Full List

Search

Recent Breaches

• Three organizations in South Korea and abroad December 5, 2023 • [ ransomware, malware, energy ] Separately, the Seoul Metropolitan Police investigators discover that the group extorted three ransomware victims in South Korea and abroad for about $357,000 worth of Bitcoin.
• Groveport Madison Schools December 5, 2023 • [ ransomware, malware, education ] The Groveport Madison Schools is hit with a BlackSuit ransomware attack.
• Advantis Global December 5, 2023 Advantis Global files a notice of data breach after discovering a "security incident" involving its corporate email system.
• Dameron Hospital December 5, 2023 • [ hack, healthcare ] Dameron Hospital reschedules some procedures after suffering a cyberattack,
• South Korean companies connected to the defense industry December 5, 2023 The Seoul Metropolitan Police accuses the North Korean group Andariel of targeting South Korean companies connected to the defense industry and stealing 1.2 terabytes of sensitive information about anti-aircraft weapon systems.
• HTC Global Services December 5, 2023 • [ ransomware, malware, technology ] IT services and business consulting company HTC Global Services confirms they suffered a cyberattack after the ALPHV/BlackCat ransomware gang begins leaking screenshots of stolen data, allegedly obtained exploiting the CVE-2023-4966 Citrixbleed vulnerability.
• Hermon School Department December 4, 2023 • [ ransomware, malware, education ] The Hermon School Department suffers a ransomware attack after the threat actors exploit the CVE-2023-46604 Apache ActiveMQ vulnerability,
• Fairway Independent Mortgage Corporation December 4, 2023 • [ hack, misconfiguration, finance ] Fairway Independent Mortgage Corporation (Fairway) files a notice of data breach after discovering that an unauthorized user had accessed a third-party system utilized by Fairway.
• Sellafield Nuclear Waste and Decommissioning Site December 4, 2023 • [ hack, espionage, energy ] Threat actors linked to Russia and China have allegedly hacked into the systems of the Sellafield nuclear waste and decommissioning site in the UK, according to an investigation conducted by The Guardian. However, the British government has dismissed the reports.
• Neurosurgical Associates of New Jersey December 4, 2023 Neurosurgical Associates of New Jersey (Neurosurgeons of New Jersey) files a notice of data breach after discovering that an unauthorized party accessed an employee's email account.
• Hangzhou Great Star Industrial December 4, 2023 • [ ransomware, malware, manufacturing ] The American division of the Chinese multinational Hangzhou Great Star Industrial Co., Ltd (Great Star), pays a ransom of 1 million dollars in a BTC wallet to the Akira ransomware group.
• Ziv Medical Center December 2, 2023 Malek Team, a group allegedly linked to Iran, claims to have leaked thousands of medical records from Ziv Medical Center, an Israeli hospital, including those of Israeli soldiers.
• Tipalti December 2, 2023 Accounting software giant Tipalti says it is investigating reports of a ransomware attack after the BlackCat/ALPHV ransomware gang spent the weekend attempting to extort the company and its customers.
• St. Landry Parish Schools December 1, 2023 • [ ransomware, malware, education ] The St. Landry Parish Schools district is hit with a ransomware attack.
• The Hershey Company December 1, 2023 • [ hack, manufacturing ] The Hershey Company, the American manufacturer of popular sweets such as Kit Kat and Reese's Peanut Butter Cups, tells regulators that more than 2,200 people were potentially affected by a data breach after hackers gained access to some of the company's email accounts.
• Rock County December 1, 2023 • [ ransomware, malware, government ] Rock County issues notification letters about a Cuba ransomware attack and data breach that affected 25,823 individuals.
• Great Valley School District December 1, 2023 • [ ransomware, malware, education ] The Medusa ransomware gang claims to have hit Great Valley School District in Pennsylvania.
• Pacific Cataract and Laser Institute December 1, 2023 • [ ransomware, malware, healthcare ] Pacific Cataract and Laser Institute is hit with a LockBit 3.0 ransomware attack.
• National Public Data December 1, 2023 • [ hack, government ] The stolen data was said to include social security numbers, full names, family information, as well as current and previous addresses. USDoD, who acted as the middleman for the breach, was arrested by Brazilian authorities last week, but the threat actor responsible for stealing the data, referred to as SXUL is still at large.
• Welhof December 1, 2023 • [ leak, retail ] In late 2023, the Dutch appliance store Welhof suffered a data breach. The incident exposed over 100k unique email addresses along with names, physical addresses and the value of purchases made. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".