Incindent List - 2024 2023 2021 2020 2019 2018
DATE | NAME | Info | CATEG. | WEB |
|
1.11.24 | Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned | Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone | Incindent | |
26.9.24 | U.S. govt agency CMS says data breach impacted 3.1 million people | The Centers for Medicare & Medicaid Services (CMS) federal agency announced earlier this month that health and personal information of more than three million health plan beneficiaries was exposed in the MOVEit attacks Cl0p ransomware conducted last year. | Incindent | |
22.9.24 | Disney ditching Slack after massive July data breach | The Walt Disney Company is reportedly ditching Slack after a July data breach exposed over 1TB of confidential messages and files posted to the company's internal communication channels. | Incindent | |
22.9.24 | Dell investigates data breach claims after hacker leaks employee info | Dell has confirmed to BleepingComputer that they are investigating recent claims that it suffered a data breach after a threat actor leaked the data for over 10,000 employees. | Incindent | |
21.9.24 | Russian security firm Dr.Web disconnects all servers after breach | On Tuesday, Russian anti-malware company Doctor Web (Dr.Web) disclosed a security breach after its systems were targeted in a cyberattack over the weekend. | Incindent | |
21.9.24 | Temu denies breach after hacker claims theft of 87 million data records | Temu denies it was hacked or suffered a data breach after a threat actor claimed to be selling a stolen database containing 87 million records of customer information. | Incindent | |
21.9.24 | Construction firms breached in brute force attacks on accounting software | Hackers are brute-forcing passwords for highly privileged accounts on exposed Foundation accounting servers, widely used in the construction industry, to breach corporate networks. | Incindent | |
21.9.24 | AT&T pays $13 million FCC settlement over 2023 data breach | The Federal Communications Commission (FCC) has reached a $13 million settlement with AT&T to resolve a probe into whether the telecom giant failed to protect customer data after a vendor's cloud environment was breached three years ago. | Incindent | |
20.9.24 | PKfail Secure Boot bypass remains a significant risk two months later | Roughly nine percent of tested firmware images use non-production cryptographic keys that are publicly known or leaked in data breaches, leaving many Secure Boot devices vulnerable to UEFI bootkit malware attacks. | Incindent | |
15.9.24 | 23andMe to pay $30 million in genetics data breach settlement | DNA testing giant 23andMe has agreed to pay $30 million to settle a lawsuit over a data breach that exposed the personal information of 6.4 million customers in 2023. | Incindent | |
15.9.24 | Fortinet confirms data breach after hacker claims to steal 440GB of files | Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company's Microsoft Sharepoint server. | Incindent | |
15.9.24 | Transport for London confirms customer data stolen in cyberattack | Transport for London (TfL) has determined that the cyberattack on September 1 impacts customer data, including names, contact details, email addresses, and home addresses. | Incindent | |
10.9.24 | Payment gateway data breach affects 1.7 million credit card owners | Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals. | Incindent | |
8.9.24 | Transport for London staff faces systems disruptions after cyberattack | Transport for London, the city's public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack. | Incindent | |
8.9.24 | Car rental giant Avis discloses data breach impacting customers | American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information. | Incindent | |
8.9.24 | Microchip Technology confirms data was stolen in cyberattack | American semiconductor supplier Microchip Technology Incorporated has confirmed that employee information was stolen from systems compromised in an August cyberattack, which was later claimed by the Play ransomware gang. | Incindent | |
7.9.24 | Halliburton confirms data stolen in recent cyberattack | Oil and gas giant Halliburton has confirmed in a filing today to the Securities and Exchange Commission (SEC) that data was stolen in the recent attack linked to the RansomHub ransomware gang. | Incindent | |
7.9.24 | Transport for London discloses ongoing “cyber security incident” | Transport for London (TfL), the city's transport authority, is investigating an ongoing cyberattack that has yet to impact its services. | Incindent | |
7.9.24 | Business services giant CBIZ discloses customer data breach | CBIZ Benefits & Insurance Services (CBIZ) has disclosed a data breach that involves unauthorized access of client information stored in specific databases. | Incindent | |
1.9.24 | Researchers find SQL injection to bypass airport TSA security checks | Security researchers have found a vulnerability in a key air transport security system that allowed unauthorized individuals to potentially bypass airport security screenings and gain access to aircraft cockpits. | Incindent | |
31.8.24 | Park’N Fly notifies 1 million customers of data breach | Park'N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network. | Incindent | |
27.8.24 | Seattle-Tacoma Airport IT systems down due to a cyberattack | The Seattle-Tacoma International Airport has confirmed that a cyberattack is likely behind the ongoing IT systems outage that disrupted reservation check-in systems and delayed flights over the weekend. | Incindent | |
25.8.24 | US oil giant Halliburton confirms cyberattack behind systems shutdown | Halliburton, one of the world's largest providers of services to the energy industry, has confirmed a cyberattack that forced it to shut down some of its systems earlier this week. | Incindent | |
23.8.24 | Microchip Technology discloses cyberattack impacting operations | American chipmaker Microchip Technology Incorporated has disclosed that a cyberattack impacted its systems over the weekend, disrupting operations across multiple manufacturing facilities. | Incindent | |
23.8.24 | Oregon Zoo warns visitors their credit card details were stolen | Oregon Zoo is informing that visitors who purchased tickets online between December and June had their payment card information compromised. | Incindent | |
23.8.24 | Hacker locks Unicoin staff out of Google accounts for 4 days | A hacker compromised Unicoin's Google Workspace (formerly G-Suite) account and changed the passwords for all company employees, locking them out of their corporate accounts for days. | Incindent | |
23.8.24 | Toyota confirms third-party data breach impacting customers | Toyota confirmed that customer data was exposed in a third-party data breach after a threat actor leaked an archive of 240GB of stolen data on a hacking forum. | Incindent | |
21.8.24 | FlightAware configuration error leaked user data for years | Flight tracking platform FlightAware is asking some users to reset their account login passwords due to a data security incident that may have exposed personal information. | Incindent | |
21.8.24 | AutoCanada discloses cyberattack impacting internal IT systems | Hackers targeted AutoCanada in a cyberattack last Sunday that impacted the automobile dealership group's internal IT systems, which may lead to disruptions. | Incindent | |
