Full List

Search

Recent Breaches

• The Hershey Company December 1, 2023 • [ hack, manufacturing ] The Hershey Company, the American manufacturer of popular sweets such as Kit Kat and Reese's Peanut Butter Cups, tells regulators that more than 2,200 people were potentially affected by a data breach after hackers gained access to some of the company's email accounts.
• Rock County December 1, 2023 • [ ransomware, malware, government ] Rock County issues notification letters about a Cuba ransomware attack and data breach that affected 25,823 individuals.
• Great Valley School District December 1, 2023 • [ ransomware, malware, education ] The Medusa ransomware gang claims to have hit Great Valley School District in Pennsylvania.
• Pacific Cataract and Laser Institute December 1, 2023 • [ ransomware, malware, healthcare ] Pacific Cataract and Laser Institute is hit with a LockBit 3.0 ransomware attack.
• National Public Data December 1, 2023 • [ hack, government ] The stolen data was said to include social security numbers, full names, family information, as well as current and previous addresses. USDoD, who acted as the middleman for the breach, was arrested by Brazilian authorities last week, but the threat actor responsible for stealing the data, referred to as SXUL is still at large.
• Welhof December 1, 2023 • [ leak, retail ] In late 2023, the Dutch appliance store Welhof suffered a data breach. The incident exposed over 100k unique email addresses along with names, physical addresses and the value of purchases made. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
• Medusind December 1, 2023 • [ leak, healthcare ] Medusind, a leading billing provider for healthcare organizations, notifies hundreds of thousands of individuals of a data breach that exposed their personal and health information more than a year ago, in December 2023. 360,934 individuals are affected.
• High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States November 30, 2023 • [ espionage, malware, phishing ] Researchers from Microsoft discover a new campaign from the Iranian-backed Mint Sandstom state hackers, targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing a new backdoor malware known as MediaPl.
• SinglePoint Outsourcing November 30, 2023 • [ hack ] SinglePoint Outsourcing (SinglePoint) files a notice of data breach discovering that an unauthorized party had accessed its computer network.
• Capital Health November 30, 2023 • [ hack, healthcare ] Capital Health hospitals and physician offices across New Jersey experience IT outages after a cyberattack hit the non-profit organization's network.
• Trellance November 30, 2023 • [ ransomware, malware, technology ] About 60 credit unions are dealing with outages due to a ransomware attack on Trellance, a widely-used technology provider.
• Rappler November 30, 2023 • [ hack, ddos, technology ] Rappler, a digital media company in the Philippines, is hit by a massive series of crippling DDoS attacks.
• Telecommunications companies in Sudan November 30, 2023 • [ espionage, malware, technology ] Researchers from Broadcom/Symantec discover a campaign carried on by the cyber-espionage group Seedworm, linked to Iran's intelligence service, targeting telecommunications companies in Egypt, Sudan and Tanzania via the MuddyC2Go framework and a custom keylogger.
• 60 Organizations in Israel November 30, 2023 The Pro-Palestinian group Cyber Toufan claims to have breached dozens of Israeli entities amid the ongoing war in Gaza, promising to publish leaked information.
• Myanmar's Ministry of Defence and Foreign Affairs November 30, 2023 • [ espionage, malware, government ] Researchers from CSIRT-CTI reveal the details of two campaigns from the China-based threat actor known as Mustang Panda, targeting Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans.
• Tax Favored Benefits November 30, 2023 • [ hack, phishing, finance ] Tax Favored Benefits (TFB) files a notice of data breach after discovering that an unauthorized party had gained access to an employees email account.
• Staples November 30, 2023 • [ hack, retail ] American office supply retailer Staples takes down some of its systems after a cyberattack to contain the breach's impact and protect customer data.
• Research institutes in South Korea November 30, 2023 Researchers from AhnLab discover a new campaign by the North Korean threat actor Kimsuky, targeting research institutes in South Korea.
• Aerodrome Finance November 29, 2023 Decentralized finance platform Aerodrome reports a compromise to its front end.
• Washington National Insurance Company November 29, 2023 • [ social, phishing, finance ] Washington National Insurance Company files a notice of data breach after discovering that a senior officer was targeted in a SIM-swapping attack.