The week in breach news

North America

Hawaiian Airlines

Hawaiian Airlines disclosed a cybersecurity incident that impacted some IT systems. The breach, discovered on June 23 and reported in a June 27 SEC filing, prompted immediate security measures. The company was quick to reassure passengers that flights were not delayed.

The hacker group Scattered Spider is suspected to be the perpetrator. The gang is also suspected to be behind recent hits on WestJet and Delta.

North America

Aflac

Aflac has confirmed a data breach likely carried out by the cybercrime group Scattered Spider.

The breach exposed sensitive information, including names, claims and health data, Social Security numbers and other personal details tied to customers, employees, agents and beneficiaries within its U.S. operations.

The attack is part of a broader campaign targeting major insurers, with Erie Insurance Group and Philadelphia Insurance Companies also hit in recent weeks.

North America

Transamerica Retirement Services

Transamerica Retirement Services alerted approximately 1,300 individuals to a potential data breach after discovering unauthorized access to an internal cloud-based application used for client management. The breach stemmed from a phishing attack in which an unknown actor posed as a Transamerica employee to gain access through the company’s call center.

The suspicious activity was first flagged on May 7, 2025, but the breach was not fully discovered until June 10. Affected clients were notified beginning June 26. The company has not yet disclosed what specific data may have been exposed.

Europe

Radix

Radix, a Zurich-based nonprofit health foundation, confirmed it was the target of a ransomware attack on June 16, resulting in 1.3TB of data leaking into the dark web. The Sarcoma ransomware group claimed responsibility, publishing the stolen archive on its data leak site.

The breach includes data linked to various undisclosed Swiss federal offices, although Radix says there is currently no indication that sensitive information from its partner organizations was compromised. The number of individuals affected remains unclear as investigations continue.

North America

Ontario Health atHome

Ontario’s privacy commissioner and Ontario Health are investigating a controversial data breach involving Ontario Health atHome. An estimated 200,000 former patients may have had their medical data exposed. The Ontario Liberal Party revealed the breach in a news release Friday, alleging that sensitive information was compromised in this incident dating back to March 17, 2025. However, the breach was not publicly disclosed until now.

The breach, initially described as a “system outage” by vendor Ontario Medical Supply, occurred in mid-March. An investigation later confirmed it was a cybersecurity attack. Exposed data may include names, contact details and medical supply information.

Europe

Asfea

Asefa, the Madrid-based subsidiary of French insurer SMABTP, is the latest victim of the ransomware group Qilin. The group claims to have exfiltrated over 200GB of sensitive data. Among the compromised information are sensitive documents related to the prominent Spanish football club FC Barcelona. Despite the breach, Asefa maintains that its core insurance operations remain unaffected.

Europe

Glasgow City Council

Glasgow City Council is responding to a cybersecurity breach detected on June 19 that disrupted multiple online services, including planning applications, parking payments, school absence reporting and vital records ordering. Access to Strathclyde Pension Fund accounts was also suspended.

While there’s no evidence of compromised financial or payment data, the council alerted the Information Commissioner’s Office over possible personal data theft. Investigations are ongoing.