16.8.24 | Hackers leak 2.7 billion data records with Social Security numbers | Almost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing names, social security numbers, all known physical addresses, and possible aliases. | Incindent | |
16.8.24 | CSC ServiceWorks discloses data breach after 2023 cyberattack | CSC ServiceWorks, a leading provider of commercial laundry services, has disclosed a data breach after the personal information of an undisclosed number of individuals was exposed in a 2023 cyberattack. | Incindent | |
11.8.24 | ADT confirms data breach after customer info leaked on hacking forum | ADT Inc. disclosed via a Form 8-K filing at the U.S. Securities and Exchange Commission (SEC) that hackers have gained access to its systems, which hold customer order details. | Incindent | |
11.8.24 | Ronin Network hacked, $12 million returned by "white hat" hackers | Gambling blockchain Ronin Network suffered a security incident yesterday when white hat hackers exploited an undocumented vulnerability on the Ronin bridge to withdraw 4,000 ETH and 2 million USDC, totaling $12 million. | Incindent | |
11.8.24 | France's Grand Palais discloses cyberattack during Olympic games | The Grand Palais Réunion des musées nationaux (Rmn) in France is warning that it suffered a cyberattack on Saturday night, August 3, 2024. | Incindent | |
11.8.24 | Hacker wipes 13,000 devices after breaching classroom management platform | A hacker has breached Mobile Guardian, a digital classroom management platform used worldwide, and remotely wiped data from at least 13,000 student's iPads and Chromebooks. | Incindent | |
11.8.24 | Point of entry: Why hackers target stolen credentials for initial access | Stolen credentials are a big problem, commonly used to breach networks in attacks. Learn more from Specops Software about checking the password hygiene of your Active Directory. | Incindent | BleepingComputer |
4.8.24 | CrowdStrike sued by investors over massive global IT outage | Cybersecurity company CrowdStrike has been sued by investors who say it provided false claims about its Falcon platform after a bad security update led to a massive global IT outage causing the stock price to tumble almost 38%. | Incindent | |
4.8.24 | Twilio kills off Authy for desktop, forcibly logs out all users | Twilio has finally killed off its Authy for Desktop application, forcibly logging users out of the desktop application. | Incindent | |
4.8.24 | Cencora confirms patient health info stolen in February attack | Pharmaceutical giant Cencora has confirmed that patients' protected health information and personally identifiable information (PII) was exposed in a February cyberattack. | Incindent | |
3.8.24 | HealthEquity says data breach impacts 4.3 million people | HSA provider HealthEquity has determined that a cybersecurity incident disclosed earlier this month has compromised the information of 4,300,000 people. | Incindent | |
28.7.24 | FBCS data breach impact now reaches 4.2 million people | Debt collection agency Financial Business and Consumer Solutions (FBCS) has again increased the number of people impacted by a February data breach, now saying it affects 4.2 million people in the US. | Incindent | |
27.7.24 | BreachForums v1 database leak is an OPSEC test for hackers | The entire database for the notorious BreachForums v1 hacking forum was released on Telegram Tuesday night, exposing a treasure trove of data, including members' information, private messages, cryptocurrency addresses, and every post on the forum. | Incindent | |
27.7.24 | BreachForums v1 hacking forum data leak exposes members’ info | The private member information of the BreachForums v1 hacking forum from 2022 has been leaked online, allowing threat actors and researchers to gain insight into its users. | Incindent | |
26.7.24 | Verizon to pay $16 million in TracFone data breach settlement | Verizon Communications has agreed to a $16,000,000 settlement with the Federal Communications Commission (FCC) in the U.S. concerning three data breach incidents its wholly-owned subsidiary, TracFone Wireless, suffered after its acquisition in 2021. | Incindent | |
26.7.24 | Greece’s Land Registry agency breached in wave of 400 cyberattacks | The Land Registry agency in Greece has announced that it suffered a limited-scope data breach following a wave of 400 cyberattacks targeting its IT infrastructure over the last week. | Incindent | |
20.7.24 | Over 400,000 Life360 user phone numbers leaked via unsecured API | A threat actor has leaked a database containing the personal information of 442,519 Life360 customers collected by abusing a flaw in the login API. | Incindent | |
18.7.24 | Yacht giant MarineMax data breach impacts over 123,000 people | MarineMax, self-described as the world's largest recreational boat and yacht retailer, is notifying over 123,000 customers whose personal information was stolen in a March security breach claimed by the Rhysida ransomware gang. | Incindent | |
18.7.24 | Email addresses of 15 million Trello users leaked on hacking forum | A threat actor has released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January. | Incindent | |
18.7.24 | Rite Aid says June data breach impacts 2.2 million people | Rite Aid, the third-largest drugstore chain in the United States, says that 2.2 million customers' personal information was stolen last month in what it described as a "data security incident." | Incindent | |
14.7.24 | Massive AT&T data breach exposes call logs of 109 million customers | AT&T is warning of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its mobile customers, from an online database on the company's Snowflake account. | Incindent | |
14.7.24 | ARRL finally confirms ransomware gang stole data in cyberattack | The American Radio Relay League (ARRL) finally confirmed that some of its employees' data was stolen in a May ransomware attack initially described as a "serious incident." | Incindent | |
14.7.24 | CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool | A new threat actor known as CRYSTALRAY has significantly broadened its targeting scope with new tactics and exploits, now counting over 1,500 victims whose credentials were stolen and cryptominers deployed. | Incindent | |
14.7.24 | Advance Auto Parts data breach impacts 2.3 million people | Advance Auto Parts is sending data breach notifications to over 2.3 million people whose personal data was stolen in recent Snowflake data theft attacks. | Incindent | |
13.7.24 | Ticket Heist fraud gang uses 700 domains to sell fake Olympics tickets | A large-scale fraud campaign with over 700 domain names is likely targeting Russian-speaking users looking to purchase tickets for the Summer Olympics in Paris. | Incindent | |
13.7.24 | Fujitsu confirms customer data exposed in March cyberattack | Fujitsu confirms that information related to some individuals and customers' business has been compromised during the data breach detected earlier this year. | Incindent | |
13.7.24 | AT&T Confirms Data Breach Affecting Nearly All Wireless Customers | American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "nearly all" of its | Incindent | The Hacker News |
11.7.24 | City of Philadelphia says over 35,000 hit in May 2023 breach | The City of Philadelphia revealed that a May 2024 disclosed in October impacted more than 35,000 individuals' personal and protected health information. | Incindent | |
