Full List

Search

Recent Breaches

• Cylance June 10, 2024 Cybersecurity company Cylance confirms the legitimacy of data being sold on a hacking forum, stating that it is old data stolen from a "third-party platform" (allegedly Snowflake).
• United Seating and Mobility d/b/a Numotion June 10, 2024 • [ ransomware, malware, manufacturing ] United Seating and Mobility, a provider of wheelchair and mobility equipment that does business as Numotion, discloses that an unauthorized third party had access to its computer systems and used ransomware to encrypt files. 602,000 individuals are affected.
• Pure Storage June 10, 2024 • [ hack, misconfiguration, technology ] Pure Storage, a leading provider of cloud storage systems and services, confirms that attackers breached its Snowflake workspace and gained access to what the company describes as telemetry information.
• Loopring June 9, 2024 • [ financial, misconfiguration, finance ] Loopring announces a security breach involving its two-factor authentication service Guardian, affecting two wallets, with one of them was drained of about $5 million.
• Absolute Telecom June 9, 2024 • [ hack, technology ] GhostR claims to have stolen over 34 gigabytes of data belonging to Singapore-based telecom company Absolute Telecom PTE Ltd.
• mSpy (2024) June 9, 2024 • [ hack, leak, technology ] In June 2024, a huge trove of data from spyware maker mSpy was obtained by hacktivists and published online. Comprising of 142GB of user data and support tickets along with 176GB of more than half a million attachments, the data contained 2.4M unique email addresses, IP addresses names and photos. The data was predominantly support tickets seeking help to install the spyware on target devices, whilst the attachments contained various data including screen grans of financial transactions, photos of credit cards and nude selfies.
• New York Times June 8, 2024 • [ leak, misconfiguration, technology ] The New York Times confirms that internal source code and data was leaked on the 4chan message board after being stolen from the company's GitHub repositories in January 2024.
• CoinGecko June 7, 2024 • [ leak, finance ] CoinGecko, the worlds largest independent cryptocurrency data aggregator, experiences a data breach through its third-party email platform, GetResponse.
• Keesal, Young & Logan June 7, 2024 The law firm Keesal, Young & Logan discloses that it recently detected a data breach, and an investigation showed that more than 316,000 people were impacted. Threat actors may have obtained names, Social Security numbers, drivers license numbers, financial account information and other data.
• Various election-related sites and two political parties in the Netherlands June 6, 2024 • [ hack, ddos, government ] Researchers from Cloudflare report to have mitigated at least three distributed denial of service (DDoS) attack waves on various election-related sites in the Netherlands, as well as several political parties; PVV (Party for Freedom) and FvD (Forum for Democracy). The hacktivist group known as 'HackNeT' took responsibility for the attacks.
• Los Angeles Unified School District June 6, 2024 • [ leak, education ] Los Angeles Unified School District (LAUSD) officials are investigating a threat actor's claims that they're selling stolen databases containing records belonging to millions of students and thousands of teachers. 24 million records are allegedly compromised.
• Alabama Cardiology Group June 6, 2024 • [ hack, healthcare ] Alabama Cardiology Group notifies nearly 281,000 current and past patients, physicians and employees that threat actors stole their sensitive information.
• Dubai Municipality June 5, 2024 • [ leak, government ] Daixin Team adds the Dubai Municipality to its dark web leak site.
• Advance Auto Parts June 5, 2024 A threat actor using the Sp1d3r handle claims to be selling 3TB of data from Advance Auto Parts, a leading automotive aftermarket parts provider, stolen after breaching the company's Snowflake account.
• Disney June 5, 2024 Club Penguin fans hack a Disney Confluence server to steal information about their favorite game and walking away with 2.5 GB of internal corporate data.
• Tech in Asia June 5, 2024 A database owned by Tech in Asia, a prominent technology news outlet focusing on startups and technological innovations across Asia is compromised and leaked by a threat actor known by the pseudonym Sanggiero, linked to the infamous hacking collective, IntelBroker.
• Vietnam Post June 5, 2024 • [ ransomware, malware ] The Vietnam Post is hit with a ransomware attack.
• Town of Arlington June 5, 2024 • [ financial, phishing, government ] The town of Arlington discloses that it had lost nearly $446,000 in a monthslong business email compromise (BEC) scam.
• Santa Barbara Systems June 5, 2024 • [ hack, ddos, manufacturing ] Santa Barbara Systems, a General Dynamics subsidiary in Spain that is refurbishing Leopard tanks for delivery to Ukraine, suffers a cyberattack on its website, by pro-Russia group NoName057(16).
• Advance Auto Parts June 5, 2024 • [ leak, misconfiguration, automotive ] In June 2024, Advance Auto Parts confirmed they had suffered a data breach which was posted for sale to a popular hacking forum. Linked to unauthorised access to Snowflake cloud services, the breach exposed a large number of records related to both customers and employees. In total, 79M unique email addresses were included in the breach, alongside names, phone numbers, addresses and further data attributes related to company employees.