Portend Breaches

Bassett Furniture Industries July 15, 2024 • [ ransomware, malware, manufacturing ] Bassett Furniture Industries says it shut down some of its information technology systems after it discovered a ransomware attack.

Edward Flynn, LMHC July 15, 2024 A breach to Edward Flynn, LMHC affects 575,000 residents in Massachusetts.

Repligen Corporation July 15, 2024 • [ ransomware, malware, manufacturing ] Bioprocessing company Repligen Corporation suffers an INC ransomware attack.

2024 Summer Olympics July 15, 2024 U.S. and Israeli cybersecurity agencies attribute the Iranian cyber group Emennet Pasargad to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel's participation in the sporting event.

Fractal ID July 14, 2024 • [ hack, misconfiguration, technology ] Web3 identity solutions provider Fractal ID reveals that a threat actor recently managed to exfiltrate data belonging to 6,300 users or 0.5% of its user base after compromising credentials for an operator account that had admin privileges.

Disney July 13, 2024 A self-proclaimed hacktivist group named NullBulge, aiming to protect artists rights and ensure fair compensation for their work, claims to have breached Disney and leaks 1.2 TB of the companys internal Slack infrastructure.

Undisclosed victim July 13, 2024 Scam Sniffer reports that a crypto scammer returned $9.27 million in stablecoins to a victim, after stealing $24.23 million in various crypto assets (38.26% of the total stolen amount)

Betances Health Center July 12, 2024 • [ ransomware, malware, healthcare ] The ransomware group Hunters International adds Betances Health Center in New York to their leak site.

Dough Finance July 12, 2024 Decentralized finance protocol Dough Finance loses $1.8 million in digital assets after threat actors executed a flash loan attack.

AT&T July 12, 2024 • [ leak, misconfiguration, technology ] AT&T warns of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its mobile customers, from an online database on the company's Snowflake account.

Rite Aid July 12, 2024 • [ ransomware, malware, healthcare ] Pharmacy giant Rite Aid confirms a data breach after suffering a cyberattack in June, which was claimed by the RansomHub ransomware operation. The breach impacts 2.2 million customers.

Undisclosed LATAM Airline July 11, 2024 • [ ransomware, malware ] Researchers from Blackberry reveal the details of a cyberattack carried out by the Akira ransomware group targeting a Latin American airline, carried out likely exploiting the Veeam backup server vulnerability CVE-2023-27532.

Sibanye-Stillwater July 11, 2024 • [ ransomware, malware, healthcare ] Mining giant Sibanye-Stillwater, one of the worlds biggest producers of platinum and gold, reveals that its global IT systems have suffered a cyberattack. The BlackSuit ransomware gang claims responsibility for the attack.

mSpy July 11, 2024 A data breach at the Zendesk customer support site of the phone surveillance operation mSpy exposes millions of its customers who bought access to the phone spyware app over the past decade, as well as the Ukrainian company behind it, Brainstack.

At least five Macau government websites July 11, 2024 • [ hack, ddos, government ] At least five Macau government websites are knocked offline by suspected foreign hackers for almost an hour.

Clay County July 11, 2024 • [ ransomware, malware, government ] Clay County, Indiana files a local disaster declaration following a ransomware attack.

The Heritage Foundation July 11, 2024 • [ hack, government ] The hacktivist group SiegedSec claims responsibility for a data breach at the Heritage Foundation, stealing details of a potentially controversial Project 2025.

Lulu Hypermarket July 10, 2024 • [ leak, retail ] Lulu Hypermarket experiences a data breach, exposing over 200,000 customer records. The attack, claimed by IntelBroker, includes personal details such as email addresses and phone numbers. The full database, allegedly containing millions of user and order details, might be leaked in the future.

Undisclosed third-party contractor of Nokia and Microsoft July 10, 2024 A threat actor known as 888 leaks the personal and contact details of thousands of Nokia and Microsoft employees on the notorious cybercrime platform, Breach Forums. According to the attacker, both leaks resulted from data breaches at a third-party contractor.

General Motors July 9, 2024 • [ hack, brute-force, manufacturing ] General Motors (GM) suffers what appears to be a credential stuffing attack, affecting 65 GM MyAccounts.

Recent Breaches