11.7.24 | Evolve Bank says data breach impacts 7.6 million Americans | Evolve Bank & Trust (Evolve) is sending notices of a data breach to 7.6 million Americans whose data was stolen during a recent LockBit ransomware attack. | Incindent | |
11.7.24 | Computer maker Zotac exposed customers' RMA info on Google Search | Computer hardware maker Zotac has exposed return merchandise authorization (RMA) requests and related documents online for an unknown period, exposing sensitive customer information. | Incindent | |
11.7.24 | Hackers leak 39,000 print-at-home Ticketmaster tickets for 154 events | In an ongoing extortion campaign against Ticketmaster, threat actors have leaked almost 39,000 print-at-home tickets for 150 upcoming concerts and events, including Pearl Jam, Phish, Tate McCrae, and Foo Fighters. | Incindent | |
11.7.24 | Neiman Marcus data breach: 31 million email addresses found exposed | A May 2024 data breach disclosed by American luxury retailer and department store chain Neiman Marcus last month has exposed more than 31 million customer email addresses, according to Have I Been Pwned founder Troy Hunt, who analyzed the stolen data. | Incindent | |
11.7.24 | Roblox vendor data breach exposes dev conference attendee info | Roblox announced late last week that it suffered a data breach impacting attendees of the 2022, 2023, and 2024 Roblox Developer Conference attendees. | Incindent | |
11.7.24 | Shopify denies it was hacked, links stolen data to third-party app | E-commerce platform Shopify denies it suffered a data breach after a threat actor began selling customer data they claim was stolen from the company's network. | Incindent | |
6.7.24 | Hackers leak alleged Taylor Swift tickets, amp up Ticketmaster extortion | Hackers have leaked what they claim is Ticketmaster barcode data for 166,000 Taylor Swift Eras Tour tickets, warning that more events would be leaked if a $2 million extortion demand is not paid. | Incindent | |
6.7.24 | HealthEquity data breach exposes protected health information | Healthcare fintech firm HealthEquity is warning that it suffered a data breach after a partner's account was compromised and used to access the Company's systems to steal protected health information. | Incindent | |
5.7.24 | Formula 1 governing body discloses data breach after email hacks | FIA (Fédération Internationale de l'Automobile), the auto racing governing body since the 1950s, says attackers gained access to personal data after compromising several FIA email accounts in a phishing attack. | Incindent | |
5.7.24 | Affirm says cardholders impacted by Evolve Bank data breach | Buy now, pay later loan company Affirm is warning that holders of its payment cards had their personal information exposed due to a data breach at its third-party issuer, Evolve Bank & Trust (Evolve). | Incindent | |
5.7.24 | Prudential Financial now says 2.5 million impacted by data breach | Prudential Financial, a global financial services company, has revealed that over 2.5 million people had their personal information compromised in a February data breach. | Incindent | |
4.7.24 | Twilio's Authy App Breach Exposes Millions of Phone Numbers | Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in | Incindent | The Hacker News |
30.6.24 | Infosys McCamish says LockBit stole data of 6 million people | Infosys McCamish Systems (IMS) disclosed that the LockBit ransomware attack it suffered earlier this year impacted sensitive information of more than six million individuals. | Incindent | |
30.6.24 | Dairy giant Agropur says data breach exposed customer info | Agropur, one of the largest dairy cooperatives in North America, is notifying customers of a data breach after some of its shared online directories were exposed. | Incindent | |
30.6.24 | Ticketmaster sends notifications about recent massive data breach | Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company's Snowflake database, containing the data of millions of people. | Incindent | |
30.6.24 | Former IT employee accessed data of over 1 million US patients | Geisinger, a prominent healthcare system in Pennsylvania, has announced a data breach involving a former employee of Nuance, an IT services provider contracted by the organization. | Incindent | |
30.6.24 | TeamViewer's corporate network was breached in alleged APT hack | The remote access software company TeamViewer is warning that its corporate environment was breached in a cyberattack yesterday, with a cybersecurity firm claiming it was by an APT hacking group. | Incindent | |
| 28.6.24 | Neiman Marcus confirms data breach after Snowflake account hack | Luxury retailer Neiman Marcus confirmed it suffered a data breach after hackers attempted to sell the company's database stolen in recent Snowflake data theft attacks. | Incindent | |
| 28.6.24 | Chemical facilities warned of possible data theft in CISA CSAT breach | CISA is warning that its Chemical Security Assessment Tool (CSAT) environment was breached in January after hackers deployed a webshell on its Ivanti device, potentially exposing sensitive security assessments and plans. | Incindent | |
| 28.6.24 | CoinStats says North Korean hackers breached 1,590 crypto wallets | CoinStats suffered a massive security breach that compromised 1,590 cryptocurrency wallets, with the attack suspected to have been carried out by North Korean threat actors. | Incindent | |
| 28.6.24 | CDK Global hacked again while recovering from first cyberattack | Car dealership SaaS platform CDK Global suffered an additional breach Wednesday night as it was starting to restore systems shut down in an previous cyberattack. | Incindent | |
| 28.6.24 | TeamViewer Detects Security Breach in Corporate IT Environment | TeamViewer on Thursday disclosed it detected an "irregularity" in its internal corporate IT environment on June 26, 2024. "We immediately | Incindent | The Hacker News |
| 27.6.24 | T-Mobile denies it was hacked, links leaked data to vendor breach | T-Mobile has denied it was breached or that source code was stolen after a threat actor claimed to be selling stolen data from the telecommunications company. | Incindent | |
| 27.6.24 | Advance Auto Parts confirms data breach exposed employee information | Advance Auto Parts has confirmed it suffered a data breach after a threat actor attempted to sell stolen data on a hacking forum earlier this month. | Incindent | |
| 27.6.24 | AMD investigates breach after data for sale on hacking forum | AMD is investigating whether it suffered a cyberattack after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains AMD employee information, financial documents, and confidential information. | Incindent | |
| 16.6.24 | Keytronic confirms data breach after ransomware gang leaks stolen files | PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago. | Incindent | |
| 16.6.24 | Scattered Spider hackers switch focus to cloud apps for data theft | The Scattered Spider gang has started to steal data from software-as-a-service (SaaS) applications and establish persistence through creating new virtual machines. | Incindent | |
| 16.6.24 | Insurance giant Globe Life investigating web portal breach | American financial services holding company Globe Life says attackers may have accessed consumer and policyholder data after breaching one of its web portals. | Incindent | |
