Full List

Search

Recent Breaches

• Official Microsoft India account on X (formerly Twitter) June 3, 2024 • [ financial, hack, phishing ] The official Microsoft India account on X (formerly Twitter), with over 211,000 followers, is hijacked by cryptocurrency scammers to impersonate Roaring Kitty, the handle used by notorious meme stock trader Keith Gill.
• Gemini June 3, 2024 • [ hack, finance ] Cryptocurrency exchange Gemini warns it suffered a data breach incident caused by a cyberattack at its Automated Clearing House (ACH) service provider, whose name was not disclosed.
• Nidec Corporation June 3, 2024 • [ ransomware, malware, manufacturing ] Nidec Corporation informs that threat actors behind a ransomware attack it suffered earlier this year stole data and leaked it on the dark web.
• Special Health Resources June 2, 2024 • [ ransomware, malware, healthcare ] Special Health Resources suffers a BlackSuit ransomware attack.
• Germany's Christian Democratic Union June 1, 2024 • [ hack, misconfiguration, government ] Germany's Christian Democratic Union (CDU), the country's leading opposition party, is hit by a major cyberattack and has taken parts of its IT-infrastructure off the grid as a precautionary measure. According to sources, the attackers exploited the CVE-2024-24919 Check Point vulnerability.
• Allendale Long-Term Care Home June 1, 2024 A cybersecurity incident involving third-party software at Allendale Long-Term Care Home in Milton exposes personal electronic health records from 2005 to this summer.
• Robinsons Malls June 1, 2024 • [ hack, retail ] In June 2024, the Philippines' largest shopping-mall operators Robinsons Malls suffered a data breach stemming from their mobile app. The incident exposed 195k unique email addresses along with names, phone numbers, dates of birth, genders and the user's city and province.
• Government of Turks and Caicos June 1, 2024 • [ ransomware, malware, government ] The government of Turks and Caicos says is making progress in its recovery from a recent ransomware attack that has caused widespread issues on the islands.
• Ya-moon June 1, 2024 • [ data leak ] A hacker alias Valerie claims a breach of the Ya-moon forum in June 2024, publishing user data and chat logs.
• Hugging Face May 31, 2024 • [ hack, technology ] AI platform Hugging Face says that its Spaces platform was breached, allowing threat actors to access authentication secrets for its members.
• DMM Bitcoin May 31, 2024 The Japanese cryptocurrency exchange DMM Bitcoin announces that threat actors stole 4,502.9 Bitcoin (BTC), approximately $304 million (48.2 billion yen), from the its wallets.
• Billericay School May 31, 2024 • [ hack, malware, education ] The Billericay School is hit with a malware attack.
• Polish Press Agency May 31, 2024 • [ espionage, government ] Polish prosecutors investigate a suspected Russian cyberattack on the countrys state news agency Polish Press Agency (PAP) spreading disinformation with fake news claiming the countrys authorities had announced a partial mobilization of 200,000 men who were to be sent to fight in a war in Ukraine.
• Tibet Post and Gyudmed Tantric University May 31, 2024 • [ espionage, malware, education ] Researchers at Recorded Future reveal that the Chinese state-sponsored threat group TAG-112 compromised two Tibetan websites, Tibet Post and Gyudmed Tantric University, to deliver the Cobalt Strike malware
• Ticketek May 31, 2024 • [ leak, misconfiguration, retail ] In May 2024, the Australian event ticketing company Ticketek reported a data breach linked to a third party cloud-based platform. The following month, the data appeared for sale on a popular hacking forum and was later linked to a series of breaches of the Snowflake cloud storage service. The data contained almost 30M rows with 17.6M unique email addresses alongside names, genders, dates of birth and hashed passwords.
• FinWise May 31, 2024 • [ insider, finance ] Former FinWise employee accessed AFF customer files after termination, impacting 689k individuals; discovered June 18, 2025; investigation and credit monitoring offered; multiple lawsuits filed.
• Operation Endgame May 30, 2024 In May 2024, a coalition of international law enforcement agencies took down a series of botnets in a campaign they coined "Operation Endgame". Data seized in the operation included impacted email addresses and passwords which were provided to HIBP to help victims learn of their exposure.
• Alternate Solutions Health Network, LLC May 30, 2024 • [ phishing, data leak ] On or around May 30 2024, an unauthorized actor accessed an employee email account at Alternate Solutions Health Network. The account was secured after discovery; investigation concluded February 14 2025 and confirmed exposure of PHI. Notifications were issued beginning April 14 2025.
• Maryhaven, Inc. May 30, 2024 • [ data leak, healthcare, unauthorized access ] Maryhaven, a behavioral health and addiction treatment provider in Ohio, detected unauthorized access to its systems on June 1 2024. An unknown actor accessed and exfiltrated patient and employee PHI/PII data (~7,000 records). No encryption or operational disruption occurred. Disclosure issued April 11 2025 through Cyberscout/TransUnion.
• RestorixHealth May 29, 2024 • [ phishing, data leak ] Investigation confirmed unauthorized access to one mailbox (May 729, 2024); notification letters commenced Feb 14, 2025.