Full List

Search

Recent Breaches

• TriZetto Provider Solutions, January 11, 2024 • [ data leak, healthcare ] TriZetto Provider Solutions, a Cognizant-owned vendor providing revenue management services to healthcare organizations, reported a cybersecurity incident affecting a customer web portal. TriZetto identified suspicious portal activity on 10/02/2025, secured the portal, and engaged Mandiant to investigate and validate remediation. Forensic work determined an unauthorized third party had been accessing historical eligibility transaction reports within TriZetto systems since November 2024, nearly a year before detection. The reports contained protected health information for patients of certain healthcare provider clients. TriZettos review determined compromised data could include patient and primary insured names combined with other personal and insurance information such as addresses, dates of birth, Social Security numbers, member/Medicare numbers, insurer names, and related demographic health and coverage details. TriZetto stated it believed the actor had been eradicated and no further unauthorized portal activity was detected after 10/02/2025; the total number of affected clients/individuals was not yet publicly confirmed.
• CoinGecko’s X (formerly Twitter) account January 10, 2024 • [ finance, phishing, hack ] Cryptocurrency data aggregator CoinGeckos X (formerly Twitter) account is briefly compromised to promote a crypto scam.
• Trinity Petroleum Management January 10, 2024 • [ data leak ] Texas filing indicated unauthorized access exposing names addresses and Social Security numbers.
• Undisclosed Fashion Firm Hong Kong January 10, 2024 • [ data leak ] Regulator found fashion company at fault over customer data breach handling.
• CoinGecko’s X (formerly Twitter) account January 10, 2024 • [ account takeover, cryptocurrency scam, phishing ] Cryptocurrency data aggregator CoinGeckos X (formerly Twitter) account is briefly compromised to promote a crypto scam.
• X account for the U.S. Securities and Exchange Commission (SEC) January 9, 2024 • [ hack, social, government ] The X account for the U.S. Securities and Exchange Commission is hacked to issue a fake announcement on the approval of Bitcoin ETFs on security exchanges.
• M9com January 9, 2024 A pro-Ukraine hacktivist group named Blackjack, allegedly affiliated to the SBU (the Security Service of Ukraine) claims a cyberattack against Russian provider of internet services M9com, deleting around 20 terabytes of data as a direct response to the attack against Kyivstar mobile operator.
• Medjet January 9, 2024 • [ hack, healthcare ] Medjet and Medjet Assist (Medjet) file a notice of data breach after discovering that information that had been entrusted to the company was subject to unauthorized access.
• Oregon Pacific Bank January 9, 2024 • [ hack, finance ] Oregon Pacific Bank files a notice of data breach after discovering that confidential information in the companys possession was subject to unauthorized access.
• Saudi Ministry of Foreign Affairs (mofa.gov.sa) January 9, 2024 • [ leak, government ] A threat actor named zelda leaks information on 1.4 million users of the Saudi Ministry of Foreign Affairs (mofa.gov.sa)
• East Valley Institute of Technology January 9, 2024 East Valley Institute of Technology ("EVIT") an Arizona-based technical school notifies nearly 209,000 current and former students, parents, guardians and faculty that their personal, health and financial information was potentially compromised in LockBit ransomware attack earlier this year.
• Official X Account of Hyundai MEA January 8, 2024 The official Hyundai MEA Twitter/X accounts is hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware.
• Centennial Bank January 8, 2024 • [ hack, finance ] Centennial Bank files a notice of data breach after discovering that information that had been provided to the company was subject to unauthorized access.
• Zaporizhzhya January 8, 2024 The pro-Russia NoName057(16) group hits multiple Ukrainian websites, including Accordbank, Zaporizhzhya Titanium-Magnesium Plant, State Tax Service, Central Interregional Tax Administration, Western Interregional Tax Administration, and the Main Directorate of the State Tax Service in Kyiv.
• Official X Account of Netgear January 8, 2024 • [ hack, malware, manufacturing ] The official NetgearTwitter/X accounts (together with over 160,000 followers) are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware.
• United States Department of Transportation (DOT) January 8, 2024 • [ hack, government ] The threat actor known as IntelBroker claims responsibility for a data breach targeting the United States Department of Transportation (DOT), containing. 5.8 million flight logs from the year 2015.
• Official X Account of Zack Polanski January 7, 2024 Zack Polanski, the deputy leader of the United Kingdoms Green Party, has his account hijacked earlier to promote a cryptocurrency scam.
• Beirut’s International Airport January 7, 2024 Flight information display screens at Beiruts international airport are hacked to display politically motivated messages, and the incident also temporarily affects baggage inspection.
• Ministry of Tourism January 7, 2024 • [ hack, ddos, government ] The official websites of the Presidents office, Foreign Ministry, and Tourism Ministry in Maldives are taken down by a DDoS attack allegedly carried out by threat actors from China.
• Bangladesh Election Commission January 7, 2024 • [ hack, ddos, government ] An official at the Bangladesh Election Commission claims that a cyberattack from Ukraine and Germany caused an election information app, Smart Election Management BD, to crash as voters went to the polls.