Victim: PowerSchool

About:

PowerSchool is a widely-used cloud-based platform that supports educators in more than 90 countries. In the U.S., thousands of schools rely on its tools to manage student data, attendance, and communication with parents.

Industry: Technology

What happened?

 

Attackers gained access to PowerSchool’s customer support portal using compromised credentials.

 

Impact: Data of over 45 million students and parents was compromised, affecting more than 1,000 schools across the U.S. The breach included sensitive data such as Social Security Numbers and student health information.

 

Financial Loss: Unknown

Victim: Cariad

About:

 

Cariad is a technology firm developing software for Volkswagen Group and its brands including Audi, Porsche, and Bentley.

 

Industry: Automotive Technology

 

What happened?

 

A whistleblower alerted researchers to a misconfigured Amazon cloud storage instance containing terabytes of sensitive data.

 

Impact:

 

Data from 800,000 internet-connected vehicles was exposed, affecting customers in multiple European countries.

 

Financial Loss: Unknown

Victim: New York Blood Center

About:

 

NYBC collects over 4,000 blood products daily and serves over 7.5 million people across 500 hospitals in the U.S.

 

Industry: Healthcare

 

What happened?

 

Suspicious activity was detected on NYBC’s IT systems on January 26, indicating a ransomware attack.

 

Impact:

 

Blood donations were disrupted, significantly affecting operations during a declared blood emergency. Data possibly includes patient records, though the full impact is under investigation.

 
 

Victim: Frederick Health

About:

 

A U.S.-based healthcare system offering a wide range of services across 25 locations.

 

Industry: Healthcare

 

What happened?

 

On January 27, the organization suffered a ransomware attack, causing systems to go offline.

 

Impact:

 

Ambulance services were diverted, and critical operations were delayed.

 
 

Victim: ICICI Bank

About:

 

One of India’s oldest and most trusted banks, with international presence and widespread digital banking services.

 

Industry: Banking

 

What happened?

 

A known threat group claimed responsibility for stealing data and issued a ransom demand.

 

Impact:

 

Data stolen includes full names, bank account details, credit card numbers, email addresses, and physical addresses.

 
 

Victim: Community Health Center

About:

 

Connecticut-based nonprofit providing comprehensive healthcare services.

 

Industry: Healthcare

 

What happened?

 

Cybercriminals gained unauthorized access and exfiltrated the data of over 1 million patients.

 

Impact:

 

Names, contact details, birth dates, and Social Security Numbers were exposed—making it the largest healthcare breach in 2025 to date.

Tags: