Portend Breaches

Westmoreland County October 16, 2024 • [ social, phishing, government ] Municipal Authority of Westmoreland County officials say the water and sewer utility has recovered more than $826,000 that was stolen in what it called a vendor impersonator scheme.

Johnson & Johnson October 16, 2024 • [ leak, finance ] Insurance company Johnson & Johnson discloses a data breach impacting the personal information of thousands of people.

Earth 2 October 16, 2024 In October 2024, 421k unique email addresses from the virtual earth game Earth 2 were derived from embedded Gravatar images. Appearing alongside player usernames, the root cause was related to how Gravatar presents links to avatars as MD5 hashes within consuming services, a feature Earth 2 advised has now been disabled on their platform. This incident did not expose any further personal information, passwords or financial data.

Volkswagen Group October 15, 2024 • [ ransomware, malware, manufacturing ] The Volkswagen Group issues a statement after the 8Base ransomware group claims to have stolen valuable information from the carmakers systems.

AnnieMac Home Mortgage October 15, 2024 • [ leak, finance ] New Jersey-based mortgage loan provider AnnieMac Home Mortgage (American Neighborhood Mortgage Acceptance Company) informs over 171,000 individuals of a recent data breach.

Japan's ruling Liberal Democratic Party (LDP) October 15, 2024 • [ hack, ddos, government ] Japan's ruling Liberal Democratic Party (LDP) reports that a cyberattack temporarily disrupted its website, coinciding with the start of the countrys general election campaign.

Finsure October 15, 2024 • [ leak, misconfiguration, finance ] In October 2024, almost 300k unique email addresses from Australian mortgage broking group Finsure were obtained from the ActivePipe real estate marketing platform. The impacted data also included names, phone numbers and physical addresses. The incident did not directly affect any of Finsure's systems or expose any passwords or financial data.

Flat Earth Sun, Moon and Zodiac App October 15, 2024 • [ leak, misconfiguration, technology ] In October 2024, the flat earth sun, moon and zodiac app created by Flat Earth Dave was found to be leaking extensive personal information of its users. The data included 33k unique email addresses along with usernames, latitudes and longitudes (their position on the globe) and passwords stored in plain text. A small number of profiles also contained names, dates of birth and genders.

Cisco October 14, 2024 Cisco confirms to be investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum. Few days later the company confirms the breach and takes offline the DevHub portal.

Central Tickets October 14, 2024 • [ leak ] Central Tickets confirms a data breach occurred in July 2024.

Novaya Gazeta Europe October 14, 2024 • [ hack, ddos, technology ] The Russian independent media outlet Novaya Gazeta Europe is targeted by several large-scale distributed denial-of-service (DDoS) attacks, temporarily knocking its website offline.

Japanese logistics and shipbuilding firms, and other government and political organizations October 14, 2024 Researchers at Netscout reveal that the same groups launched distributed denial-of-service (DDoS) attacks at Japanese logistics and shipbuilding firms as well as government and political organizations

The Club Penguin Experience October 14, 2024 • [ leak, technology ] In October 2024, The Club Penguin Experience (TCPE) suffered a data breach. The incident exposed over 6k subscribers' email addresses alongside usernames, age groups, passwords stored as bcrypt hashes and in some cases, plain text password hints. TCPE sent prompt disclosure notices to impacted customers following the breach.

Game Freak October 12, 2024 • [ leak, technology ] Japanese video game developer Game Freak confirms it suffered a cyberattack in August after source code and game designs for unpublished games were leaked online.

Government sites and nuclear facilities in Iran October 12, 2024 • [ hack, ddos, government ] Government sites and nuclear facilities in Iran are hit by disruptive cyberattacks.

America First Policy Institute October 11, 2024 America First Policy Institute, a conservative think tank, is targeted with a cyber attack.

North Caucasus Federal University October 11, 2024 • [ hack, espionage, education ] Ukraines military intelligence announced that they hacked the systems of North Caucasus Federal University, the Russian university that trains drone operators, digital communication specialists, engineers, and physicists for its army.

Russian general jurisdiction courts October 11, 2024 • [ hack, ddos, government ] The websites of Russian general jurisdiction courts are down for several days following a cyberattack claimed by pro-Ukrainian hackers from BO Team.

Calgary Public Library October 11, 2024 • [ hack, education ] Calgary Public Library is forced to provide limited access to services following a cyberattack.

Maxar Space Systems October 11, 2024 • [ hack, leak, manufacturing ] U.S. satellite maker Maxar Space Systems reveals that threat actors breached its systems and accessed personal data belonging to its employees, the company informs in a notification to impacted individuals.

Recent Breaches