AIDS Alabama Incorporated (AAI) serves over 8,000 Alabama residents, assisting them with emotional and medical support where possible. They are a clinic of humanitarian advocates, helping community members with housing and food; AAI is also an outspoken supporter of Black Lives Matter, substance abuse help, and preventative education. Your data may be at risk if you’ve received services or assistance from AAI.

This week, we noticed increased targeting of medical information; surgeries, health centers, and clinics were all made victims by successful hacking plots. The most recent attack involved Chicago’s Cook County Health. Alabama and Virginia also had specialized assaults, resulting in three data breaches across the states. Shadow PC also suffered a breach, which may have put thousands of gamers around the globe at risk.

Chicago’s health providers are prime targets for opportunistic hackers; Cook County Health is the most recently discovered victim of a cyber assault. Assailants took advantage of a third-party medical transcription service Perry Johnson & Associates, Inc. (PJ&A) provided. The attack targeted PJ&A’s systems, resulting in the exposure of numerous patient records. If hackers accessed your information during the breach, there’s still time to protect yourself.

Fairfax Oral and Maxillofacial Surgery serves the residents of Northern Virginia and the surrounding region. They employ a ten-person surgery team with six locations. Fairfax has been the target of a data breach, creating over 235,000 potential victims; your information may be at risk if you’ve been a patient of an associated facility.

Decathlon is a global sporting goods retailer with over 100,000 employees and 1,700+ storefronts worldwide. In 2022, Decathlon reported 15.4 billion euros of net sales revenue, shared with 55,000 shareholding teammates. However, Decathlon suffered a significant data leak a year before its substantial revenue report. Credentials from that attack have resurfaced recently, putting the private information of nearly 8,000 individuals at risk.

Shadow PC is a Paris-based gaming host with thousands of clients in Europe and the US. Shadow’s service allows video games with high resource consumption to run on old software; this is made possible by Shadow’s ability to open a virtual computer. The virtual computer takes the onus of running games, allowing even incompatible computers to run game software. Shadow PC’s services are cloud-based, which should allow up to 100,000 users to play on their servers simultaneously.

Air Europa is a Spanish airline that serves travelers from all over Europe, North America, the Caribbean, and Tunisia. The airline welcomes over 430 million fliers each year, with 10,000+ daily flights across the globe. Following a recent hack, some consumers may have had their credit card information stolen. Very little is public about the cyber incident, meaning any traveler could be at risk.

This week, threat actors targeted the vital aspects of many companies characterized by their robust cybersecurity. 23andMe got hit early on, suffering demographic and relationship exposures that may target Ashkenazi Jews and Chinese descendants. The D.C. Board of Elections was also targeted, potentially exposing the voter information of 600,000+ individuals. Flagstar Bank and Air Europa also suffered, leaking the payment information of their trusting consumers.

Florida’s First Judicial Circuit hosts 33 courts in the Northwest of the state. The region serves over 1.4 million residents, most of whom live within areas heavily impacted by the military. Last week, the Florida Courts suffered a data breach, which halted operations across the district starting on October 2nd. In the last 72 hours, ransomware gang BlackCat has claimed responsibility for the assault—and may be holding the credentials for ransom.