-
Northwestern Mutual
July 22, 2023
Sovos Compliance files a notice of data breach on behalf of Northwestern Mutual after discovering that the secure file transfer program used by Sovos contained a vulnerability resulting in an unauthorized party being able to access files on the company's MOVEit server.
-
CoinsPaid
July 22, 2023
Estonian crypto-payments service provider CoinsPaid announces that it experienced a cyber attack that resulted in the theft of $37,200,000 worth of cryptocurrency, blaming the attack on the North Korean hacking group Lazarus.
-
Lake Sumter Community College
July 21, 2023
•
[ leak, sqlinjection, healthcare ]
The Lake Sumter Community College confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability against the National Student Clearinghouse.
-
State University of New York at Fredonia (SUNY Freedonia)
July 21, 2023
The State University of New York at Fredonia (SUNY Freedonia) confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability against the National Student Clearinghouse.
-
American United Life Insurance
July 21, 2023
American United Life Insurance Company files a notice of data breach after discovering that confidential consumer information in the company's care was subject to unauthorized access.
-
Regione Umbria
July 21, 2023
•
[ hack, ddos, government ]
The institutional webistes of the Italian region of Umbra are hit with a DDoS attack.
-
St. Petersburg College
July 21, 2023
•
[ leak, sqlinjection, education ]
The St. Petersburg College confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability against the National Student Clearinghouse.
-
University at Buffalo
July 21, 2023
•
[ leak, sqlinjection, education ]
The University at Buffalo confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability against the National Student Clearinghouse.
-
Yamaha Music Canada
July 21, 2023
•
[ ransomware, malware, retail ]
Yamaha Music Canada suffers a ransomware attack by the Akira group.
-
CareTree
July 21, 2023
•
[ hack, technology ]
CareTree files a notice of data breach after discovering that an unauthorized actor was able to access the CareTree platform
-
Bates Technical College
July 21, 2023
•
[ hack, sqlinjection, education ]
The Bates Technical College confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability against the National Student Clearinghouse.
-
MasTec
July 21, 2023
MasTec files a notice of data breach after discovering a MOVEit-related data breach at Delta Dental affected employees and dependents enrolled in the company's Care Opt Plus Group Benefits Plan For Hourly & Salaried Employees.
-
Olympic College
July 21, 2023
•
[ leak, sqlinjection, education ]
The Olympic College confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability against the National Student Clearinghouse.
-
See Tickets
July 21, 2023
•
[ financial, malware, retail ]
Ticketing services agency See Tickets notifies more than 300,000 individuals that their payment card data was stolen in a new web skimmer attack.
-
Conic Finance
July 21, 2023
•
[ financial, finance ]
Attackers exploit two separate vulnerabilities in as many days to steal more than $3.2 million from Conic Finance.
-
DHL
July 21, 2023
•
[ ransomware, malware ]
The United Kingdom arm of DHL is added to the list of the victims of the Clop ransomware gang exploiting the CVE-2023-34362 vulnerability.
-
Massachusetts Mutual Life (MassMutual)
July 21, 2023
Massachusetts Mutual Life (MassMutual) joins the list of the victims of the MOVEit CVE-2023-34362 exploitation by the Clop ransomware group.
-
Pacific Premier Bank
July 20, 2023
•
[ leak, sqlinjection, finance ]
Pacific Premier Bank files documents with the Securities and Exchange Commission describing a third-party data breach involving a vendor's use of MOVEit
-
-
Associated Press
July 20, 2023
The Associated Press warns of a data breach impacting AP Stylebook customers where the attackers used the stolen data to conduct targeted phishing attacks.