| 15.6.24 | Truist Bank confirms breach after stolen data shows up on hacking forum | Truist Bank, a leading U.S. commercial bank, confirmed this week that its systems were breached in an October 2023 cyberattack after a threat actor posted some of the company's data for sale on a hacking forum. | Incindent | |
| 15.6.24 | New York Times warns freelancers of GitHub repo data breach | The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and leaked after its GitHub repositories were breached in January 2024. | Incindent | |
| 14.6.24 | Life360 says hacker tried to extort them after Tile data breach | Safety and location services company Life360 says it was the target of an extortion attempt after a threat actor breached and stole sensitive information from a Tile customer support platform. | Incindent | |
| 14.6.24 | City of Cleveland shuts down IT systems after cyberattack | The City of Cleveland, Ohio, is currently dealing with a cyberattack that has forced it to take citizen-facing services offline, including the public offices and facilities at Erieview and the City Hall. | Incindent | |
| 13.6.24 | Pure Storage confirms data breach after Snowflake account hack | Pure Storage, a leading provider of cloud storage systems and services, confirmed on Monday that attackers breached its Snowflake workspace and gained access to what the company describes as telemetry information | Incindent | |
| 13.6.24 | Cylance confirms data breach linked to 'third-party' platform | Cybersecurity company Cylance confirmed the legitimacy of data being sold on a hacking forum, stating that it is old data stolen from a "third-party platform." | Incindent | |
| 13.6.24 | 23andMe data breach under investigation in UK and Canada | Privacy authorities in Canada and the United Kingdom have launched a joint investigation to assess the scope of sensitive customer information exposed in last year's 23andMe data breach. | Incindent | |
| 11.6.24 | Snowflake Breach Exposes 165 Customers' Data in Ongoing Extortion Campaign | As many as 165 customers of Snowflake are said to have had their information potentially exposed as part of an ongoing campaign | Incindent | The Hacker News |
| 9.6.24 | New York Times source code stolen using exposed GitHub token | Internal source code and data belonging to The New York Times was leaked on the 4chan message board after being stolen from the company's GitHub repositories in January 2024, The Times confirmed to BleepingComputer. | Incindent | |
| 9.6.24 | Frontier warns 750,000 of a data breach after extortion threats | Frontier Communications is warning 750,000 customers that their information was exposed in a data breach after an April cyberattack claimed by the RansomHub ransomware operation. | Incindent | |
| 8.6.24 | Advance Auto Parts stolen data for sale after Snowflake attack | Threat actors claim to be selling 3TB of data from Advance Auto Parts, a leading automotive aftermarket parts provider, stolen after breaching the company's Snowflake account. | Incindent | |
| 8.6.24 | Check-in terminals used by thousands of hotels leak guest info | Ariane Systems self check-in systems installed at thousands of hotels worldwide are vulnerable to a kiosk mode bypass flaw that could allow access to guests' personal information and the keys for other rooms. | Incindent | |
| 8.6.24 | Club Penguin fans breached Disney Confluence server, stole 2.5GB of data | Club Penguin fans hacked a Disney Confluence server to steal information about their favorite game but wound up walking away with 2.5 GB of internal corporate data, BleepingComputer has learned. | Incindent | |
| 8.6.24 | Collection agency FBCS ups data breach tally to 3.2 million people | Debt collection agency Financial Business and Consumer Solutions (FBCS) now says over 3.2 million people have been impacted by a data breach that occurred in February. | Incindent | |
| 8.6.24 | Data firm execs convicted for helping fraudsters target the elderly | A former senior executive and former sales manager of Epsilon Data Management LLC (Epsilon) were convicted of selling data of millions of Americans to perpetrators of mail fraud schemes. | Incindent | |
| 8.6.24 | 361 million stolen accounts leaked on Telegram added to HIBP | A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check if their accounts have been compromised. | Incindent | |
| 3.6.24 | Ticketmaster confirms massive breach after stolen data for sale online | Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. | Incindent | |
3.6.24 | Snowflake account hacks linked to Santander, Ticketmaster breaches | A threat actor claiming recent Santander and Ticketmaster breaches says they stole data after hacking into an employee's account at cloud storage company Snowflake. However, Snowflake disputes these claims, saying recent breaches were caused by poorly secured customer accounts. | Incindent | |
2.6.24 | Ticketmaster confirms massive breach after stolen data for sale online | Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. | ||
2.6.24 | Snowflake account hacks linked to Santander, Ticketmaster breaches | A threat actor claiming recent Santander and Ticketmaster breaches says they stole data after hacking into an employee's account at cloud storage company Snowflake. | ||
1.6.24 | ShinyHunters claims Santander breach, selling data for 30M customers | A threat actor known as ShinyHunters is claiming to be selling a massive trove of Santander Bank data, including information for 30 million customers, employees, and bank account data, two weeks after the bank reported a data breach. | Incindent | |
1.6.24 | Data of 560 million Ticketmaster customers for sale after alleged breach | A threat actor known as ShinyHunters is selling what they claim is the personal and financial information of 560 million Ticketmaster customers on the recently revived BreachForums hacking forum for $500,000. | Incindent | |
1.6.24 | Everbridge warns of corporate systems breach exposing business data | Everbridge, an American software company focused on crisis management and public warning solutions, notified customers that unknown attackers had accessed files containing business and user data in a recent corporate systems breach. | Incindent | |
1.6.24 | Cooler Master confirms customer info stolen in data breach | Computer hardware manufacturer Cooler Master has confirmed that it suffered a data breach on May 19, allowing a threat actor to steal customer data. | Incindent | |
1.6.24 | BBC suffers data breach impacting current, former employees | The BBC has disclosed a data security incident that occurred on May 21, involving unauthorized access to files hosted on a cloud-based service, compromising the personal information of BBC Pension Scheme members. | Incindent | |
1.6.24 | Cooler Master hit by data breach exposing customer information | Computer hardware manufacturer Cooler Master has suffered a data breach after a threat actor breached the company's website and claimed to steal the Fanzone member information of 500,000 customers. | Incindent | |
31.5.24 | First American December data breach impacts 44,000 people | First American Financial Corporation, the second-largest title insurance company in the United States, revealed on Tuesday that a December cyberattack led to a breach impacting 44,000 individuals. | Incindent | |
