Full List

Search

Recent Breaches

• Christie’s May 9, 2024 • [ ransomware, malware, retail ] A cyber-attack disrupts auction house Christies attempts to sell art and other high-value items worth an estimated $840m. The RansomHub ransomware group claims responsibility for the attack.
• PyPI May 9, 2024 • [ hack, malware, technology ] GhostAction abused malicious GitHub Actions workflows to exfiltrate thousands of secrets (incl. PyPI tokens). PyPI found no evidence of malicious package publishes, revoked affected tokens, and issued guidance; campaign window early Sept 2025
• Christie’s May 9, 2024 • [ ransomware, cyber-attack, auction disruption ] A cyber-attack disrupts auction house Christies attempts to sell art and other high-value items worth an estimated $840m. The RansomHub ransomware group claims responsibility for the attack.
• Ascension May 8, 2024 • [ ransomware, malware, healthcare ] Ascension, one of the largest private healthcare systems in the United States, takes some of its systems offline to investigate what it describes as a "cyber security event" confirmed to be a Black Basta ransomware attack.
• Kosovo government websites May 7, 2024 • [ hack, ddos, government ] Pro-Russia threat actors target Kosovo government websites, including the websites of the president and prime minister, with DDoS attacks. The attacks are a retaliation for Kosovos support of Ukraine with military equipment.
• Coradix-Magnescan May 7, 2024 • [ hack, healthcare ] Coradix-Magnescan, a French company that provides medical radiological imaging, warns patients it is currently dealing with a cyberattack that risks complicating their appointments.
• DocGo May 7, 2024 • [ leak, healthcare ] Mobile medical care firm DocGo confirms it suffered a cyberattack after threat actors breached its systems and stole patient health data.
• Several Italian Ministry websites May 7, 2024 The Pro-Russia Hacktivists of NoName057(16) take down several italian websites including the Ministry of Made in Italy, the Financial Police, and the Ministry of Infrastructure and Transport.
• Iberdrola May 7, 2024 • [ leak, energy ] Spanish multinational electrical utility Iberdrola says a cyber incident to a supplier in the beginning of May resulted in a data breach involving 850,000 Spanish customers.
• Kosovo government websites May 7, 2024 • [ DDoS attacks, pro-Russia threat actors, geopolitics ] Pro-Russia threat actors target Kosovo government websites, including the websites of the president and prime minister, with DDoS attacks. The attacks are a retaliation for Kosovos support of Ukraine with military equipment.
• Coradix-Magnescan May 7, 2024 • [ cyberattack, healthcare, medical imaging ] Coradix-Magnescan, a French company that provides medical radiological imaging, warns patients it is currently dealing with a cyberattack that risks complicating their appointments.
• Adam Griffin May 6, 2024 • [ social, phishing, finance ] Adam Griffin, a crypto investor is robbed of nearly $500,000 in cryptocurrencies after a scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click yes to a Google prompt on his mobile device.
• Richmond University Medical Center May 6, 2024 • [ ransomware, malware, healthcare ] The Richmond University Medical Center in New York is investigating a ransomware attack since May 2023 and it recently determined that the incident resulted in a data breach affecting more than 670,000 people.
• Mālama I Ke Ola Health Center May 4, 2024 • [ hack, healthcare ] The Mlama I Ke Ola Health Center discloses to have suffered a cyberattack
• Mālama I Ke Ola Health Center May 4, 2024 • [ cyberattack ] The Mlama I Ke Ola Health Center discloses to have suffered a cyberattack
• Undisclosed crypto investor May 3, 2024 • [ financial, hack, phishing ] An individual loses around $71 million worth of bitcoin in what appears to be an address poisoning attack. A week later the author of the attack returns the stolen bounty.
• City of Wichita May 3, 2024 • [ ransomware, malware, government ] The City of Wichita, Kansas, discloses it was forced to shut down portions of its network after suffering a weekend ransomware attack. The LockBit ransomware operation claims responsibility for the attack.
• Abri Credit Union May 3, 2024 • [ data leak ] Abri Credit Union disclosed unauthorized access to its systems occurring in May 2024 that was discovered in December 2025. The incident may have exposed personal, financial, and limited medical information of members. The credit union notified affected individuals and offered credit monitoring services; no operational disruption was publicly reported.
• Teixeira Cândido (Angolan journalist) / Syndicate of Angolan Journalists context May 3, 2024 • [ spyware, Predator, mobile infection ] Amnesty Internationals Security Lab reported forensic confirmation that Intellexas Predator spyware successfully infected the iPhone of Angolan journalist and press freedom activist Teixeira Cndido on May 4, 2024 after he opened a malicious link sent via WhatsApp. Amnesty said the attacker could have gained wide access to device data (including messages and files) and that the infection appears to have been removed after the phone was restarted later that day. The investigation described multiple additional infection links sent afterward that did not appear to succeed. Attribution to a specific government customer was not made in the public report.
• The Post Millennial May 2, 2024 Have I Been Pwned adds the information for 26,818,266 people whose data was leaked in a recent hack of The Post Millennial conservative news website.