Full List

Search

Recent Breaches

• Patelco Credit Union June 29, 2024 • [ ransomware, malware, finance ] Patelco Credit Union discloses it experienced a ransomware attack that led to the proactive shutdown of several of its customer-facing banking systems to contain the incident's impact.
• Patelco Credit Union June 29, 2024 • [ ransomware, data leak, regulatory action ] Ransomware encrypted Patelco systems on June 29, 2024, causing a near-total outage of digital banking through mid-July and exposing substantial member PII; DFPI later issued a consent order and $100,000 fine with mandated cybersecurity improvements.
• Kadokawa June 28, 2024 • [ ransomware, leak, malware ] Japanese media giant Kadokawa confirms that some of its data was leaked in a ransomware attack early June 2024. The BlackSuit ransomware gang claims responsibility for the attack.
• Bloom Health Centers June 28, 2024 • [ hack, phishing, healthcare ] Psych Associates of Maryland LLC d/b/a Bloom Health Centers ("Bloom Health") discloses a security breach after the compromise of an employee's email.
• Domestic flight in Australia June 28, 2024 • [ hack, phishing ] The AFP charges an Australian man (42) with operating a fake Wi-Fi access point on a domestic flight to steal user credentials and data.
• Pediatric Urology Associates June 28, 2024 • [ ransomware, malware, healthcare ] Pediatric Urology Associates is allegedly hit with a dAn0n ransomware attack.
• Shoe Zone June 28, 2024 • [ hack, malware, retail ] In June 2024, the UK footwear chain Shoe Zone disclosed a data breach that was subsequently posted for sale on a popular hacking forum. The data included over 100k orders containing names, addresses, partial credit card numbers (card type and last 4 digits), and 46k unique email addresses. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker".
• Landmark Admin June 27, 2024 • [ leak, finance ] Life insurance company Landmark Admin sends notifications to an unknown number of individuals about a data breach impacting personal, medical, and insurance information.
• Teamviewer June 27, 2024 TeamViewer, the company that makes widely used remote access tools for companies, confirms an ongoing cyberattack on its corporate network carried out by the Russian state-sponsored actor APT29
• Telecommunication providers in Crimea June 27, 2024 • [ hack, ddos, technology ] Local authorities in Crimea warn of internet disruptions from distributed denial-of-service (DDoS) attacks targeting telecommunication providers.
• University Hospital Centre in Zagreb, a.k.a. KBC Zagreb June 27, 2024 • [ ransomware, malware, healthcare ] The LockBit ransomware gang claims responsibility for a cyberattack on Croatias largest hospital, which forces it to shut down IT systems for a day.
• BudTrader June 27, 2024 • [ hack, misconfiguration ] In July 2024, a data breach of the now defunct cannabis social platform BudTrader was posted for sale on a hacking forum. Dating back to the previous month, the breach of the website exposed 2.7M email addresses, usernames and WordPress password hashes.
• Evolve Bank & Trust June 26, 2024 Evolve Bank & Trust confirms that hackers stole customer information and posted it on the dark web. A LockBit ransomware affiliated is suspected of the attack. Evolve customers like Wise, Affirm, and Mercury are also impacted by the breach.
• Palomar Health Medical Group June 26, 2024 • [ ransomware, malware, healthcare ] Palomar Health Medical Groups (PHMG) phones and computer systems are still down after suspicious activities nearly two months ago.
• The Ambulatory Surgery Center of Westchester June 26, 2024 • [ social, phishing, healthcare ] The Mount Kisco Surgery Center LLC d/b/a The Ambulatory Surgery Center of Westchester ("ASCW") discloses a security breach after the compromise of an employee's email.
• Ticketek Entertainment Group June 26, 2024 The threat actor ShinyHunters claims on a hacking forum the theft of information pertaining to 30 millions of Ticketek Entertainment Group (TEG) users. The breach is likely due to the SnowFlake campaign.
• Humboldt Independent Practice Association (IPA) June 26, 2024 • [ data leak, healthcare, unauthorized access ] Between June 26 and July 1 2024, an unauthorized actor accessed a Humboldt Independent Practice Association email account containing protected health information. Exposed data may include patient names, contact details, birth dates, diagnoses, insurance, and identification numbers. No evidence of encryption or confirmed data exfiltration has been reported. The breach was disclosed to HHS in November 2024 and publicly announced on February 15 2025.
• Alex Lab June 25, 2024 Bitcoin decentralized finance protocol Alex Lab says that a $4 million exploit it suffered last month is likely linked to North Korea Lazarus Group.
• South Africa’s National Health Laboratory Service June 25, 2024 • [ ransomware, malware, healthcare ] South Africas National Health Laboratory Service (NHLS) confirms to be dealing with a ransomware attack.
• Large business-to-business IT service providers in Southern Europe June 25, 2024 • [ espionage, technology ] Researchers from Sentinel One and Tinext Cyber reveal the details of Operation Digital Eye, a suspected China-nexus cyber espionage group attributed to an attacks targeting large business-to-business IT service providers in Southern Europe.