim: Power & Tel

About

Power & Tel is a Tennessee-based distributor of a wide range of products for building and maintenance of communication networks.

 

Industry

Communications

 

What happened?

Power & Tel became a victim of a ransomware attack that was carried out by the Anubis ransomware group.

 

Impact

The nature and quantity of data compromised is currently under investigation by cybersecurity experts.

Source

Victim: Ace Hospital

About

Ace Hospital is a healthcare provider known for its range of medical services in multiple specialities in India, including general surgery, gynaecology, orthopaedics, and urology.

 

Industry

Healthcare

 

What happened?

Ace Hospital became a target of a ransomware attack that was orchestrated by the KillSec ransomware group.

 

Impact

The nature and quantity of data that was exposed are currently under investigation.

Source


Victim: Nova Medical Products

About

Nova Medical Products is a Los Angeles-based provider of medical products known for its folding walkers, rollators, canes & crutches, and knee scooters.

 

Industry

Healthcare

 

What happened?

Nova Medical Products became a victim of a ransomware attack that was orchestrated by the Qilin ransomware group.

 

Impact

The nature and quantity of the data compromised is currently under investigation by cybersecurity experts.

Source


Victim: Clinica Maintenes

About

Clinica Maintenes is a Talangante and Melipilla based health system and a subsidiary of the Chilean Security Association. Its primary function is to offer accessible care to the workers affliated with the Achs and the community.

 

Industry

Public industry

 

What happened?

Clinica Maintenes became a victim of a ransomware attack that was carried out by the Qilin ransomware group.

 

Impact

The nature and quantity of data exposed in the breach is currently under investigation by cybersecurity experts.

Source


Victim: JNP ENG

About

JNP ENG is a Gwangju, Gyeonggi-based manufacturing company that specializes in manufacturing a range of automation equipment, like palletizers, depalletizers, and robot handlers for the food and beverage industries.

 

Industry

Manufacturing

 

What happened?

JNP ENG became a victim of a ransomware attack that was carried out by the Qilin ransomware group.

 

Impact

The nature and quantity of the data exposed is currently under investigation by security experts.

Source


Victim: Eat Salad

About

Eat Salad is a Brazilian fast casual restaurant chain that focuses on freshly made-to-order salads, grain bowls, and healthy side dishes.

 

Industry

Food

 

What happened?

Eat Salad became a target of a ransomware attack that was carried out by the Qilin ransomware group.

 

Impact

The nature and quantity of data exposed is currently under investigation by cybersecurity experts.

Source


Victim: MarketJoy

About

MarketJoy is a Florida-based lead generation, appointment generation, and sales development services provider that partners with B2B organizations in manufacturing, finance, healthcare, and technology.

 

Industry

Advertising services

 

What happened?

MarketJoy became a target of a ransomware attack that was carried out by the Qilin ransomware group.

 

Impact

The nature and quantity of data compromised is currently under investigation by cybersecurity experts.

Source


Victim: MEISA-Sines

About

MEISA (Mechanical, Electrical, and Instrumentation Projects and Maintenance) is a Sines-based maintenance and assembly services provider that was founded in 1998.

 

Industry

Maintenance and assembly services

 

What happened?

MEISA, Sines became a victim of a ransomware attack that was carried out by the Qilin ransomware group.

 

Impact

The nature and quantity of the data compromised is currently under investigation by the cybersecurity experts.

Source


Victim: TVING

About

TVING is a South Korean video streaming service provider known for its subscription video-on-demand, over-the-top, and streaming television.

 

Industry

Online services industry

 

What happened?

On 3rd June, TVING confirmed that the personal information of its users had been leaked due to unauthorized external access.

 

Impact

The data exposed in the data breach includes IDs, names, birthdates, phone numbers, emails, passwords, and refund account numbers. The number of records exposed is currently under investigation.

Source

Victim: World Food Programme

About

The World Food Programme is a Rome-based organisation. The United Nations organization that offers food assistance worldwide. It is the largest humanitarian organization known for its

 

Industry

Humanitarian and food assistance

 

What happened?

On June 2, WFP confirmed that it detected unauthorized access to its self-registration application (SRA) for Palestine, where individuals register to receive food and cash assistance.

 

Impact

Since over 2 million people in Gaza have submitted their applications, they are under increased risk of exposure of their data.

Source

Victim: CBSE portal

About

The Central Board of Secondary Education is the national education board in India. It is controlled and managed by the Government of India. It was established through a government resolution in 1962.

 

Industry

Public sector

 

What happened?

The CBSE’s re-evaluation portal was hit by a Distributed Denial of Service attack with over 1.5 million hits in just two minutes and 100,000 unauthorized access attempts.

 

Impact

The cyber attack caused disruptions in service and some glitches in the display of fees.

Source

Victim: Schneebeli AG

About

Schneebeli AG is a Zurich-based carpentry firm that specializes in manufacturing customized kitchens, furniture, and interior constructions.

 

Industry

Furniture

 

What happened?

Schneebeli AG became a victim of a ransomware attack that was orchestrated by the AiLock ransomware group.

 

Impact

The nature and quantity of data compromised is currently under investigation.

Source

Victim: Limburg-Weilburg County Administration

About

Limburg Weilburg County Administration is the local government body of Hesse and offers a range of public services to its residents.

 

Industry

Public sector

 

What happened?

Limburg Weilburg County Administration became a target of a ransomware attack that was orchestrated by the Abyss ransomware group.

 

Impact

The ransomware group has claimed to have stolen and encrypted around 132 GB of data. The nature and quantity of data exposed is currently under investigation.

Source

Victim: Plex Supply

About

PlexSupply is a New Jersey-based wholesale and distribution company that offers a wide range of products, including kitchen supplies, tools, and office equipment, through an online marketplace.

 

Industry

Online shopping

 

What happened?

PlexSupply became a victim of a ransomware attack that was orchestrated by the Pear ransomware group.

 

Impact

The nature and quantity of data compromised is currently under investigation.

Source

To be continued

In May, we saw how some of the most devastating data breaches impacted some of the biggest companies.

 

Keep checking this space as we update our list of June top data breaches with a closer look at how they happened and their impact.

 

Note: Our list only highlights the breaches that have either occurred in 2026 or reported/disclosed in 2026. All breaches reported in previous years, as of 2026, will be excluded from the list.

List of Data Breach July 2026

Here are some of the biggest data breaches of July 2026. Let us understand their impact through insights like how much data is compromised, the entities affected, regulatory fines, and ransom paid.

READ MORE