Full List

Search

Recent Breaches

• Qakbot August 29, 2023 In August 2023, the US Justice Department announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, and the United Kingdom to disrupt the botnet and malware known as Qakbot and take down its infrastructure. After the takedown, 6.43M email addresses were provided to HIBP to help notify victims of the malware.
• Chambersburg Area School District August 28, 2023 • [ ransomware, malware, education ] The Chambersburg Area School District published announces to have become yet another K-12 school district attacked by a ransomware gang.
• PennyMac Loan Services August 28, 2023 Sovos Compliance files notice of a data breach on behalf of PennyMac Loan Services, after the MOVEit breach resulted in an unauthorized access PennyMac customers' sensitive information.
• Italian region of Lazio August 28, 2023 • [ hack, misconfiguration, government ] A subdomain of the Italian region of Lazio (salute.lazio.it) is compromised to serve adult content.
• Sharonview Federal Credit Union August 28, 2023 • [ finance, hack ] Sharonview Federal Credit Union (Sharonview) files a notice of data breach after discovering that an unauthorized party was able to access an employee's email account.
• Forever 21 August 28, 2023 • [ hack, misconfiguration, retail ] Forever 21 clothing and accessories retailer sends data breach notifications to more than half a million individuals who had their personal information exposed to network intruders.
• Louis Garneau Sports August 28, 2023 • [ hack, malware, manufacturing ] Louis Garneau Sports discloses that it had found an "unauthorized code" on their systems.
• Topgolf Callaway August 28, 2023 • [ leak, retail ] Topgolf Callaway (Callaway) reveals to have suffered a data breach at the start of August, which exposed the sensitive personal and account data of more than a million customers.
• Keenan & Associates August 27, 2023 Keenan & Associates sends notices of a data breach to 1.5 million customers, warning that threat actors accessed their personal information in a recent cyberattack.
• Undisclosed contractor of the UK Met Police August 27, 2023 An IT contractor of the UK Met Police is hit with a cyber attack exposing the personal information of 47,000 officers and staff.
• Balancer August 27, 2023 • [ financial, finance ] A hacker steals $900,000 from decentralized finance protocol Balancer, days after the company had warned that a vulnerability - the one the hacker exploited - could put user funds at risk.
• FANAP Behnama August 27, 2023 The GhostSec hacktivist group claims to have breached the FANAP Behnama software, Iran regime's very own privacy-invading software, xposing 20GB of data including face recognition and motion detection systems that it says are used by the Iranian government to monitor and track its people.
• Jasper High School August 26, 2023 • [ ransomware, malware, education ] The Akira ransomware group adds the Jasper High School to its list of victims.
• University of Michigan August 26, 2023 • [ hack, ddos, education ] The University of Michigan takes all of its systems and services offline to deal with a cybersecurity incident, causing a widespread impact on online services the night before classes started.
• Edmonds School District August 26, 2023 • [ ransomware, malware, education ] The Akira ransomware group adds the Edmonds School District to its list of victims.
• Associates in Pediatric Dentistry August 25, 2023 • [ hack, phishing, healthcare ] Associates in Pediatric Dentistry announces that unauthorized individuals gained access to certain employee email accounts that contained patient information.
• Oswaldo Cruz Foundation (Fiocruz) August 25, 2023 • [ ransomware, malware, healthcare ] The NoEscape ransomware gang claims responsibility for a cyber attack to Oswaldo Cruz Foundation (Fiocruz).
• WebDetetive August 25, 2023 WebDetetive, a spyware vendor in South America, is breached by hackers who manage to scrape user data before deleting devices from the company's network.
• Amic Energy August 25, 2023 • [ hack, ddos, energy ] The Pro-Russia Killnet group claims responsibility for a DDoS attack against three major gas station networks in Ukraine.
• Bahamas Medical & Surgical Supplies August 25, 2023 • [ ransomware, malware, manufacturing ] The 8Base ransomware group adds Bahamas Medical & Surgical Supplies to the list of victims.