Full List

Search

Recent Breaches

• Das Team Ag February 26, 2024 Das Team Ag, a job placement agency with 25 branches across Switzerland and the Principality of Liechtenstein, confirms that they fell victim to a cyberattack by the Black Basta ransomware group.
• Cutout.Pro February 26, 2024 • [ hack, misconfiguration, technology ] In February 2024, the AI-powered visual design platform Cutout.Pro suffered a data breach that exposed 20M records. The data included email and IP addresses, names and salted MD5 password hashes which were subsequently broadly distributed on a popular hacking forum and Telegram channels.
• Los Angeles Airport February 24, 2024 • [ hack, government ] IntelBroker claims to have breached the database of the Los Angeles Airport, exploiting a vulnerability in the CRM system, and resulting in the compromise of 2.5 million records of plane owners.
• The Pension Specialists Ltd. (TPS) February 24, 2024 • [ data leak ] Between February 18 and 20, 2024, unauthorized access occurred in the systems of The Pension Specialists Ltd., an Illinois-based retirement plan administrator. A cybercriminal gained access to the companys plan administration application server and exfiltrated files containing personally identifiable information. The company confirmed that 71,443 plan participants data, including names and Social Security numbers, was stolen. Notification was filed with the Maine Attorney General on February 18, 2025. No encryption of systems or files was reported.
• Royal Canadian Mounted Police (RCMP) February 23, 2024 • [ hack, government ] The Royal Canadian Mounted Police (RCMP), Canada's national police force, discloses that it recently faced a cyber attack targeting its networks.
• ThyssenKrupp February 23, 2024 • [ ransomware, malware, manufacturing ] Steel giant ThyssenKrupp confirms that threat actors breached systems in its Automotive division, forcing them to shut down IT systems as part of its response and containment effort. Few days later the company confirms a ransomware attack.
• Jeff “Jihoz” Zirlin February 23, 2024 • [ financial, hack, finance ] Jeff Jihoz Zirlin, one of the co-founders of the video game Axie Infinity and the related Ronin Network has nearly $10 million in cryptocurrency stolen from personal accounts.
• Malawi Immigration Department February 23, 2024 • [ ransomware, malware, government ] The Malawi government reportedly suspends issuing passports for the past two weeks due to what appears to be a ransomware attack on the immigration service's computer network.
• medQ February 23, 2024 • [ ransomware, malware, technology ] medQ files a notice of data breach after discovering that hackers accessed and encrypted a software platform used by medQ.
• Hessen Consumer Center February 23, 2024 • [ ransomware, malware, healthcare ] The Hessen Consumer Center in Germany is hit with a ransomware attack, causing IT systems to shut down and temporarily disrupting its availability. The ALPHV/BlackCat ransomware gang claims responsibility for the attack.
• Greater Amsterdam School District February 23, 2024 • [ leak, education ] The Greater Amsterdam School District discloses that a data breach potentially led to the unauthorized access of protected student information.
• Jeff “Jihoz” Zirlin February 23, 2024 • [ cryptocurrency theft, personal account breach, digital assets ] Jeff Jihoz Zirlin, one of the co-founders of the video game Axie Infinity and the related Ronin Network has nearly $10 million in cryptocurrency stolen from personal accounts.
• I-Soon February 22, 2024 Chinese police are investigating an unauthorized and highly unusual online dump of documents from I-Soon, a private security contractor linked to the nations top policing agency and other parts of its government.
• U-Haul February 22, 2024 U-Haul starts informing customers that a threat actor used stolen account credentials to access an internal system for dealers and team members to track customer reservations.
• Audiences in the US, Israel, Germany, and France. February 22, 2024 • [ social ] A joint effort by SentinelLabs and ClearSky Cyber Security uncover a significant propaganda and disinformation campaign, possibly orchestrated by the Russia-aligned influence operation network called Doppelgnger.
• Bimbo Bakeries USA February 22, 2024 • [ ransomware, malware, manufacturing ] Bimbo Bakeries USA, the U.S. branch of baking giant Grupo Bimbo suffers a ransomware attack by the Medusa ransomware group.
• Kootenai Health February 22, 2024 • [ ransomware, malware, healthcare ] Kootenai Health discloses a data breach impacting over 464,000 patients after their personal information was stolen and leaked by the 3AM ransomware operation.
• Rocky Mountain Gastroenterology February 22, 2024 • [ ransomware, malware, healthcare ] Rocky Mountain Gastroenterology suffers a triple ransomware attack.
• Spyzie February 22, 2024 In February 2025, the spyware service Spyzie suffered a data breach along with sibling spyware services, Spyic and Cocospy. The Spyzie breach alone exposed almost 519k customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs, and more. The data was provided to HIBP by a source who requested it be attributed to "zathienaephi@proton.me".
• Optum/Change Healthcare February 21, 2024 • [ ransomware, malware, healthcare ] Healthcare giant UnitedHealth Group confirms that its subsidiary Optum is forced to shut down IT systems and various services after a cyberattack by nation-state hackers on the Change Healthcare platform. The ALPHV/BlackCat ransomware gang claims responsibility for the attack.