Full List

Search

Recent Breaches

• University of Cambridge February 19, 2024 • [ hack, ddos, education ] The University of Cambridge is hit with a DDoS attack. The Anonymous Sudan group claims responsibility for the attack.
• FixedFloat February 19, 2024 • [ hack, malware, finance ] FixedFloat, a decentralized crypto exchange, is hacked via a crypto drainer, for at least $26 million worth of Bitcoin and Ethereum.
• Los Angeles County Department of Health Services February 19, 2024 • [ hack, phishing, government ] The Los Angeles County Department of Health Services discloses a data breach after thousands of patients' personal and health information was exposed in a phishing attack impacting over two dozen employees.
• Several popular Ukrainian media outlets including Ukrainska Pravda and Liga.net February 18, 2024 Russian hackers attacked several popular Ukrainian media outlets, posting fake news related to the war.
• Tangerine February 18, 2024 • [ leak, misconfiguration, technology ] In February 2024, the Australian Telco Tangerine suffered a data breach that exposed over 200k customer records. Attributed to a legacy customer database, the data included physical and email addresses, names, phone numbers and dates of birth. Whilst the Tangerine login process involves sending a one-time password after entering an email address and phone number, it previously used a traditional password which was also exposed as a bcrypt hash.
• El Al plane flying from Phuket to Ben-Gurion February 17, 2024 "Hostile elements" attempt to take over the communication network of an El Al plane flying from Phuket to Ben-Gurion Airport and divert it from its destination.
• Otolaryngology Associates February 17, 2024 • [ ransomware, malware, healthcare ] Otolaryngology Associates notifies 316,802 patients about a ransomware attack.
• Medical Billing Specialists, Inc. February 17, 2024 • [ data leak ] Network disruption Feb 17, 2024; investigation confirmed unauthorized access to systems with sensitive data; notices filed 07-01-2025.
• Russian prison system February 16, 2024 Within hours of opposition leader Alexey Navalnys death, a group of anti-Kremlin hackers deface the website of a prison contractors website,and also appear to have stolen a database containing information on hundreds of thousands of Russian prisonersand their relatives and contacts.
• East Central University February 16, 2024 • [ ransomware, malware, education ] East Central University in Ada, Oklahoma, announces that it is investigating a BlackSuit ransomware attack that took place in February.
• MV Behshad February 15, 2024 • [ espionage, hack, government ] The U.S. conducts a cyberattack against MV Behshad, an Iranian military ship that had been collecting intelligence on cargo vessels in the Red Sea and the Gulf of Aden. Goal is to prohibit the sharing of information with Houthi rebels.
• PSI Software SE February 15, 2024 • [ ransomware, malware, technology ] PSI Software SE, a German software developer for complex production and logistics processes suffers a ransomware attack that impacts its internal infrastructure.
• DemandScience (formerly Pure Incubation) February 15, 2024 • [ leak, government ] The business contact information for 122 million people circulating since February 2024 is now confirmed to have been stolen from DemandScience, a B2B demand generation platform.
• APT28, a.k.a. Fancy Bear and Sednit February 14, 2024 The FBI takes down a botnet of small office/home office (SOHO) Ubiquiti routers used by Russia's Main Intelligence Directorate of the General Staff (GRU) to proxy malicious traffic and to target the United States and its allies in spearphishing and credential theft attacks.
• Staff member of the South Korean President Yoon Suk Yeol February 14, 2024 South Korean President Yoon Suk Yeols office discloses that presumed North Korean threat actors breached the personal emails of one of his staff members ahead of Yoons trip to Europe in November.
• Lexington Medical Center February 14, 2024 • [ hack, phishing, healthcare ] Lexington Medical Center files a notice of data breach discovering that an unauthorized actor was able to access an employees email account.
• OpenAI February 14, 2024 • [ hack, ddos, technology ] Anonymous Sudan claims responsibility for targeting ChatGPT and its parent company, OpenAI, with a series of DDoS attacks.
• Trans-Northern Pipelines (TNPI) February 14, 2024 • [ ransomware, malware, energy ] Trans-Northern Pipelines (TNPI) confirms its internal network was breached in November 2023 and that it's now investigating claims of data theft made by the ALPHV/BlackCat ransomware gang.
• Davlyn Investments Property Management February 14, 2024 • [ hack, misconfiguration ] Davlyn Investments Property Management files a notice of data breach after discovering that an unauthorized party was able to access its IT network.
• Financial Business and Consumer Solutions (FBCS) February 14, 2024 • [ hack, finance ] Financial Business and Consumer Solutions (FBCS) warns initially 1,955,385 impacted individuals in the United States that the company suffered a data breach after discovering unauthorized access to specific systems in its network. One month later the company says over 3.2 million people have been impacted.