30.5.24 | Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud | Okta is warning that a cross-origin authentication feature in Customer Identity Cloud (CIC) is susceptible to credential stuffing | Incindent | The Hacker News |
29.5.24 | Christie’s confirms breach after RansomHub threatens to leak data | Christie's confirmed that it suffered a security incident earlier this month after the RansomHub extortion gang claimed responsibility and threatened to leak stolen data. | Incindent | |
29.5.24 | Hackers target Check Point VPNs to breach enterprise networks | Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company warned in a Monday advisory. | Incindent | |
29.5.24 | Sav-Rx discloses data breach impacting 2.8 million Americans | Prescription management company Sav-Rx is warning over 2.8 million people in the United States that it suffered a data breach, stating that their personal data was stolen in a 2023 cyberattack. | Incindent | |
26.5.24 | Cencora data breach exposes US patient info from 8 drug companies | Some of the largest drug companies in the world have disclosed data breaches due to a February 2024 cyberattack at Cencora, whom they partner with for pharmaceutical and business services. | Incindent | |
25.5.24 | Intercontinental Exchange to pay $10M SEC penalty over VPN breach | The Intercontinental Exchange (ICE) will pay a $10 million penalty to settle charges brought by the U.S. Securities and Exchange Commission (SEC) after failing to ensure its subsidiaries promptly reported an April 2021 VPN security breach. | Incindent | |
25.5.24 | Western Sydney University data breach exposed student data | Western Sydney University (WSU) has notified students and academic staff about a data breach after threat actors breached its Microsoft 365 and Sharepoint environment. | Incindent | |
19.5.24 | WebTPA data breach impacts 2.4 million insurance policyholders | The WebTPA Employer Services (WebTPA) data breach disclosed earlier this month is impacting close to 2.5 million individuals, the U.S. Department of Health and Human Services notes. | Incindent | |
18.5.24 | Norway recommends replacing SSL VPN to prevent breaches | The Norwegian National Cyber Security Centre (NCSC) recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related vulnerabilities in edge network devices to breach corporate networks. | Incindent | |
18.5.24 | MediSecure e-script firm hit by ‘large-scale’ ransomware data breach | Electronic prescription provider MediSecure in Australia has shut down its website and phone lines following a ransomware attack believed to originate from a third-party vendor. | Incindent | |
18.5.24 | Nissan North America data breach impacts over 53,000 employees | Nissan North America (Nissan) suffered a data breach last year when a threat actor targeted the company's external VPN and shut down systems to receive a ransom. | Incindent | |
18.5.24 | Banco Santander warns of a data breach exposing customer info | Banco Santander S.A. announced it suffered a data breach impacting customers after an unauthorized actor accessed a database hosted by one of its third-party service providers. | Incindent | |
18.5.24 | Singing River Health System: Data of 895,000 stolen in ransomware attack | The Singing River Health System is warning that it is now estimating that 895,204 people are impacted by a ransomware attack it suffered in August 2023. | Incindent | |
18.5.24 | Helsinki suffers data breach after hackers exploit unpatched flaw | The City of Helsinki is investigating a data breach in its education division, which it discovered in late April 2024, impacting tens of thousands of students, guardians, and personnel. | Incindent | |
18.5.24 | Largest non-bank lender in Australia warns of a data breach | Firstmac Limited is warning customers that it suffered a data breach a day after the new Embargo cyber-extortion group leaked over 500GB of data allegedly stolen from the firm. | Incindent | |
12.5.24 | The Post Millennial hack leaked data impacting 26 million people | Have I Been Pwned has added the information for 26,818,266 people whose data was leaked in a recent hack of The Post Millennial conservative news website. | Incindent | |
12.5.24 | Dell API abused to steal 49 million customer records in data breach | The threat actor behind the recent Dell data breach revealed they scraped information of 49 million customer records using an partner portal API they accessed as a fake company. | Incindent | |
11.5.24 | British Columbia investigating cyberattacks on government networks | The Government of British Columbia is investigating multiple "cybersecurity incidents" that have impacted the Canadian province's government networks. | Incindent | |
11.5.24 | Dell warns of data breach, 49 million customers allegedly affected | Dell is warning customers of a data breach after a threat actor claimed to have stolen information for approximately 49 million customers. | Incindent | |
11.5.24 | Ascension healthcare takes systems offline after cyberattack | Ascension, one of the largest private healthcare systems in the United States, has taken some of its systems offline to investigate what it describes as a "cyber security event." | Incindent | |
| 8.5.24 | BetterHelp to pay $7.8 million to 800,000 in health data sharing settlement | BetterHelp has agreed to pay $7.8 million in a settlement agreement with the U.S. Federal Trade Commission (FTC) over allegations of misusing and sharing consumer health data for advertising purposes. | Incindent | |
| 5.5.24 | DropBox says hackers stole customer data, auth secrets from eSignature service | Cloud storage firm DropBox says hackers breached production systems for its DropBox Sign eSignature platform and gained access to authentication tokens, MFA keys, hashed passwords, and customer information. | Incindent | |
| 5.5.24 | Panda Restaurants discloses data breach after corporate systems hack | Panda Restaurant Group, the parent company of Panda Express, Panda Inn, and Hibachi-San, disclosed a data breach after attackers compromised its corporate systems in March and stole the personal information of an undisclosed number of individuals. | Incindent | |
| 5.5.24 | Qantas app exposed sensitive traveler details to random users | Qantas Airways confirms that some of its customers were impacted by a misconfiguration in its app that exposed sensitive information and boarding passes to random users. | Incindent | |
| 5.5.24 | Philadelphia Inquirer: Data of over 25,000 people stolen in 2023 breach | Daily newspaper Philadelphia Inquirer revealed that attackers behind a May 2023 security breach have stolen the personal and financial information of 25,549 individuals. | Incindent | |
| 4.5.24 | Change Healthcare hacked using stolen Citrix account with no MFA | UnitedHealth confirms that Change Healthcare's network was breached by the BlackCat ransomware gang, who used stolen credentials to log into the company's Citrix remote access service, which did not have multi-factor authentication enabled. | Incindent | |
| 4.5.24 | London Drugs pharmacy chain closes stores after cyberattack | Canadian pharmacy chain London Drugs has closed all its retail stores to contain what it described as a "cybersecurity incident." | Incindent | |
| 4.5.24 | Collection agency FBCS warns data breach impacts 1.9 million people | Financial Business and Consumer Solutions (FBCS) is warning 1,955,385 impacted individuals in the United States that the company suffered a data breach after discovering unauthorized access to specific systems in its network. | Incindent | |
