Portend Breaches

Halliburton August 21, 2024 • [ hack, energy ] Halliburton, one of the world's largest providers of services to the energy industry, confirms a cyberattack that forced it to shut down some of its systems earlier this week.

DICK'S Sporting Goods August 21, 2024 DICK'S Sporting Goods, the largest chain of sporting goods retail stores in the United States of America, discloses that confidential information was exposed in a cyberattack.

Zee Media Corporation Limited August 21, 2024 • [ hack, misconfiguration, technology ] A group of Bangladeshi hacktivists, operating under the alias SYSTEMADMINBD, defaces the official website of Zee Media Corporation Limited, accusing the media giant of making fun of the situation in Bangladesh, referring to the ongoing floods caused by heavy rainfall.

Undisclosed crypto user August 20, 2024 A crypto user loses $55.47 million worth after falling victim to a sophisticated phishing attack targeting their Maker vault.

Microchip Technology Incorporated August 20, 2024 American chipmaker Microchip Technology Incorporated discloses that a cyberattack impacted its systems, disrupting operations across multiple manufacturing facilities. Few days later the Play ransomware gang leaks gigabytes of data allegedly stolen from the organization.

Monobank August 19, 2024 • [ hack, ddos, finance ] Threat actors target Monobank, one of Ukraines most popular online banks with a massive distributed denial-of-service (DDoS) attack, primarily focusing on a service used by Ukrainians to raise donations for the military.

MC2 Data August 18, 2024 • [ leak, misconfiguration, technology ] In August 2024, data aggregator MC2 Data left a database publicly accessible without a password which was subsequently discovered by a security researcher. The breach exposed the personal information of 2.1M subscribers to the service which was marketed under a series of different brand names. The data included email addresses, names and salted SHA-256 password hashes.

North Miami City Hall August 16, 2024 • [ hack, government ] A cyber incident leaves the North Miami City Hall closed for nearly a week

European institutions and states August 15, 2024 The massive February leak of internal documents from Chinese hacking contractor iSoon reveals apparent hacking against European institutions and states.

Multiple organizations August 15, 2024 • [ hack, misconfiguration, technology ] Researchers at Sysdig discover a large-scale malicious operation named "EmeraldWhale" scanning for exposed Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories.

schenkYOU August 15, 2024 • [ hack, retail ] In September 2024, data from the online German gift store schenkYOU was put up for sale on a popular hacking forum. Obtained the month before, the data included 237k unique email addresses alongside names, dates of birth and salted SHA-256 password hashes. The standalone store was subsequently shut down with all traffic redirected to their Amazon store.

Explore Talent (August 2024) August 15, 2024 • [ leak, misconfiguration, technology ] In August 2024, a slew of security vulnerabilities were identified with a conglomerate of online services which included the talent network Explore Talent. A vulnerable API exposed the personal records of 11.4M users of the service of which 8.9M unique email addresses were provided to HIBP. This incident is separate to the Explore Talent breach which occurred in 2022 and was loaded into HIBP in July 2024.

Tracki August 15, 2024 • [ leak, misconfiguration, technology ] In August 2024, a slew of security vulnerabilities were identified with a conglomerate of online services which included the GPS tracking service Tracki. Multiple vulnerabilities exposed the personal records of 372k users of the service including names and email addresses.

City of Flint August 14, 2024 • [ ransomware, malware, government ] Phones and computers used by government workers in Flint, Michigan are facing outages due to a ransomware attack.

Central Bank of Iran (CBI) and several other banks in the country August 14, 2024 Iran International reports that a massive cyber attack disrupted operations of the Central Bank of Iran (CBI) and several other banks in the country.

Welhof August 14, 2024 • [ leak, retail ] In August 2024, the Dutch appliance store Welhof suffered a data breach. The incident exposed over 100k unique email addresses along with names, physical addresses and the value of purchases made. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".

POLADA August 13, 2024 Threat actors "from a hostile state are believed to be behind the leak of over 50,000 confidential files from Polands anti-doping agency POLADA.

Star Health and Allied Insurance August 13, 2024 • [ leak, misconfiguration, finance ] Stolen customer data including medical reports from India's biggest health insurer, Star Health, is publicly accessible via chatbots on Telegram

X August 12, 2024 • [ hack, technology ] Elon Musks interview with US Presidential candidate Donald Trump on the X social media platform is impacted by technical glitches and what is a cyberattack.

Undisclosed South Korean defense contractor August 12, 2024 A South Korean defense contractor which produces operational and maintenance manuals for military equipment, including the two spy planes "Baekdu" and "Geumgang", was allegedly hacked by threat actors from North Korea.

Recent Breaches