Weekly Ransomware & Breach Intelligence Recap

Between September 15 – 21, 2025, ransomware activity surged with impactful incidents across government, critical infrastructure, and enterprise sectors. Our monitoring highlights the Top-7 most significant cases:

1. Pennsylvania Office of Attorney General (USA) – Incransom Leak of 5.7 TB, including highly sensitive state data and alleged access to the FBI internal network. Serious national security implications.

2. NV ELMAR (Aruba) – Qilin Exclusive electricity provider of Aruba threatened with compromise. Attack raises risks of a nationwide blackout.

3. ZEF / University of Bonn (Germany/Finland) – Qilin Development research center compromised, exposing data with potential impact on government policy advisory.

4. Humax Holdings (South Korea) – Incransom Global manufacturer of broadcasting & mobility solutions. Exfiltration includes financial data, employee records, and strategic development plans.

5. Jones Soda (USA) – Akira Consumer goods manufacturer hit, with 66 GB leaked, including contracts with PepsiCo. Impacts supply chain trust and corporate reputation.

6. Ronald A/S (Denmark) – Akira Import & FMCG firm compromised, with 320 GB leaked containing passport scans, HR files, contracts, and customer data.

7. USA DeBusk (USA) – Embargo Industrial cleaning & infrastructure maintenance provider. 2 TB breach exposing contracts, client data, and incident reports.

📊 Additional Threat Activity (Sep 15–21, 2025) – Source: breach.house

• 351 new breaches detected

• 136 new infostealer packages

Trend Insight: National critical infrastructure (energy, utilities), government, and supply chain providers are increasingly targeted. Data exfiltration spans from tens of GBs to multiple TBs, amplifying systemic risks.

Discover all attacks and leaks and check if your data has been compromised at:

📌 Breach House

🔎 HaveIbeenransomed?