| 4.5.24 | Kaiser Permanente: Data breach may impact 13.4 million patients | Healthcare service provider Kaiser Permanente disclosed a data security incident that may impact 13.4 million people in the United States. | Incindent | |
| 2.5.24 | Dropbox Discloses Breach of Digital Signature Service Affecting All Users | Cloud storage services provider Dropbox on Wednesday disclosed that Dropbox Sign (formerly HelloSign) was breached by | Incindent | The Hacker News |
| 20.4.24 | United Nations agency investigates ransomware attack, data theft | The United Nations Development Programme (UNDP) is investigating a cyberattack after threat actors breached its IT systems to steal human resources data. | Incindent | |
| 19.4.24 | Frontier Communications shuts down systems after cyberattack | American telecom provider Frontier Communications is restoring systems after a cybercrime group breached some of its IT systems in a recent cyberattack. | Incindent | |
| 19.4.24 | 840-bed hospital in France postpones procedures after cyberattack | The Hospital Simone Veil in Cannes (CHC-SV) has announced that it was targeted by a cyberattack on Tuesday morning, severely impacting its operations and forcing staff to go back to pen and paper. | Incindent | |
| 17.4.24 | Cerebral to pay $7 million settlement in Facebook pixel data leak case | The U.S. Federal Trade Commission has reached a settlement with telehealth firm Cerebral in which the company will pay $7,000,000 over allegations of mishandling people's sensitive health data. | Incindent | |
| 17.4.24 | UnitedHealth: Change Healthcare cyberattack caused $872 million loss | UnitedHealth Group reported an $872 million impact on its Q1 earnings due to the ransomware attack disrupting the U.S. healthcare system since February. | Incindent | BleepingComputer |
| 16.4.24 | Chipmaker Nexperia confirms breach after ransomware gang leaks data | Dutch chipmaker Nexperia confirmed late last week that hackers breached its network in March 2024 after a ransomware gang leaked samples of allegedly stolen data. | Incindent | |
| 16.4.24 | Cisco Duo warns third-party data breach exposed SMS MFA logs | Cisco Duo's security team warns that hackers stole some customers' VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack on their telephony provider. | Incindent | |
| 14.4.24 | Hacker claims Giant Tiger data breach, leaks 2.8M records online | Canadian retail chain Giant Tiger disclosed a data breach in March 2024. A threat actor has now publicly claimed responsibility for the data breach and leaked 2.8 million records on a hacker forum that they claim are of Giant Tiger customers. | Incindent | |
| 14.4.24 | Roku warns 576,000 accounts hacked in new credential stuffing attacks | Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after disclosing another incident that compromised 15,000 accounts in early March. | Incindent | |
| 14.4.24 | OpenTable is adding your first name to previously anonymous reviews | Restaurant reservation platform OpenTable says that all reviews on the platform will no longer be fully anonymous starting May 22nd and will now show members' profile pictures and first names. | Incindent | |
| 13.4.24 | AT&T now says data breach impacted 51 million customers | AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained. | Incindent | |
| 11.4.24 | Cyberattack on UK’s CVS Group disrupts veterinary operations | UK veterinary services provider CVS Group has announced that it suffered a cyberattack that disrupted IT services at its practices across the country. | Incindent | |
| 8.4.24 | Home Depot confirms third-party data breach exposed employee info | Home Depot has confirmed that it suffered a data breach after one of its SaaS vendors mistakenly exposed a small sample of limited employee data, which could potentially be used in targeted phishing attacks. | Incindent | |
| 7.4.24 | Acuity confirms hackers stole non-sensitive govt data from GitHub repos | Acuity, a federal contractor that works with U.S. government agencies, has confirmed that hackers breached its GitHub repositories and stole documents containing old and non-sensitive data. | Incindent | |
| 7.4.24 | US cancer center data breach exposes info of 827,000 patients | Cancer treatment and research center City of Hope is warning that a data breach exposed the sensitive information of over 820,000 patients. | Incindent | BleepingComputer |
| 6.4.24 | SurveyLama data breach exposes info of 4.4 million users | Data breach alerting service Have I Been Pwned (HIBP) warns that SurveyLama suffered a data breach in February 2024, which exposed the sensitive data of 4.4 million users. | Incindent | |
| 6.4.24 | Omni Hotels confirms cyberattack behind ongoing IT outage | Omni Hotels & Resorts has confirmed a cyberattack caused a nationwide IT outage that is still affecting its locations. | Incindent | |
| 6.4.24 | AT&T faces lawsuits over data breach affecting 73 million customers | AT&T is facing multiple class-action lawsuits following the company's admission to a massive data breach that exposed the sensitive data of 73 million current and former customers. | Incindent | |
| 4.4.24 | Omni Hotels experiencing nationwide IT outage since Friday | Omni Hotels & Resorts has been experiencing a chain-wide outage that brought down its IT systems on Friday, impacting reservation, hotel room door lock, and point-of-sale (POS) systems. | Incindent | |
| 4.4.24 | OWASP discloses data breach caused by wiki misconfiguration | The OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server. | Incindent | |
| 4.4.24 | Yacht retailer MarineMax discloses data breach after cyberattack | MarineMax, self-described as one of the world's largest recreational boat and yacht retailers, says attackers stole employee and customer data after breaching its systems in a March cyberattack. | Incindent | |
| 4.4.24 | Shopping platform PandaBuy data leak impacts 1.3 million users | Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems. | Incindent | |
| 31.3.24 | AT&T confirms data for 73 million customers leaked on hacker forum | AT&T has finally confirmed it is impacted by a data breach affecting 73 million current and former customers after initially denying the leaked data originated from them. | Incindent | |
| 27.3.24 | Panera Bread experiencing nationwide IT outage since Saturday | Since Saturday, U.S. food chain giant Panera Bread has been experiencing a nationwide outage that has impacted its IT systems, including online ordering, POS systems, phones, and various internal systems. | Incindent | |
| 23.3.24 | Unsaflok flaw can let hackers unlock millions of hotel doors | Security vulnerabilities in over 3 million Saflok electronic RFID locks deployed in 13,000 hotels and homes worldwide allowed researchers to easily unlock any door in a hotel by forging a pair of keycards. | Incindent | |
| 21.3.24 | Ukraine arrests hackers trying to sell 100 million stolen accounts | The Ukrainian cyber police, in collaboration with investigators from the national police (ГУНП), have arrested three individuals who are accused of hijacking over 100 million emails and Instagram accounts worldwide. | Incindent | |
