Full List

Search

Recent Breaches

• GLAMIRA December 16, 2023 • [ hack, retail ] In late 2023, the online jewellery store GLAMIRA suffered a data breach they attributed to "an unauthorised individual [who] briefly accessed one of our servers". The data was subsequently published on a popular hacking forum and included 875k email addresses, names, phone numbers and purchases.
• GLAMIRA December 16, 2023 • [ hack, misconfiguration, retail ] In late 2023, the online jewellery store GLAMIRA suffered a data breach they attributed to "an unauthorised individual [who] briefly accessed one of our servers". The data was subsequently published on a popular hacking forum and included 875k email addresses, names, phone numbers and purchases. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
• Coos Health & Wellness December 15, 2023 • [ leak, healthcare ] Coos Health & Wellness (CHW) discloses a security breach that may have involved personal and protected health information belonging to individuals who received services at various programs that CHW supports.
• Nepalese government officials December 15, 2023 • [ espionage, malware, government ] Researchers from Cyfirma discover a malicious campaign by the threat actor known as Sidewinder targeting Nepalese government officials via the Nim backdoor.
• Government entities in Ukraine December 15, 2023 • [ espionage, rce, government ] Researchers from Deep Instinct reveal that an unknown threat actor targeted government entities in Ukraine toward the end of 2023 using an old Microsoft Office remote code execution (RCE) exploit from 2017 (CVE-2017-8570) as the initial vector and military vehicles as the lure.
• Coleman Professional Services December 14, 2023 • [ hack, healthcare ] Coleman Professional Services (Coleman Health Services, Coleman) files a notice of data breach after discovering that an unauthorized party accessed several employee email accounts.
• Organizations in israel December 14, 2023 • [ espionage, malware, government ] Researchers from ESET discover a new campaign from the APT34 cyber-espionage group linked to the Iranian government against organizations in Israel and leveraging several new malware downloaders: ODAgent, OilCheck and OilBooster.
• Organizations in Palestine December 14, 2023 • [ espionage, malware ] Researchers from SentinelOne discover a new campaign by the pro-Hamas threat actor known as Gaza Cybergang, targeting Palestinian entities using Pierogi++, an updated version of a backdoor dubbed Pierogi.
• Asper Biogene December 14, 2023 Personal and health data belonging to approximately 10,000 people is illegally downloaded from the genetic testing company Asper Biogene's database.
• Ledger December 14, 2023 • [ financial, malware, finance ] The Ledger hardware wallet warns users that a supply chain attack on the 'Ledger dApp Connect Kit' library was found pushing a JavaScript wallet drainer that stole $600,000 in crypto and NFTs.
• Kraft Heinz Company December 14, 2023 • [ ransomware, malware, manufacturing ] The Kraft Heinz Company says it is looking into recent claims of data theft made by the Snatch ransomware gang.
• Neurology Center of Nevada December 14, 2023 • [ ransomware, malware, healthcare ] Neurology Center of Nevada is allegedly attacked by the Qilin ransomware gang.
• Talus Pay December 14, 2023 • [ hack, phishing, finance ] AMCP Payments Intermediate Company d/b/a Talus Pay files a notice of data breach after discovering that an unauthorized party had gained access to an employee email account.
• London Public Library December 13, 2023 • [ hack, education ] The London Public Library in Ontario is forced to shut down most of its services due to a cyberattack.
• Covenant Care December 13, 2023 • [ ransomware, malware, healthcare ] Hunters International claims responsibility for a ransomware attack to Covenant Care.
• Tulane University December 13, 2023 • [ ransomware, malware, education ] The Tulane University is hit with a cyber attack. The Meow ransomware gang claims respomsibility.
• Insomniac Games, December 13, 2023 • [ ransomware, malware, technology ] Sony says it is looking into reports of a ransomware attack on its subsidiary Insomniac Games, the studio behind popular titles like Spider-Man, Spyro the Dragon and more, after claims by the Rhysida ransomware gang.
• CMS December 13, 2023 • [ ransomware, leak, technology ] CMS, one of the world's largest law firms, is claimed by the LockBit 3.0 ransomware, with the attackers alleging a 500GB data theft.
• Greater Cincinnati Behavioral Health Services December 13, 2023 • [ leak, healthcare ] DragonForce adds Greater Cincinnati Behavioral Health Services (GCBHS) to its leak site, claiming to have exfiltrated 72.4 GB of files.
• VF Corporation December 13, 2023 • [ hack, manufacturing ] American global apparel and footwear giant VF Corporation, the owner of brands like Supreme, Vans, Timberland, and The North Face, discloses a security incident that caused operational disruptions.