-
Halara
January 7, 2024
•
[ leak, manufacturing ]
Popular athleisure clothing brand Halara investigates a data breach after the alleged data of almost 950,000 customers was leaked on a hacking forum.
-
Beirut’s International Airport
January 7, 2024
•
[ hacking, political motivation, operational disruption ]
Flight information display screens at Beiruts international airport are hacked to display politically motivated messages, and the incident also temporarily affects baggage inspection.
-
loanDepot
January 6, 2024
•
[ ransomware, malware, finance ]
U.S. mortgage lender loanDepot suffers a ransomware attack that causes the company to take IT systems offline, preventing online payments against loans.
-
Danish Water Utility
January 6, 2024
•
[ cyberattack, state-sponsored, critical infrastructure ]
Danish authorities stated that Russia carried out a destructive and disruptive cyberattack against a Danish water utility in 2024. Reporting cited by Danish media said the incident involved manipulation of pump pressure, which caused pipes to burst and left some homes temporarily without water. The public reporting did not name the utility or provide precise dates beyond year-level timing.
-
At least one individual in Ukraine
January 6, 2024
•
[ phishing, credential harvesting, state-sponsored attack ]
The article reports researchers observed a months-long phishing/credential-harvesting operation targeting users of UKR.NET, a popular Ukrainian webmail and news service. The campaign ran from June 2024 through April 2025 and was attributed to Russian state-backed BlueDelta (APT28/Fancy Bear/Forest Blizzard). Researchers said the actors created multiple fake UKR.NET login pages and sent phishing emails with PDF attachments containing embedded links to the fraudulent portals, with more than 20 linked PDF lure files identified. The purpose was assessed as harvesting credentials and gathering intelligence supporting broader Russian objectives; the reporting did not quantify how many users were successfully compromised.
-
Bill Lou
January 5, 2024
•
[ social, phishing, finance ]
Bill Lou, co-founder of Nest Wallet, a cryptocurrency wallet startup, loses $125,000 to a crypto scam.
-
CertiK
January 5, 2024
The Twitter/X account of blockchain security firm CertiK is hijacked to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer.
-
Toronto Zoo
January 5, 2024
Toronto Zoo, the largest zoo in Canada, it is hit with a ransomware attack.
-
Multiple Chambers of Crafts in Germany
January 5, 2024
The websites and online services for multiple Chambers of Crafts in Germany are down following a security incident that appears to have impacted a managed service provider.
-
-
South Korean construction trade organization
January 5, 2024
The South Korea's National Cyber Security Center (NCSC) warns that state-backed threat actors DPRK hijacked flaws in a VPN's software update to deploy malware and breach networks. In the first case they compromised the website of a South Korean construction trade organization to disseminate malware to visitors.
-
Matadero de Gijón
January 5, 2024
•
[ ransomware, data leak ]
The Matadero de Gijn is hit with a RansomHub ransomware attack.
-
Gamma Strategies
January 4, 2024
•
[ financial, finance ]
Threat actors steal $3.4 million from DeFi protocol Gamma Strategies, forcing the company to halt deposits while withdrawals remain open.
-
CINQ CARE
January 4, 2024
•
[ leak, healthcare ]
CINQ CARE files a notice of data breach after discovering that a cybersecurity incident compromised information contained on the companys computer network.
-
Tigo Business
January 4, 2024
•
[ ransomware, malware, technology ]
Tigo Business, the largest mobile carrier in Paraguay, is hit with a Black Hunt ransomware attack.
-
Housing Authority of the County of San Bernardino (HACSB)
January 4, 2024
•
[ hack, government ]
The Housing Authority of the County of San Bernardino notifies nearly 19,000 people that their information was compromised in a June cyberattack.
-
City of Beckley
January 4, 2024
The city of Beckley, West Virginia announces to be dealing with a cyberattack.
-
Vail-Summit Orthopaedics & Neurosurgery
January 4, 2024
Vail-Summit Orthopaedics & Neurosurgery (VSON) files a notice of data breach after discovering that an unauthorized party attempted to infiltrate the companys computer network.
-
Kemper Sports Management
January 4, 2024
•
[ leak ]
Golf course management and hospitality company Kemper Sports Management discloses a data breach impacting the personal information of tens of thousands of individuals.
-
Legacy Professionals LLP
January 4, 2024
•
[ data leak, unauthorized access ]
Legacy Professionals LLP, an Illinois-based accounting and audit firm, reported that sensitive personal information in its custody may have been accessed and acquired following suspicious activity detected on its computer network in late April 2024. The firm investigated and determined an unauthorized third party may have viewed and obtained certain information. Legacy then reviewed the affected data to identify impacted individuals, completing its review on 01/06/2025, and began mailing breach notification letters on 02/27/2025. Information potentially exposed was described as varying by individual and included names, Social Security numbers, and financial account numbers. Public filings referenced in reporting suggested Legacy provided affected individuals with credit monitoring services. Specific technical details such as the attack vector, the duration of unauthorized access, and whether data was exfiltrated beyond the identified categories were not publicly disclosed.
