Recent Breaches

Recent BreachesAttack methods › Supply-Chain Attack

Attack method

Supply-Chain Attack

Supply-chain attacks compromise a trusted vendor, library, or service to reach that vendor’s many downstream customers at once.
52tracked breaches

Groups using this method

The Gentlemen 3Qilin 3ShinyHunters 3LockBit 2Akira 1ransomhouse 1J 1payoutsking 1lockbit3 1cuba 1revil 1conti 1

Breaches using Supply-Chain Attack

July 7, 2026HIGHTheGentlemen breaches Michigan IT services provider
The GentlemenRansomware
July 7, 2026HIGHAccenture confirms breach after 35GB source code offered for sale
Supply-Chain Attack
July 6, 2026HIGHSISINT Engineering Firm Breached by Qilin
QilinRansomware
July 6, 2026HIGHJadePuffer Executes First Fully Autonomous LLM Ransomware Attack
Ransomware
July 3, 2026MEDIBrazilian IT Firm Service IT Breached by WorldLeaks
Supply-Chain Attack
July 2, 2026CRITFirst Agentic AI Ransomware Attack via Langflow
Ransomware
July 2, 2026HIGHChaos Ransomware Claims Breach of Universal Plant Services
Ransomware
June 29, 2026HIGHNissan Discloses Employee Data Breach via Oracle PeopleSoft Zero-Day
Supply-Chain Attack
June 25, 2026HIGHAdditional Klue Supply-Chain Breach Victims Identified
Supply-Chain Attack
June 23, 2026HIGHTata Electronics Confirms Cyberattack, Apple Manufacturing Data Leaked
Ransomware
June 22, 2026MEDIBancroft Engineering Claimed by LockBit Ransomware
LockBitRansomware
June 20, 2026HIGHTexas Parks & Wildlife Vendor Breach Exposes 3M License Holders
Supply-Chain Attack
June 18, 2026MEDIIcarus Group Steals Salesforce Data via Klue OAuth Breach
Supply-Chain Attack
June 17, 2026CRIT30K+ Fortinet Devices Compromised in Credential Heist
Supply-Chain Attack
June 16, 2026HIGHItalian Customs Broker CAD 93 Hit by DeadLock Ransomware
Ransomware
June 15, 2026HIGHMackay Sugar Hit by The Gentlemen Ransomware, Mills Shut
The GentlemenRansomware
June 12, 2026CRITIvanti Sentry Critical Flaw Exploited in Under 24 Hours
Supply-Chain Attack
June 12, 2026HIGHDynatrace Source Code Allegedly Stolen from GitHub
Supply-Chain Attack
June 11, 2026HIGHPort Air Express Breached by Akira Ransomware
AkiraRansomware
June 10, 2026HIGHShinyHunters Targets Oracle PeopleSoft Servers
ShinyHuntersSupply-Chain Attack
June 9, 2026HIGHServiceNow Discloses Customer Data Query Incident
Supply-Chain Attack
June 8, 2026MEDISoFi Hong Kong Discloses Third-Party Vendor Data Breach
Supply-Chain Attack
June 8, 2026HIGHOxford University Discloses CareerConnect Platform Breach
Supply-Chain Attack
June 6, 2026MEDIOxford University Career Platform Hit by Third-Party Breach
Supply-Chain Attack
June 3, 2026HIGHEmmy.tv AWS Credentials Exposed in Public HTML
Supply-Chain Attack
June 2, 2026HIGHIngka Group (IKEA) Targeted in Alleged Lapsus$ Data Theft
Supply-Chain Attack
June 2, 2026HIGHRed Hat NPM Packages Backdoored in Supply Chain Attack
Supply-Chain Attack
May 25, 2026MEDIACAM Systemautomation Breached by TheGentlemen
The GentlemenRansomware
May 22, 2026HIGHOncology Institute Confirms Patient Data Impacted by Vendor Breach
Supply-Chain Attack
May 20, 2026HIGHGrafana Suffers Data Breach Following TanStack Supply Chain Attack
Supply-Chain Attack
May 20, 2026HIGHGitHub Confirms Breach of ~3,800 Internal Repos via Malicious VS Code Extension
Supply-Chain Attack
May 17, 2026HIGHGrafana Suffers GitHub Token Breach and Extortion Attempt
Supply-Chain Attack
May 14, 2026HIGHMalicious node-ipc npm Versions Steal Credentials
Supply-Chain Attack
May 14, 2026HIGHOpenAI Confirms Breach via TanStack Supply Chain Attack
Supply-Chain Attack
May 12, 2026MEDICushman & Wakefield Data Leaked by ShinyHunters
ShinyHuntersSupply-Chain Attack
May 12, 2026HIGHNitrogen Ransomware Claims Foxconn Breach
Ransomware
May 11, 2026HIGHLapsus$ Leaks Vodafone Source Code and Database Credentials
Supply-Chain Attack
May 11, 2026CRITWest Pharmaceutical Services Hit by Ransomware
Ransomware
May 8, 2026MEDINVIDIA Confirms GeForce NOW Data Breach for Armenian Users
Supply-Chain Attack
May 8, 2026HIGHRansomHouse Claims Trellix Cybersecurity Firm Breach
Ransomware
May 8, 2026MEDIZara Breach Exposes Data of 197K Customers via Compromised Vendor
ShinyHuntersSupply-Chain Attack
May 8, 2026MEDISailPoint Discloses GitHub Repository Hack
Supply-Chain Attack
May 4, 2026MEDIRansomHouse claims breach of Trellix source code
Ransomware
April 17, 2026HIGHCybersecurity Vendor Listed by ransomhouse Ransomware Group
ransomhouseRansomware
November 1, 2025HIGHikad.com.au - A 5-Month Staycation in the Defense Supply Chain Listed by J Ransomware Group
JRansomware
April 24, 2025HIGHRhea Vendors Group SpA Listed by payoutsking Ransomware Group
payoutskingRansomware
April 12, 2025HIGHMS SUPPLY CHAIN SOLUTIONS (MALAYSIA) SDN. BHD Listed by qilin Ransomware Group
QilinRansomware
February 24, 2025HIGHMetro Supply Chain Group. Listed by qilin Ransomware Group
QilinRansomware
November 2, 2023HIGHbnpmedia.com Listed by lockbit3 Ransomware Group
lockbit3LockBitRansomware
February 3, 2021HIGHAutomatic Funds Transfer Services Inc. (vendor to city of Bainbridge Island) Listed by cuba Ransomware Group
cubaRansomware
February 1, 2021HIGHStandley Systems (vendor to Healthcare Sector) Listed by revil Ransomware Group
revilRansomware
July 31, 2020HIGHManitoulin Transport (Trucking/supply chain company) Listed by conti Ransomware Group
contiRansomware
Check your exposure
See if your email turned up in any breach we track — free.
Check if you’re exposed →

Attributions to threat groups and methods reflect public reporting and, in some cases, unverified claims made by the groups themselves; they may be incomplete or later revised. Recent Breaches and GalaxyWarden are independent and are not affiliated with, and do not endorse, any company or group named on this page. This information is aggregated from public sources for awareness only and is not legal, security, or investment advice.