United States
Independent Title Agency
Independent Title Agency, LLC (ITA), a New York-based title company, has confirmed a major data breach following a ransomware attack on April 17. The incident, claimed by the SKIRA TEAM threat group, resulted in the theft of approximately 932 GB of data, including names, Social Security numbers and other sensitive information tied to real estate transactions.
ITA began notifying affected individuals on July 18. They are is offering free credit monitoring and identity protection services through Experian IdentityWorks.
SourceHow it could affect your business
Service providers that handle sensitive data like title companies are high-value targets for ransomware groups.
Australia
Mortgage Choice
Six mortgage services companies in the Queensland area of Australia experienced a data breach as the result of a series of break-ins around July 20, 2025. Police allege Joseph Kelly broke into three Mortgage Choice locations on the Gold Coast, one in Logan and one in Ipswich, as well as an unspecified ITP Accounting Professionals office.
Authorities say Kelly transferred large volumes of personal and financial information, including driver’s licenses, passports, pay stubs and mortgage applications onto an encrypted device.
ITP Queensland has notified 64 affected clients so far. As of publication, Mortgage Choice is still assessing the full scope of the data breach. The Australian Taxation Office confirmed its systems remain secure, despite links to tax offices being involved in the incident.
SourceHow it could affect your business
This case is a reminder that data security extends beyond cyber defenses. Physical data access controls are also important.
United States
The Alcohol & Drug Testing Service
Texas-based The Alcohol & Drug Testing Service (TADTS), a company providing workplace drug and alcohol testing services for private employers and government agencies, including the Department of Transportation, disclosed a major data breach impacting 748,763 individuals.
The cybercrime group Bian Lian claimed responsibility, listing TADTS on its dark web leak site. The company said it became aware of the breach on July 9, 2024. TADTS noted that the volume of data involved impacted its timeline for officially disclosing the breach. Compromised data may include names, Social Security numbers, dates of birth, driver’s license information, passport numbers, financial account details, login credentials, biometric data and immigration-related information.
SourceHow it could affect your business
Failing to disclose a data breach quickly could make customers and partners uneasy and damage a company’s reputation.
Europe
Novabev Group
Russian alcohol company Novabev Group reported being hit by a cyberattack that impacted its operations. The owner of the Beluga and Belenkaya vodka brands said in a statement that the incident occurred on July 14.
The incident led to a temporary disruption of part of its IT infrastructure, impacting the availability of services and tools, including those of its retail arm, WineLab. The company said that the attackers demanded a ransom, which they refused to pay. Novabev Group said that based on current information, customers’ personal data remains uncompromised, although the investigation continues.
SourceHow it could affect your business
When food and beverage companies fall victim to ransomware gangs, the results can include impacted production and delivery systems.
United States
Wiley Rein
Attorneys and advisers at prominent Washington, D.C. law firm Wiley Rein had their Microsoft 365 email accounts compromised in a suspected China-backed cyber espionage campaign, according to a client memo obtained by CNN.
The firm, which serves major corporations and government clients, said the breach appears to be part of a Chinese intelligence gathering effort. Wiley Rein did not specify what, if any, data was stolen. Google-owned cybersecurity firm Mandiant is currently handling the investigation and remediation.
SourceHow it could affect your business
Nation-state cybercrime isn’t just a government problem; any business that handles government data may be a target.
Europe
Air Serbia
Air Serbia is battling a cyberattack that disrupted internal systems and delayed the issuance of employee pay stubs. The airline’s IT team began alerting staff on July 4, initiating a series of company-wide password resets and deploying security scanning tools.
The attack forced service accounts offline, disrupted automated processes and limited internet access to a few whitelisted pages. Multiple waves of enforced password resets followed, with system administrators assigning credentials and asking staff to leave PCs accessible for overnight work.
While the full scope of the incident remains unclear, sources suggest infostealer malware may be involved. This attack adds Air Serbia to a list of airlines hit by cyberattacks in July 2025 that includes WestJet, Hawaiian and Qantas.
SourceHow it could affect your business
A well-placed malware infection can have a cascading impact on operational continuity, employee communication and data security.
United States
North Country HealthCare
Pro-Russia ransomware group Stormous claims to have stolen the personal and health information of 600,000 patients from North Country HealthCare, a federally qualified community health center serving a wide range of communities in northern Arizona.
Listed on Stormous’ data leak site on July 13, the breach allegedly includes full personally identifiable information (PII) and protected health information (PHI), such as names, birthdates, clinic visits, diagnostic codes and insurance details. North Country HealthCare operates in 14 locations across the region. The organization has not yet publicly confirmed the extent of the breach.
How it could affect your business
Protecting patient data is not just a HIPAA compliance requirement — it’s a critical component of patient trust and care continuity.
