-
LastPass
April 10, 2024
•
[ social, phishing, technology ]
LastPass reveals that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer.
-
Moskollector
April 10, 2024
•
[ hack, government ]
Blackjack, a Ukrainian hacker group affiliated with the countrys security service claims to have targeted Moskollector, the firm that operates the communication system for Moscows sewage network.
-
Radiology Associates of Richmond (RAR)
April 10, 2024
•
[ data leak ]
RAR disclosed more than 1.4M affected after determining files with PHI/PII were present on systems accessed for several days in April 2024; HHS tracker shows 1,419,091.
-
Group Health Cooperative of South Central Wisconsin (GHC-SCW)
April 9, 2024
•
[ ransomware, malware, healthcare ]
Non-profit healthcare service provider Group Health Cooperative of South Central Wisconsin (GHC-SCW) discloses that a ransomware gang breached its network in January and stole documents containing the personal and medical information of over 500,000 individuals.
-
GBI Genios
April 9, 2024
•
[ hack, technology ]
GBI Genios, a database company used by numerous media organizations in Germany, announces its servers are unavailable due to a massive hacker attack.
-
-
Shook Lin & Bok
April 9, 2024
•
[ ransomware, malware ]
The law firm Shook Lin & Bok is hit by an Akira ransomware attack.
-
National Public Data
April 9, 2024
•
[ leak, technology ]
In April 2024, a large trove of data made headlines as having exposed "3 billion people" due to a breach of the National Public Data background check service. The initial corpus of data released in the breach contained billions of rows of personal information, including US social security numbers. Further partial data sets were later released including extensive personal information and 134M unique email addresses, although the origin and accuracy of the data remains in question. This breach has been flagged as "unverified" and a full description of the incident is in the link above.
-
CVS Group
April 8, 2024
•
[ hack, healthcare ]
UK veterinary services provider CVS Group announces that it suffered a cyberattack that disrupted IT services at its practices across the country.
-
Targus
April 8, 2024
Laptop and tablet accessories maker Targus discloses that it suffered a cyberattack disrupting operations after a threat actor gained access to the company's file servers.
-
OwenCloud.ru
April 8, 2024
The Blackjack hackers, together with the SBU Cyber Department, destroy more than 300 TB of data from the Russian data center OwenCloud.ru, which was used by the Russian military-industrial complex, oil and gas, and telecom. The destruction of the Russian cloud service is allegedly made in retaliation for the attack on the Ukrainian data center Parkovy in January this year.
-
Woodfords Family Services
April 8, 2024
•
[ unauthorized access, personal information, protected health information ]
Woodfords Family Services reported that after discovering suspicious activity in its network on April 8, 2024, it determined that certain files and folders were subject to unauthorized access and that personal and protected health information may have been compromised.
-
Prosecutor’s Office of the Russian Federation (epp.genproc.gov.ru)
April 6, 2024
The RGB group, self-identifying as a hacktivist collective, also has asserts responsibility for breaching the Prosecutors Office of the Russian Federation (epp.genproc.gov.ru). To substantiate their claim, the group leaked an Excel file containing precisely 100,000 lines of information about criminal cases from 2013.
-
Home Depot
April 6, 2024
•
[ leak, misconfiguration, retail ]
Home Depot confirms that it suffered a data breach after one of its SaaS vendors mistakenly exposed a small sample of limited employee data, which could potentially be used in targeted phishing attacks.
-
The Watergate Hotel
April 6, 2024
•
[ data leak ]
An unauthorized actor accessed and exfiltrated data from The Watergate Hotels network beginning April 6, 2024. The compromised information includes names, SSNs, drivers license numbers, and medical and financial data of approximately 2,220 people. No encryption or service disruption reported.
-
Prosecutor’s Office of the Russian Federation (epp.genproc.gov.ru)
April 6, 2024
•
[ hacktivism, data leak, criminal cases ]
The RGB group, self-identifying as a hacktivist collective, also has asserts responsibility for breaching the Prosecutors Office of the Russian Federation (epp.genproc.gov.ru). To substantiate their claim, the group leaked an Excel file containing precisely 100,000 lines of information about criminal cases from 2013.
-
boAt
April 5, 2024
•
[ leak, retail ]
A threat actor, with the moniker "ShopifyGUY," leaks personal information belonging to 7.5 million of customers of boAt, a consumer electronics company in India.
-
Ogero
April 5, 2024
Lebanon's state internet provider Ogero comes under a 10-day cyber attack of suspected Israeli origin.
-
Community Clinic of Maui
April 5, 2024
•
[ ransomware, malware, healthcare ]
The Community Clinic of Maui (Mlama) warns more than 123,000 people that their information was accessed by threat actors during a LockBit ransomware attack in May.
-
Russia’s prosecutor general
April 4, 2024
•
[ hack, government ]
A group of hacktivists going by the name RGB-TEAM claims responsibility for hacking into the website of Russias prosecutor general, exposing data on criminal offenses committed in Russia over the past 30 years.
