Full List

Search

Recent Breaches

• Calvià City Council in Majorca January 13, 2024 • [ ransomware, malware, government ] The Calvi City Council in Majorca announces to be targeted by a ransomware attack, which impacted municipal services. The attackers demand a 10M (approximately $11M) ransom.
• Horne January 13, 2024 • [ hack, finance ] Horne files a notice of data breach resulting in an unauthorized party being able to access consumers sensitive information,
• Alkem Laboratories January 12, 2024 • [ financial, manufacturing ] Pharmaceutical company Alkem Laboratories confirms that a cybersecurity incident led to a fraudulent transfer of Rs 52 crore (USD 6.2M) from one of its subsidiaries.
• Alpha Supported Living Services January 12, 2024 • [ social, phishing, healthcare ] Alpha Supported Living Services (Alpha) files a notice of data breach after discovering that the organization was the recent victim of a phishing attack.
• DKI Jakarta Provincial government January 12, 2024 6.8 million voter records related to the 2017 Jakarta gubernatorial election are leaked on the eleakstore, and on the Hydra Market cybercriminal forums.
• Ameriprise Financial January 12, 2024 • [ leak, finance ] Ameriprise Financial files a notice of data breach after discovering that an unauthorized party was able to access confidential customer information.
• Undisclosed U.S: Cloud Service Provider January 11, 2024 • [ hack, malware, technology ] A Ukrainian national is arrested for allegedly infecting the servers of a well-known American cloud service provider with a cryptomining malware.
• Water for People January 11, 2024 • [ ransomware, malware, healthcare ] The ransomware-as-a-service gang Medusa lists Water for People on its darknet site, threatening to publish stolen information unless the nonprofit pays a $300,000 extortion fee.
• Lush January 11, 2024 • [ ransomware, malware, retail ] Lush, the privately-owned British cosmetics retailer is currently responding to a cyber security incident. Few week later the Akira ransomware gang claims responsibility for the attack.
• GALA Hispanic Theatre January 11, 2024 The GALA Hispanic Theatre, a popular theater in Washington, D.C. has more than $250,000 in stolen funds returned after hackers managed to siphon the money out of their bank account.
• Keating Consulting Group January 11, 2024 Framework Computer discloses a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, falls victim to a phishing attack.
• TriZetto Provider Solutions, January 11, 2024 • [ data leak, healthcare ] TriZetto Provider Solutions, a Cognizant-owned vendor providing revenue management services to healthcare organizations, reported a cybersecurity incident affecting a customer web portal. TriZetto identified suspicious portal activity on 10/02/2025, secured the portal, and engaged Mandiant to investigate and validate remediation. Forensic work determined an unauthorized third party had been accessing historical eligibility transaction reports within TriZetto systems since November 2024, nearly a year before detection. The reports contained protected health information for patients of certain healthcare provider clients. TriZettos review determined compromised data could include patient and primary insured names combined with other personal and insurance information such as addresses, dates of birth, Social Security numbers, member/Medicare numbers, insurer names, and related demographic health and coverage details. TriZetto stated it believed the actor had been eradicated and no further unauthorized portal activity was detected after 10/02/2025; the total number of affected clients/individuals was not yet publicly confirmed.
• CoinGecko’s X (formerly Twitter) account January 10, 2024 • [ finance, phishing, hack ] Cryptocurrency data aggregator CoinGeckos X (formerly Twitter) account is briefly compromised to promote a crypto scam.
• Trinity Petroleum Management January 10, 2024 • [ data leak ] Texas filing indicated unauthorized access exposing names addresses and Social Security numbers.
• Undisclosed Fashion Firm Hong Kong January 10, 2024 • [ data leak ] Regulator found fashion company at fault over customer data breach handling.
• X account for the U.S. Securities and Exchange Commission (SEC) January 9, 2024 • [ hack, social, government ] The X account for the U.S. Securities and Exchange Commission is hacked to issue a fake announcement on the approval of Bitcoin ETFs on security exchanges.
• M9com January 9, 2024 A pro-Ukraine hacktivist group named Blackjack, allegedly affiliated to the SBU (the Security Service of Ukraine) claims a cyberattack against Russian provider of internet services M9com, deleting around 20 terabytes of data as a direct response to the attack against Kyivstar mobile operator.
• Medjet January 9, 2024 • [ hack, healthcare ] Medjet and Medjet Assist (Medjet) file a notice of data breach after discovering that information that had been entrusted to the company was subject to unauthorized access.
• Oregon Pacific Bank January 9, 2024 • [ hack, finance ] Oregon Pacific Bank files a notice of data breach after discovering that confidential information in the companys possession was subject to unauthorized access.
• Saudi Ministry of Foreign Affairs (mofa.gov.sa) January 9, 2024 • [ leak, government ] A threat actor named zelda leaks information on 1.4 million users of the Saudi Ministry of Foreign Affairs (mofa.gov.sa)