Portend Breaches

Muscatine Power and Water March 1, 2024 • [ ransomware, malware, energy ] Muscatine Power and Water warns the public of a ransomware attack discovered on January 26.

Mr Green Gaming March 1, 2024 • [ leak, misconfiguration ] Mr Green Gaming, a game community, suffers a breach when an inactive admin account is exploited, resulting in the leak of personal details belonging to 27,000 members.

Tyler Technologies March 1, 2024 • [ ransomware, malware, technology ] The LockBit ransomware operation claims to have stolen data from the D.C. Department of Insurance, Securities and Banking (DISB), however the agencies denies the claims, and states that the leaked data is from a third-party technology provider.

Dell March 1, 2024 Dell warns customers of a data breach after a threat actor claimed to have stolen information for approximately 49 million customers.

Undisclosed Singapore-based firm March 1, 2024 GhostR, a financially motivated criminal group says it has stolen a confidential database containing 5.3 million of records that companies use for screening potential customers for links to sanctions and financial crime from World-Check.

Life360 March 1, 2024 • [ leak, misconfiguration, manufacturing ] A threat actor has leaked a database containing the personal information of 442,519 Life360 customers collected by abusing a flaw in the login API.

Telefónica March 1, 2024 • [ leak, technology ] Telefnica investigates the claims of a possible cyberattack occurred in March that allowed criminals to access more than 2 million records of clients and collaborators of the company.

Arisa Health March 1, 2024 • [ healthcare ] Arisa Health, an Arkansas-based provider of mental and behavioral health services notifies more than 375,000 individuals of a recent data theft incident potentially compromising their sensitive personal and medical information.

British Home Office March 1, 2024 • [ espionage, government ] Threat actors from APT29 working for Russias foreign intelligence service accessed corporate emails and data on individuals from the British government, after they breached Microsoft in January 2024.

Life360 March 1, 2024 • [ leak, misconfiguration, technology ] In July 2024, data scraped from a misconfigured Life360 API was posted online after being obtained several months earlier. The records included 443k unique email addresses and in most cases, corresponding names and phone numbers (some records were null or obfuscated). Life360 promptly notified impacted users after the incident was discovered.

Mr. Green Gaming March 1, 2024 • [ leak, technology ] In March 2024, the online games community Mr. Green Gaming suffered a data breach that exposed 27k user records. Acknowledged on their Discord server, the incident exposed email and IP addresses, usernames, geographic locations and dates of birth.

Inflite – The Jet Centre Ltd (MoD travel subcontractor) March 1, 2024 • [ hack, government ] Unauthorized access to contractor email accounts handling MoD Afghan resettlement flights exposed personal data of ~3,700 people. No encryption, no leak observed, actor unknown. Disclosed Aug 16, 2025.

HCMC Heart Hospital March 1, 2024 • [ cyberattack, service disruption ] Foreign IP addresses attacked the online appointment-booking website of HCMC Heart Hospital on March 1 2024, forcing system shutdown and repair; no data theft or exfiltration reported.

TelefÃƒÂ³nica March 1, 2024 • [ cyberattack, data leak, unauthorized access ] Telefnica investigates the claims of a possible cyberattack occurred in March that allowed criminals to access more than 2 million records of clients and collaborators of the company.

Seneca February 29, 2024 Threat actors steal $6 million from the Seneca stablecoin protocol across the Ethereum and Arbitrum networks by exploiting a bug in the protocol's smart contract approval mechanisms

Chunghwa Telecom February 29, 2024 • [ espionage, leak, government ] The Taiwan ministry of national defense says that threat actors stole sensitive information including military and government documents from Chunghwa Telecom, Taiwans largest telecom company and sold it on the dark web.

Chelan County Public Utility District February 29, 2024 • [ energy ] The Chelan County Public Utility District is impacted by a cybersecurity event" that kept a nationwide vendor from mailing and emailing statements.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) February 29, 2024 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) discloses that threat actors breached their systems in February through vulnerabilities in Ivanti products

Multiple organizations in the U.S. February 29, 2024 • [ ransomware, malware, government ] The U.S. cybersecurity and intelligence agencies CISA, FBI, and MS-ISAC warn of Phobos ransomware attacks targeting government and critical infrastructure entities.

SurveyLama February 29, 2024 • [ leak, technology ] SurveyLama suffers a data breach in February 2024, which exposes the sensitive data of 4.4 million users.

Recent Breaches