Ransomware & Mega-breaches
Key Questions
What claims has ShinyHunters made recently?
ShinyHunters claims breaches at University of Nottingham, PeopleSoft (100+ orgs), JCPenney, Kodak (2.2M records), MSG (45GB dump), and Amazon One Medical (8.8TB). Kodak has confirmed a limited data access incident.
Which new victims were hit by Qilin ransomware?
Qilin added Makel Companies Group to its list after a spree of 15 victims in 72 hours. The group continues rapid targeting across multiple sectors.
What is the Gentlemen ransomware group's latest activity?
The Gentlemen group, now with 478 victims, standardized an EDR-killer suite and recently hit Mackay Sugar in Australia, disrupting ICS operations. It is also linked to attacks on Yum Brands.
What data was allegedly stolen in the Novo Nordisk breach?
FulcrumSec claims 1.3TB stolen including source code, drug data, trial data, and employee/patient PII with a $25M demand. The breach involved two months of undetected network access.
How many records were in the recent massive credential dump?
24 billion records from 36 sources were discovered in a large credential leak, significantly amplifying account takeover risks across the internet.
What supply chain attacks were reported?
Mastra npm had 140+ packages poisoned via account takeover, while Arch Linux AUR saw 1,900+ packages hijacked. These expand developer-targeted threats alongside the automated Megalodon GitHub campaign.
Which healthcare breaches were newly confirmed?
Conduent suffered a 62M-record breach (third largest US healthcare incident), while HCRG Care Group faced patient complaints over poor breach communication. Infinite Campus also reported 137K school staff records exposed.
What is the overall ransomware trend in 2026?
Ransomware incidents surged 49% with 8,159 victims reported so far. Groups like Nitrogen, Qilin, and INC are accelerating attacks on healthcare, education, and manufacturing sectors.
ShinyHunters continues extortion (University of Nottingham, PeopleSoft 100+ orgs, Kodak confirmed – 2.2M records, deadline tomorrow; new JCPenney claim with massive PII; new MSG data dump 45GB; new Amazon One Medical claim 8.8TB). Qilin spree (15 victims in 72h) – new victim Makel Companies Group. Gentlemen ransomware 478 victims exploiting FortiGate, now hits Mackay Sugar in Australia – ICS disrupted; new EDR-killer suite standardizes defense evasion. Foxconn hit by Nitrogen ransomware (8TB stolen). Novo Nordisk breach confirmed: FulcrumSec claims 1.3TB stolen, $25M demand, 2-month network access – includes source code, drug data, trial data, employee/patient PII. Europol disrupts AudiA6 crypto laundering. South Korea fines Coupang $456M. Nintendo breach claim by ShadowByte$ (859MB HR data, $2M ransom) – Nintendo refused to pay. Infinite Campus data breach (137K school staff PII). TikTok breach claim (2.4B users' PII, unconfirmed). Elmwood Home Care ransomware (Lockbit 5.0). DragonForce ransomware group abusing Microsoft Teams TURN relays for stealthy C2 – two months undetected. iRhythm data breach – patient data stolen via third-party hosted apps. Anubis ransomware hits South Korean semiconductor maker Komico – supply chain risk. INC Ransomware thriving via basic tactics – Rust rewrite, source code sold to Lynx/Sinobi, targeting healthcare/education. 24 billion records leaked from 36 sources – massive credential dump amplifying account takeover. Automated 'Megalodon' campaign compromises 5,000+ GitHub repos with malicious Actions. Arch Linux AUR supply chain attack – 1,900+ packages hijacked. WebLogic exploitation by ransomware flagged by CISA – active attacks. Conduent breach 62M – third largest US healthcare breach, supply chain attack on claims processor. IKEA breach claim by Lapsus$ – 180GB data, credibility unconfirmed. Ransomware surged 49% in 2026 – 8159 victims, accelerating trend. Mastra npm supply chain compromise – 140+ poisoned packages via account takeover, expanding developer-targeted attacks. New: Yum Brands (KFC, Taco Bell) confirms ransomware attack impacted US employees – expands earlier UK-only reports. New: HCRG Care Group cyber attack leaves patients fuming – healthcare breach with poor communication.