Full List

Search

Recent Breaches

• WoTLabs March 3, 2024 • [ hack, technology ] In March 2024, WoTLabs (World of Tanks Statistics and Resources) suffered a data breach and website defacement attributed to "chromebook breachers". The breach exposed 22k forum members' personal data including email and IP addresses, usernames, dates of birth and time zones.
• Fair Vote Canada March 2, 2024 • [ leak, misconfiguration, government ] In March 2024, the Canadian national citizens' campaign for proportional representation Fair Vote Canada suffered a data breach. The incident was attributed to "a well-meaning volunteer" who inadvertently exposed data from 2020 which included 134k unique email addresses, names, physical addresses, phone numbers and, for some individuals, date and amount of a donation.
• Stock Development LLC March 2, 2024 • [ ransomware, data leak ] Stock Development confirmed network intrusion spanning April 2023 to March 2024. LockBit claimed the breach, posting 1 TB of stolen data. Victims notified beginning January 2025; about 13,147 individuals confirmed. No public confirmation of encryption or forensic attribution beyond the claim.
• Muscatine Power and Water March 1, 2024 • [ ransomware, malware, energy ] Muscatine Power and Water warns the public of a ransomware attack discovered on January 26.
• Mr Green Gaming March 1, 2024 • [ leak, misconfiguration ] Mr Green Gaming, a game community, suffers a breach when an inactive admin account is exploited, resulting in the leak of personal details belonging to 27,000 members.
• Tyler Technologies March 1, 2024 • [ ransomware, malware, technology ] The LockBit ransomware operation claims to have stolen data from the D.C. Department of Insurance, Securities and Banking (DISB), however the agencies denies the claims, and states that the leaked data is from a third-party technology provider.
• Dell March 1, 2024 Dell warns customers of a data breach after a threat actor claimed to have stolen information for approximately 49 million customers.
• Undisclosed Singapore-based firm March 1, 2024 GhostR, a financially motivated criminal group says it has stolen a confidential database containing 5.3 million of records that companies use for screening potential customers for links to sanctions and financial crime from World-Check.
• Life360 March 1, 2024 • [ leak, misconfiguration, manufacturing ] A threat actor has leaked a database containing the personal information of 442,519 Life360 customers collected by abusing a flaw in the login API.
• Telefónica March 1, 2024 • [ leak, technology ] Telefnica investigates the claims of a possible cyberattack occurred in March that allowed criminals to access more than 2 million records of clients and collaborators of the company.
• Arisa Health March 1, 2024 • [ healthcare ] Arisa Health, an Arkansas-based provider of mental and behavioral health services notifies more than 375,000 individuals of a recent data theft incident potentially compromising their sensitive personal and medical information.
• British Home Office March 1, 2024 • [ espionage, government ] Threat actors from APT29 working for Russias foreign intelligence service accessed corporate emails and data on individuals from the British government, after they breached Microsoft in January 2024.
• Life360 March 1, 2024 • [ leak, misconfiguration, technology ] In July 2024, data scraped from a misconfigured Life360 API was posted online after being obtained several months earlier. The records included 443k unique email addresses and in most cases, corresponding names and phone numbers (some records were null or obfuscated). Life360 promptly notified impacted users after the incident was discovered.
• Mr. Green Gaming March 1, 2024 • [ leak, technology ] In March 2024, the online games community Mr. Green Gaming suffered a data breach that exposed 27k user records. Acknowledged on their Discord server, the incident exposed email and IP addresses, usernames, geographic locations and dates of birth.
• Inflite – The Jet Centre Ltd (MoD travel subcontractor) March 1, 2024 • [ hack, government ] Unauthorized access to contractor email accounts handling MoD Afghan resettlement flights exposed personal data of ~3,700 people. No encryption, no leak observed, actor unknown. Disclosed Aug 16, 2025.
• HCMC Heart Hospital March 1, 2024 • [ cyberattack, service disruption ] Foreign IP addresses attacked the online appointment-booking website of HCMC Heart Hospital on March 1 2024, forcing system shutdown and repair; no data theft or exfiltration reported.
• Seneca February 29, 2024 Threat actors steal $6 million from the Seneca stablecoin protocol across the Ethereum and Arbitrum networks by exploiting a bug in the protocol's smart contract approval mechanisms
• Chunghwa Telecom February 29, 2024 • [ espionage, leak, government ] The Taiwan ministry of national defense says that threat actors stole sensitive information including military and government documents from Chunghwa Telecom, Taiwans largest telecom company and sold it on the dark web.
• Chelan County Public Utility District February 29, 2024 • [ energy ] The Chelan County Public Utility District is impacted by a cybersecurity event" that kept a nationwide vendor from mailing and emailing statements.
• U.S. Cybersecurity and Infrastructure Security Agency (CISA) February 29, 2024 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) discloses that threat actors breached their systems in February through vulnerabilities in Ivanti products