Portend Breaches

Organizations in Israel October 31, 2024 • [ espionage, malware, technology ] Researchers at Check Point reveal that the threat actor dubber WIRTE, affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks with the SameCoin malware that exclusively target Israeli entities.

City of McKinney, Texas October 31, 2024 • [ ransomware, data leak ] Ransomware group INC claimed responsibility for breaching the City of McKinney, Texas, beginning October 31, 2024. Officials confirmed that personal and health data of approximately 17,751 individuals were exfiltrated. The city discovered the breach on November 14, 2024, and publicly reported it in February 2025. No encryption was reported.

Finastra October 31, 2024 • [ compromised credentials, data leak ] Intruder used compromised credentials to access Finastras SFTP/Aspera platform, copied files on Oct 31, 2024, and maintained access until Nov 8. A forum post later advertised ~400 GB of alleged Finastra data. Finastra isolated the platform, said there was no malware/ransomware and no impact to core operations, and began notifications in Feb 2025.

City of Sheboygan October 31, 2024 • [ ransomware, data leak ] 67,000+ residents PII including SSNs, state IDs, license plate numbers were accessed during an Oct 31, 2024 ransomware incident; breach letters filed May 2025.

Saint Xavier University October 30, 2024 • [ leak, education ] Saint Xavier University starts notifying over 210,000 individuals that their personal information was compromised in a data breach in July 2023.

Interbank October 30, 2024 Interbank, one of Peru's leading financial institutions, confirms a data breach after a threat actor who hacked into its systems leaked stolen data online.

CR&R Environmental Services (CR&R Incorporated) October 30, 2024 • [ hack, financial ] CR&R discovered unauthorized access on October 30, 2024, affecting ~9,895 individuals. Notifications were issued December 26, 2024. Data included sensitive PII such as SSNs, drivers license and financial account data.

Andy Ayrey's social media account October 29, 2024 Threat actors hack Truth Terminal founder Andy Ayrey's social media account to promote a fraudulent token "IB."

Tver Administration's Network October 29, 2024 • [ hack, malware, government ] A group with the moniker of Ukrainian Cyber Alliance claims to have taken down the Tver administration's network and to have wiped out dozens of virtual machines, backup storage, websites, email, and hundreds of workstations.

Newpark Resources October 29, 2024 • [ ransomware, malware, energy ] Newpark Resources, a key supplier for oilfields says a ransomware attack caused disruptions and limited access to certain systems.

Energy Capital Credit Union October 29, 2024 • [ data leak ] Energy Capital Credit Union disclosed unauthorized access to certain systems occurring between October 29 and November 19, 2024, which was discovered in 2025. State breach filings reported 49,664 affected Texas residents; the credit union has not released a nationwide total. The incident involved exposure of member personal, financial, and limited medical information, and no operational disruption was publicly reported.

H&R Block Canada October 28, 2024 The Canada Revenue Agency discovers that threat actors had obtained confidential data used by one of the country's largest tax preparation firms, H&R Block Canada.

AEP October 28, 2024 • [ ransomware, malware, retail ] German pharmaceutical distributor AEP is hit with a ransomware attack.

San Joaquin County Superior Court October 28, 2024 • [ hack, government ] The San Joaquin County Superior Court says that nearly all of its digital services are knocked offline due to a cyberattack.

UK councils of Hemel Hempstead, St Albans, Salford, Bury, Trafford, Tameside, Dudley, Portsmouth and Middlesborough October 28, 2024 The Russian group NoName057(16) claims responsibility for a DDoS campaign in retaliation for British military support for Ukraine.

The Eye Clinic Surgicenter October 28, 2024 Meow Leaks adds The Eye Clinic Surgicenter in Montana to their leak site, after the Black Suit threat actors had added the same medical group to their leak site back in June.

SuperDraft October 27, 2024 • [ leak, technology ] In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, transactions, latitudes and longitudes, dates of birth and bcrypt password hashes.

SuperDraft October 27, 2024 • [ leak, technology ] In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, purchases, latitudes and longitudes, dates of birth and bcrypt password hashes.

Fillmore County Hospital October 27, 2024 • [ phishing, data leak ] An unauthorized party accessed an employee email account on 2024-10-27. Investigation completed 2024-12-18. Affected data includes personal, medical, payment, and insurance information. Individuals were notified 2025-02-13.

ZAGG Inc. October 26, 2024 ZAGG informs customers that their credit card data has been exposed to unauthorized individuals after hackers compromised a third-party application provided by the company's e-commerce provider, BigCommerce.

Recent Breaches