Supply-Chain Attack
Supply-chain attacks compromise a trusted vendor, library, or service to reach that vendor’s many downstream customers at once.
52tracked breaches
Groups using this method
The Gentlemen 3Qilin 3ShinyHunters 3LockBit 2Akira 1ransomhouse 1J 1payoutsking 1lockbit3 1cuba 1revil 1conti 1
Breaches using Supply-Chain Attack
July 7, 2026HIGHTheGentlemen breaches Michigan IT services provider
The GentlemenRansomware
July 7, 2026HIGHAccenture confirms breach after 35GB source code offered for saleSupply-Chain Attack
July 6, 2026HIGHSISINT Engineering Firm Breached by QilinQilinRansomware
July 6, 2026HIGHJadePuffer Executes First Fully Autonomous LLM Ransomware AttackRansomware
July 3, 2026MEDIBrazilian IT Firm Service IT Breached by WorldLeaksSupply-Chain Attack
July 2, 2026CRITFirst Agentic AI Ransomware Attack via LangflowRansomware
July 2, 2026HIGHChaos Ransomware Claims Breach of Universal Plant ServicesRansomware
June 29, 2026HIGHNissan Discloses Employee Data Breach via Oracle PeopleSoft Zero-DaySupply-Chain Attack
June 25, 2026HIGHAdditional Klue Supply-Chain Breach Victims IdentifiedSupply-Chain Attack
June 23, 2026HIGHTata Electronics Confirms Cyberattack, Apple Manufacturing Data LeakedRansomware
June 22, 2026MEDIBancroft Engineering Claimed by LockBit RansomwareLockBitRansomware
June 20, 2026HIGHTexas Parks & Wildlife Vendor Breach Exposes 3M License HoldersSupply-Chain Attack
June 18, 2026MEDIIcarus Group Steals Salesforce Data via Klue OAuth BreachSupply-Chain Attack
June 17, 2026CRIT30K+ Fortinet Devices Compromised in Credential HeistSupply-Chain Attack
June 16, 2026HIGHItalian Customs Broker CAD 93 Hit by DeadLock RansomwareRansomware
June 15, 2026HIGHMackay Sugar Hit by The Gentlemen Ransomware, Mills ShutThe GentlemenRansomware
June 12, 2026CRITIvanti Sentry Critical Flaw Exploited in Under 24 HoursSupply-Chain Attack
June 12, 2026HIGHDynatrace Source Code Allegedly Stolen from GitHubSupply-Chain Attack
June 11, 2026HIGHPort Air Express Breached by Akira RansomwareAkiraRansomware
June 10, 2026HIGHShinyHunters Targets Oracle PeopleSoft ServersShinyHuntersSupply-Chain Attack
June 9, 2026HIGHServiceNow Discloses Customer Data Query IncidentSupply-Chain Attack
June 8, 2026MEDISoFi Hong Kong Discloses Third-Party Vendor Data BreachSupply-Chain Attack
June 8, 2026HIGHOxford University Discloses CareerConnect Platform BreachSupply-Chain Attack
June 6, 2026MEDIOxford University Career Platform Hit by Third-Party BreachSupply-Chain Attack
June 3, 2026HIGHEmmy.tv AWS Credentials Exposed in Public HTMLSupply-Chain Attack
June 2, 2026HIGHIngka Group (IKEA) Targeted in Alleged Lapsus$ Data TheftSupply-Chain Attack
June 2, 2026HIGHRed Hat NPM Packages Backdoored in Supply Chain AttackSupply-Chain Attack
May 25, 2026MEDIACAM Systemautomation Breached by TheGentlemenThe GentlemenRansomware
May 22, 2026HIGHOncology Institute Confirms Patient Data Impacted by Vendor BreachSupply-Chain Attack
May 20, 2026HIGHGrafana Suffers Data Breach Following TanStack Supply Chain AttackSupply-Chain Attack
May 20, 2026HIGHGitHub Confirms Breach of ~3,800 Internal Repos via Malicious VS Code ExtensionSupply-Chain Attack
May 17, 2026HIGHGrafana Suffers GitHub Token Breach and Extortion AttemptSupply-Chain Attack
May 14, 2026HIGHMalicious node-ipc npm Versions Steal CredentialsSupply-Chain Attack
May 14, 2026HIGHOpenAI Confirms Breach via TanStack Supply Chain AttackSupply-Chain Attack
May 12, 2026MEDICushman & Wakefield Data Leaked by ShinyHuntersShinyHuntersSupply-Chain Attack
May 12, 2026HIGHNitrogen Ransomware Claims Foxconn BreachRansomware
May 11, 2026HIGHLapsus$ Leaks Vodafone Source Code and Database CredentialsSupply-Chain Attack
May 11, 2026CRITWest Pharmaceutical Services Hit by RansomwareRansomware
May 8, 2026MEDINVIDIA Confirms GeForce NOW Data Breach for Armenian UsersSupply-Chain Attack
May 8, 2026HIGHRansomHouse Claims Trellix Cybersecurity Firm BreachRansomware
May 8, 2026MEDIZara Breach Exposes Data of 197K Customers via Compromised VendorShinyHuntersSupply-Chain Attack
May 8, 2026MEDISailPoint Discloses GitHub Repository HackSupply-Chain Attack
May 4, 2026MEDIRansomHouse claims breach of Trellix source codeRansomware
April 17, 2026HIGHCybersecurity Vendor Listed by ransomhouse Ransomware GroupransomhouseRansomware
November 1, 2025HIGHikad.com.au - A 5-Month Staycation in the Defense Supply Chain Listed by J Ransomware GroupJRansomware
April 24, 2025HIGHRhea Vendors Group SpA Listed by payoutsking Ransomware GrouppayoutskingRansomware
April 12, 2025HIGHMS SUPPLY CHAIN SOLUTIONS (MALAYSIA) SDN. BHD Listed by qilin Ransomware GroupQilinRansomware
February 24, 2025HIGHMetro Supply Chain Group. Listed by qilin Ransomware GroupQilinRansomware
November 2, 2023HIGHbnpmedia.com Listed by lockbit3 Ransomware Grouplockbit3LockBitRansomware
February 3, 2021HIGHAutomatic Funds Transfer Services Inc. (vendor to city of Bainbridge Island) Listed by cuba Ransomware GroupcubaRansomware
February 1, 2021HIGHStandley Systems (vendor to Healthcare Sector) Listed by revil Ransomware GrouprevilRansomware
July 31, 2020HIGHManitoulin Transport (Trucking/supply chain company) Listed by conti Ransomware GroupcontiRansomware
Check your exposure
Check if you’re exposed →Attributions to threat groups and methods reflect public reporting and, in some cases, unverified claims made by the groups themselves; they may be incomplete or later revised. Recent Breaches and GalaxyWarden are independent and are not affiliated with, and do not endorse, any company or group named on this page. This information is aggregated from public sources for awareness only and is not legal, security, or investment advice.