Full List

Search

Recent Breaches

• McDonald’s Instagram page August 21, 2024 • [ social media hack, cryptocurrency scam, rug pull ] Scammers hack the official McDonalds Instagram page and make off with over $700,000 in Solana after using the fast food giants social media page to promote and rug a memecoin called Grimace.
• Undisclosed crypto user August 20, 2024 A crypto user loses $55.47 million worth after falling victim to a sophisticated phishing attack targeting their Maker vault.
• Microchip Technology Incorporated August 20, 2024 American chipmaker Microchip Technology Incorporated discloses that a cyberattack impacted its systems, disrupting operations across multiple manufacturing facilities. Few days later the Play ransomware gang leaks gigabytes of data allegedly stolen from the organization.
• Monobank August 19, 2024 • [ hack, ddos, finance ] Threat actors target Monobank, one of Ukraines most popular online banks with a massive distributed denial-of-service (DDoS) attack, primarily focusing on a service used by Ukrainians to raise donations for the military.
• MC2 Data August 18, 2024 • [ leak, misconfiguration, technology ] In August 2024, data aggregator MC2 Data left a database publicly accessible without a password which was subsequently discovered by a security researcher. The breach exposed the personal information of 2.1M subscribers to the service which was marketed under a series of different brand names. The data included email addresses, names and salted SHA-256 password hashes.
• AuthoraCare Collective August 18, 2024 • [ hack, healthcare ] Between August 1822, 2024, an unauthorized actor accessed AuthoraCare Collectives network, compromising protected health information of approximately 58,019 people. The review concluded on October 21, 2024, and notification letters were issued January 2, 2025. AuthoraCare offered credit monitoring services to those affected.
• Chord Specialty Dental Partners August 18, 2024 • [ email compromise, data leak ] Email Account Compromise At Dental Service Organization Impacted Over 170,000 Individuals.
• Fidelity Brokerage Services LLC August 17, 2024 • [ unauthorized access, fraudulent requests, internal database ] An unauthorized third party accessed and obtained information from Fidelity's computer network between August 17 and August 19, 2024, using two recently established customer accounts to submit fraudulent requests to an internal database that housed document images. Massachusetts regulators later fined Fidelity Brokerage Services LLC $1.25 million over cybersecurity-control and notification failures tied to the breach.
• North Miami City Hall August 16, 2024 • [ hack, government ] A cyber incident leaves the North Miami City Hall closed for nearly a week
• Obi Seafoods August 16, 2024 • [ data leak ] OBI Seafoods reported August 2024 incident; letters mailed March 12, 2025.
• European institutions and states August 15, 2024 The massive February leak of internal documents from Chinese hacking contractor iSoon reveals apparent hacking against European institutions and states.
• Multiple organizations August 15, 2024 • [ hack, misconfiguration, technology ] Researchers at Sysdig discover a large-scale malicious operation named "EmeraldWhale" scanning for exposed Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories.
• schenkYOU August 15, 2024 • [ hack, retail ] In September 2024, data from the online German gift store schenkYOU was put up for sale on a popular hacking forum. Obtained the month before, the data included 237k unique email addresses alongside names, dates of birth and salted SHA-256 password hashes. The standalone store was subsequently shut down with all traffic redirected to their Amazon store.
• Explore Talent (August 2024) August 15, 2024 • [ leak, misconfiguration, technology ] In August 2024, a slew of security vulnerabilities were identified with a conglomerate of online services which included the talent network Explore Talent. A vulnerable API exposed the personal records of 11.4M users of the service of which 8.9M unique email addresses were provided to HIBP. This incident is separate to the Explore Talent breach which occurred in 2022 and was loaded into HIBP in July 2024.
• Tracki August 15, 2024 • [ leak, misconfiguration, technology ] In August 2024, a slew of security vulnerabilities were identified with a conglomerate of online services which included the GPS tracking service Tracki. Multiple vulnerabilities exposed the personal records of 372k users of the service including names and email addresses.
• City of Flint August 14, 2024 • [ ransomware, malware, government ] Phones and computers used by government workers in Flint, Michigan are facing outages due to a ransomware attack.
• Central Bank of Iran (CBI) and several other banks in the country August 14, 2024 Iran International reports that a massive cyber attack disrupted operations of the Central Bank of Iran (CBI) and several other banks in the country.
• Welhof August 14, 2024 • [ leak, retail ] In August 2024, the Dutch appliance store Welhof suffered a data breach. The incident exposed over 100k unique email addresses along with names, physical addresses and the value of purchases made. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
• POLADA August 13, 2024 Threat actors "from a hostile state are believed to be behind the leak of over 50,000 confidential files from Polands anti-doping agency POLADA.
• Star Health and Allied Insurance August 13, 2024 • [ leak, misconfiguration, finance ] Stolen customer data including medical reports from India's biggest health insurer, Star Health, is publicly accessible via chatbots on Telegram