| 21.3.24 | Chinese Earth Krahang hackers breach 70 orgs in 23 countries | A sophisticated hacking campaign attributed to a Chinese Advanced Persistent Threat (APT) group known as 'Earth Krahang' has breached 70 organizations and targeted at least 116 across 45 countries. | Incindent | |
| 21.3.24 | Fujitsu found malware on IT systems, confirms data breach | Japanese tech giant Fujitsu discovered that several of its systems were infected by malware and warns that the hackers stole customer data. | Incindent | |
| 21.3.24 | AT&T says leaked data of 70 million people is not from its systems | AT&T says a massive trove of data impacting 71 million people did not originate from its systems after a hacker leaked it on a cybercrime forum and claimed it was stolen in a 2021 breach of the company. | Incindent | |
| 17.3.24 | International Monetary Fund email accounts hacked in cyberattack | The International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11 IMF email accounts earlier this year. | Incindent | |
| 16.3.24 | French unemployment agency data breach impacts 43 million people | France Travail, formerly known as Pôle Emploi, is warning that hackers breached its systems and may leak or exploit personal details of an estimated 43 million individuals. | Incindent | |
| 14.3.24 | Acer confirms Philippines employee data leaked on hacking forum | Acer Philippines confirmed that employee data was stolen in an attack on a third-party vendor who manages the company's employee attendance data after a threat actor leaked the data on a hacking forum. | Incindent | |
| 13.3.24 | Over 12 million auth secrets and keys leaked on GitHub in 2023 | GitHub users accidentally exposed 12.8 million authentication and sensitive secrets in over 3 million public repositories during 2023, with the vast majority remaining valid after five days. | Incindent | |
| 13.3.24 | Okta says data leaked on hacking forum not from its systems | Okta denies that its company data was leaked after a threat actor shared files allegedly stolen during an October 2023 cyberattack on a hacker forum. | Incindent | |
| 13.3.24 | Researchers expose Microsoft SCCM misconfigs usable in cyberattacks | Security researchers have created a knowledge base repository for attack and defense techniques based on improperly setting up Microsoft's Configuration Manager, which could allow an attacker to execute payloads or become a domain controller. | Incindent | |
| 13.3.24 | Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware | Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions. | Incindent | |
| 10.3.24 | UnitedHealth brings some Change Healthcare pharmacy services back online | Optum's Change Healthcare has started to bring systems back online after suffering a crippling BlackCat ransomware attack last month that led to widespread disruption to the US healthcare system. | Incindent | |
| 10.3.24 | PetSmart warns of credential stuffing attacks trying to hack accounts | Pet retail giant PetSmart is warning some customers their passwords were reset due to an ongoing credential stuffing attack attempting to breach accounts. | Incindent | |
| 6.3.24 | American Express credit cards exposed in third-party data breach | American Express is warning customers that credit cards were exposed in a third-party data breach after a merchant processor was hacked. | Incindent | |
| 3.3.24 | Golden Corral restaurant chain data breach impacts 183,000 people | The Golden Corral American restaurant chain disclosed a data breach after attackers behind an August cyberattack stole the personal information of over 180,000 people. | Incindent | |
| 3.3.24 | 20 million Cutout.Pro user records leaked on data breach forum | AI service Cutout.Pro has suffered a data breach exposing the personal information of 20 million members, including email addresses, hashed and salted passwords, IP addresses, and names. | Incindent | |
| 2.3.24 | Pharmaceutical giant Cencora says data was stolen in a cyberattack | Pharmaceutical giant Cencora says they suffered a cyberattack where threat actors stole data from corporate IT systems. | Incindent | |
| 29.2.24 | UnitedHealth subsidiary Optum hack linked to BlackCat ransomware | A cyberattack on UnitedHealth Group subsidiary Optum that led to an ongoing outage impacting the Change Healthcare payment exchange platform was linked to the BlackCat ransomware group by sources familiar with the investigation. | Incindent | |
| 29.2.24 | Steel giant ThyssenKrupp confirms cyberattack on automotive division | Steel giant ThyssenKrupp confirms that hackers breached systems in its Automotive division last week, forcing them to shut down IT systems as part of its response and containment effort. | Incindent | |
| 25.2.24 | U-Haul says hacker accessed customer records using stolen creds | U-Haul has started informing customers that a hacker used stolen account credentials to access an internal system for dealers and team members to track customer reservations. | Incindent | |
| 25.2.24 | UnitedHealth confirms Optum hack behind US healthcare billing outage | Healthcare giant UnitedHealth Group confirmed that its subsidiary Optum was forced to shut down IT systems and various services after a cyberattack by "nation-state" hackers on the Change Healthcare platform. | Incindent | |
| 24.2.24 | Microsoft expands free logging capabilities after May breach | Microsoft has expanded free logging capabilities for all Purview Audit standard customers, including U.S. federal agencies, six months after disclosing that Chinese hackers stole U.S. government emails undetected in an Exchange Online breach between May and June 2023. | Incindent | |
| 23.2.24 | Wyze camera glitch gave 13,000 users a peek into other homes | Wyze shared more details on a security incident that impacted thousands of users on Friday and said that at least 13,000 customers could get a peek into other users' homes. | Incindent | |
| 21.2.24 | Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know | The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. | Incindent | The Hacker News |
| 18.2.24 | German battery maker Varta halts production after cyberattack | Battery maker VARTA AG announced yesterday that it was targeted by a cyberattack that forced it to shut down IT systems, causing production to stop at its plants. | Incindent | |
| 18.2.24 | Prudential Financial breached in data theft cyberattack | Prudential Financial has disclosed that its network was breached last week, with the attackers stealing employee and contractor data before being blocked from compromised systems one day later. | Incindent | |
| 17.2.24 | Integris Health says data breach impacts 2.4 million patients | Integris Health has reported to U.S. authorities that the data breach it suffered last November exposed personal information belonging to almost 2.4 million people. | Incindent | |
| 17.2.24 | Bank of America warns customers of data breach after vendor hack | Bank of America is warning customers of a data breach exposing their personal information after one of its service providers was hacked last year. | Incindent | |
| 9.2.24 | Data breaches at Viamedis and Almerys impact 33 million in France | Data breaches at two French healthcare payment service providers, Viamedis and Almerys, have now been determined to impact over 33 million people in the country. | Incindent | |
| 7.2.24 | Data breach at French healthcare services firm puts millions at risk | French healthcare services firm Viamedis suffered a cyberattack that exposed the data of policyholders and healthcare professionals in the country. | Incindent | |
