-
Sirius Federal
July 31, 2023
•
[ hack, technology ]
Sirius Federal files a notice of data breach after discovering that files stored on the companys IT network were subject to unauthorized access.
-
McAlester Regional Health Center
July 31, 2023
•
[ ransomware, malware, healthcare ]
The McAlester Regional Health Center is targeted by the Karakurt ransomware group claiming to have stolen over 126GB of data from the facility, including a swath of DNA patient records to be auctioned off to the highest bidder.
-
K&K Glass
July 31, 2023
•
[ hack, automotive ]
K&K Glass, part of Auto Glass Now, files a notice of data breach after discovering that an unauthorized party was able to access the company's IT network.
-
Bluegrass Care Navigators
July 31, 2023
Hospice of the Bluegrass, doing business as Bluegrass Care Navigators, discover that an unauthorized third party has gained access to the email account of one of its employees.
-
Tecnova Group
July 31, 2023
•
[ leak, technology ]
Tecnova Group suffers a cyber attack leading to the exfiltration of 7GB of data, of which 800MB are leaked.
-
Kenya's eCitizen Portal
July 31, 2023
•
[ hack, ddos, government ]
Kenya's eCitizen Portal suffers a huge DDoS attack that affects services on the key government online platform eCitizen for almost a week.
-
Offtec
July 31, 2023
•
[ espionage, malware, technology ]
Researchers from Deep Instinct discover a new campaign from the "MuddyWater" group targeting Offtec, a Jordanian conglomerate using MuddyC2Go, a new C2 Framework.
-
BAZAN Group
July 30, 2023
Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group's cyber systems.
-
MetronomeDAO
July 29, 2023
Decentralized Finance (DeFi) platform Alchemix is also victim of a theft of crypto assets exploiting the vulnerability in the Vyper language.
-
Curve Finance
July 29, 2023
Decentralized Finance (DeFi) platform Curve Finance says in a post-mortem that at least $61 million worth of cryptocurrency was stolen from the platform through a vulnerability in the Vyper language.
-
Ellipsis
July 29, 2023
Decentralized Finance (DeFi) platform Ellipsis is also victim of a theft of crypto assets exploiting the vulnerability in the Vyper language.
-
Brighthouse Financial
July 29, 2023
•
[ hack, sqlinjection, finance ]
Brighthouse Financial confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
-
United HealthCare Services
July 28, 2023
United Healthcare Services files a notice of data breach. As a result of the incident, an unauthorized party was able to access sensitive information belonging to 398,319 individuals.
-
BankCard USA
July 28, 2023
•
[ ransomware, malware, finance ]
BankCard USA pays a $50,000 ransom to the Black Basta group after suffering a ransomware attack.
-
Teachers Retirement System of Georgia
July 28, 2023
Teachers Retirement System of Georgia (TRS) posts a notice of data breach after discovering that PBI Research Services (PBI), a third-party vendor used by TRS, experienced a data breach related to the company's use of MOVEit.
-
Wojeski & Company
July 28, 2023
•
[ ransomware, phishing, data leak ]
NY AG says Wojeski suffered a phishing-led ransomware incident that locked access to files, followed by a second breach when a vendors employee improperly accessed and exfiltrated client data. Notifications lagged by over a year. Settlement requires encryption, inventorying locations of personal data, stronger access controls, vulnerability management, and a formal IR plan; $60,000 penalty and credit monitoring for affected New Yorkers.
-
Fidelity Life Association
July 27, 2023
•
[ hack, finance ]
Fidelity Life Association files a notice of data breach after discovering that confidential consumer information that had been entrusted to the company was subject to unauthorized access.
-
LifeWorks Wellness Center
July 27, 2023
•
[ hack, healthcare ]
LifeWorks Wellness Center recently reports a data breach that has affected 17,000 patients, after attackers gained access to its internal file system.
-
T. Rowe Price Retirement Plan Services
July 27, 2023
•
[ hack, sqlinjection, finance ]
T. Rowe Price Retirement Plan Services files a notice of data breach after discovering that hackers accessed a MOVEit server belonging to Pension Benefit Information (PBI), one of TRP's third-party vendors.
-
IMX Medical Management Services
July 27, 2023
•
[ hack, malware, healthcare ]
IMX Medical Management Services confirms that malware was found on a laptop computer that potentially allowed unauthorized individuals to access the protected health information of 7,594 individuals
