Full List

Search

Recent Breaches

• Prosecutor’s Office of the Russian Federation (epp.genproc.gov.ru) April 6, 2024 The RGB group, self-identifying as a hacktivist collective, also has asserts responsibility for breaching the Prosecutors Office of the Russian Federation (epp.genproc.gov.ru). To substantiate their claim, the group leaked an Excel file containing precisely 100,000 lines of information about criminal cases from 2013.
• Home Depot April 6, 2024 • [ leak, misconfiguration, retail ] Home Depot confirms that it suffered a data breach after one of its SaaS vendors mistakenly exposed a small sample of limited employee data, which could potentially be used in targeted phishing attacks.
• The Watergate Hotel April 6, 2024 • [ data leak ] An unauthorized actor accessed and exfiltrated data from The Watergate Hotels network beginning April 6, 2024. The compromised information includes names, SSNs, drivers license numbers, and medical and financial data of approximately 2,220 people. No encryption or service disruption reported.
• boAt April 5, 2024 • [ leak, retail ] A threat actor, with the moniker "ShopifyGUY," leaks personal information belonging to 7.5 million of customers of boAt, a consumer electronics company in India.
• Ogero April 5, 2024 Lebanon's state internet provider Ogero comes under a 10-day cyber attack of suspected Israeli origin.
• Community Clinic of Maui April 5, 2024 • [ ransomware, malware, healthcare ] The Community Clinic of Maui (Mlama) warns more than 123,000 people that their information was accessed by threat actors during a LockBit ransomware attack in May.
• Russia’s prosecutor general April 4, 2024 • [ hack, government ] A group of hacktivists going by the name RGB-TEAM claims responsibility for hacking into the website of Russias prosecutor general, exposing data on criminal offenses committed in Russia over the past 30 years.
• Filipino Department of Science and Technology April 4, 2024 • [ hack, government ] In name of #OpEDSA, a Filipino hacktivist group operating under the pseudonym "ph1ns," breaks into servers owned and operated by the government's Department of Science and Technology and deletes up to 25 terabytes of confidential data and backups.
• NorthBay VacaValley Hospital April 4, 2024 • [ ransomware, malware, healthcare ] The NorthBay VacaValley Hospital in California is forced to turn some patients away due to a ransomware attack.
• Political Parties in Germany April 4, 2024 • [ social, phishing, government ] The German Federal Office for Information Security, or BSI, and the Federal Office for the Protection of the Constitution warn that phishing attacks targeting political parties surged ahead of upcoming European Union elections.
• Muskogee City County Enhanced 911 Trust Authority April 4, 2024 Muskogee City County Enhanced 911 Trust Authority (MCC911) confirms that it experienced a ransomware attack earlier this year.
• At least 12 MPs in the UK April 3, 2024 At least a dozen Westminster insiders are targeted in a WhatsApp phishing attack.
• IT help desks across the Healthcare and Public Health (HPH) sector. April 3, 2024 • [ social, healthcare ] The U.S. Department of Health and Human Services (HHS) warns that threat actors are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector.
• Undisclosed organization(s) or individual(s) April 3, 2024 • [ hack, malware, technology ] Google fixes CVE-2024-29745 and CVE-2024-29748, two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them.
• Ernest Health April 3, 2024 • [ ransomware, malware, healthcare ] Ernest Health rehabilitation hospitals notify patients of a LockBit ransomware attack.
• New Mexico Highlands University April 3, 2024 • [ ransomware, malware, education ] New Mexico Highlands University (NMHU) is forced to cancel all classes after suffering a ransomware attack.
• East Baton Rouge Sheriff's Office April 3, 2024 • [ ransomware, malware, government ] The East Baton Rouge Sheriff's Office is hit with a ransomware attack. The Medusa group claims responsibility.
• Paris Saint-Germain (PSG) April 3, 2024 • [ hack ] Paris Saint-Germain (PSG), the Qatari-owned football team, informs its supporters that a cyberattack targeted the clubs online ticketing service
• Unnamed Philippines-based military company April 3, 2024 • [ espionage, malware, government ] China-linked APT used EggStreme (fileless, DLL-sideloaded) to persist on hosts at a Philippine military firm; EggStremeAgent backdoor + Keylogger enabled reconnaissance, lateral movement, and data theft; activity observed since early 2024; initial access unknown; attribution to a specific group not made.
• Diabetes WA April 2, 2024 • [ leak, healthcare ] Diabetes WA discloses a data breach affecting people who engaged with its telehealth service.