| 7.2.24 | Verizon insider data breach hits over 63,000 employees | Verizon Communications is warning that an insider data breach impacts almost half its workforce, exposing sensitive employee information. | Incindent | |
| 7.2.24 | Hackers steal data of 2 million in SQL injection, XSS attacks | A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site scripting (XSS) attacks. | Incindent | |
| 7.2.24 | HPE investigates new breach after data for sale on hacking forum | Hewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information. | Incindent | |
| 6.2.24 | Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data | Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented | Incindent | The Hacker News |
| 4.2.24 | Clorox says cyberattack caused $49 million in expenses | Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident. | Incindent | |
| 4.2.24 | AnyDesk says hackers breached its production servers, reset passwords | AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack. | Incindent | BleepingComputer |
| 4.2.24 | Lurie Children's Hospital took systems offline after cyberattack | Lurie Children's Hospital in Chicago was forced to take IT systems offline after a cyberattack, disrupting normal operations and delaying medical care in some instances. | Incindent | |
| 4.2.24 | FTC orders Blackbaud to boost security after massive data breach | Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. | Incindent | |
| 4.2.24 | Cloudflare hacked using auth tokens stolen in Okta attack | Cloudflare disclosed today that its internal Atlassian server was breached by a suspected 'nation state attacker' who accessed its Confluence wiki, Jira bug database, and Bitbucket source code management system. | Incindent | |
3.2.24 | Europcar denies data breach of 50 million users, says data is fake | Car rental company Europcar says it has not suffered a data breach and that shared customer data is fake after a threat actor claimed to be selling the personal info of 50 million customers. | Incindent | |
3.2.24 | A mishandled GitHub token exposed Mercedes-Benz source code | A mishandled GitHub token gave unrestricted access to Mercedes-Benz's internal GitHub Enterprise Service, exposing source code to the public. | Incindent | |
3.2.24 | Citibank sued over failure to defend customers against hacks, fraud | New York Attorney General Letitia James sued Citibank over its alleged failure to defend customers against hacks and scams and refusal to reimburse victims after allowing fraudsters to steal millions from their accounts. | Incindent | |
3.2.24 | Keenan warns 1.5 million people of data breach after summer cyberattack | Keenan & Associates is sending notices of a data breach to 1.5 million customers, warning that hackers accessed their personal information in a recent cyberattack. | Incindent | |
3.2.24 | AnyDesk Hacked: Popular Remote Desktop Software Mandates Password Reset | Remote desktop software maker AnyDesk disclosed on Friday that it suffered a cyber attack that led to a compromise of its production systems. The German | Incindent | The Hacker News |
3.2.24 | Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs | Cloudflare has revealed that it was the target of a likely nation-state attack in which the threat actor leveraged stolen credentials to gain unauthorized | Incindent | The Hacker News |
2.2.24 | Keenan warns 1.5 million people of data breach after summer cyberattack | Keenan & Associates is sending notices of a data breach to 1.5 million customers, warning that hackers accessed their personal information in a recent cyberattack. | Incindent | |
| 1.2.24 | 23andMe data breach: Hackers stole raw genotype data, health reports | Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27. | Incindent | |
1.2.24 | HPE: Russian hackers breached its security team’s email accounts | Hewlett Packard Enterprise (HPE) disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments. | Incindent | |
31.1.24 | Trello API abused to link email addresses to 15 million accounts | An exposed Trello API allows linking private email addresses with Trello accounts, enabling the creation of millions of data profiles containing both public and private information. | Incindent | |
31.1.24 | loanDepot cyberattack causes data breach for 16.6 million people | Mortgage lender loanDepot says that approximately 16.6 million people had their personal information stolen in a ransomware attack disclosed earlier this month. | Incindent | |
23.1.24 | BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time | Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and administrator of | Incindent | The Hacker News |
21.1.24 | Russian hackers stole Microsoft corporate emails in month-long breach | Microsoft warned Friday night that some of its corporate email accounts were breached and data stolen by a Russian state-sponsored hacking group known as Midnight Blizzard. | Incindent | |
20.1.24 | Kansas State University cyberattack disrupts IT network and services | Kansas State University (K-State) announced it is managing a cybersecurity incident that has disrupted certain network systems, including VPN, K-State Today emails, and video services on Canvas and Mediasite. | Incindent | |
12.1.24 | Framework discloses data breach after accountant gets phished | Framework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, fell victim to a phishing attack. | Incindent | |
12.1.24 | Halara probes breach after hacker leaks data for 950,000 people | Popular athleisure clothing brand Halara is investigating a data breach after the alleged data of almost 950,000 customers was leaked on a hacking forum. | Incindent | |
11.1.24 | Fake 401K year-end statements used to steal corporate credentials | Threat actors are using communication about personal pension accounts (the 401(k) plans in the U.S.), salary adjustments, and performance reports to steal company employees' credentials. | Incindent | BleepingComputer |
9.1.24 | Securing helpdesks from hackers: What we can learn from the MGM breach | In the wake of the MGM Resorts service desk hack, it's clear that organizations need to rethink their approach to securing their help desks. Learn more from Specops Software on how to prevent such incidents. | Incindent | |
6.1.24 | Memorial University recovers from cyberattack, delays semester start | The Memorial University of Newfoundland (MUN) continues to deal with the effects of a cyberattack that occurred in late December and postponed the start of classes in one campus. | Incindent | |
4.1.24 | LastPass now requires 12-character master passwords for better security | LastPass notified customers today that they are now required to use complex master passwords with a minimum of 12 characters to increase their accounts' security. | Incindent | |
4.1.24 | Data breach at healthcare tech firm impacts 4.5 million patients | HealthEC LLC, a provider of health management solutions, suffered a data breach that impacts close to 4.5 million individuals who received care through one of the company's customers. | Incindent | |
4.1.24 | Orbit Chain loses $86 million in the last fintech hack of 2023 | Orbit Chain has experienced a security breach that has resulted in a loss of $86 million in cryptocurrency, particularly Ether, Dai, Tether, and USD Coin. | Incindent |