Full List

Search

Recent Breaches

• Idaho State Board of Education July 14, 2023 • [ leak, sqlinjection, education ] The Idaho State Board of Education posts a notice of data on its website after learning that two of the Board's vendors, the Teachers Insurance and Annuity Association ("TIAA") and the National Student Clearinghouse ("NSC"), experienced data breaches related to the file-transfer software MOVEit.
• Sunflower Bank July 14, 2023 Sunflower Bank files a notice of data breach after discovering that the MOVEit file transfer program used by the bank, contained a critical vulnerability allowing hackers to access confidential customer information.
• Citta� Nuova July 14, 2023 The Rhysida ransomware gangs hits Citta Nuova, an Italian publishing house.
• Hillsborough County July 14, 2023 Hillsborough County is impacted in the MOVEit CVE-2023-34362 vulnerability, and more than 70,000 residents are affected.
• Teachers Insurance and Annuity Association of America (TIAA) July 14, 2023 Teachers Insurance and Annuity Association of America (TIAA) files a notice of data breach after discovering to have been hit by the MOVEit CVE-2023-34362 vulnerability.
• Citta� Nuova July 14, 2023 • [ ransomware, publishing, data breach ] The Rhysida ransomware gangs hits Citta Nuova, an Italian publishing house.
• Norwegian Refugee Council (NRC) July 13, 2023 • [ hack, government ] The Norwegian Refugee Council (NRC) announces that it recently discovered a cyberattack targeting an online database that stores the personal information of project participants.
• Sun Life Assurance Company of Canada (Sun Life) July 13, 2023 • [ hack, misconfiguration, finance ] Sun Life Assurance Company of Canada (Sun Life) posts a notice on its website revealing to have been hit by the CVE-2023-34362 MOVEit vulnerability.
• Colorado State University July 12, 2023 The Colorado State University confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
• Guarantee Trust Life Insurance Company July 12, 2023 • [ hack, phishing, finance ] Guarantee Trust Life Insurance Company files a notice of data breach after determining that an unauthorized party accessed an employee's email account that contained confidential consumer information.
• Konen & Associates, doing business as Unified Pain Management July 12, 2023 Konen & Associates, doing business as Unified Pain Management notifies about an email account breach involving at least 500 records.
• Mary Kay Corporation July 12, 2023 • [ ransomware, malware, retail ] Mary Kay Corporation is added to the list of the victims of the Clop ransomware gang exploiting the CVE-2023-34362 vulnerability.
• NASCO July 12, 2023 NASCO files a notice of data breach after discovering that the vulnerability within MOVEit resulted in an unauthorized party being able to access certain information in the company's possession.
• Sovos Compliance July 12, 2023 Sovos Compliance files a notice of data breach after discovering that MOVEit, the file transfer software used by Sovos, contained a critical vulnerability allowing an unauthorized party to download confidential consumer data provided to Sovos.
• Town of Cornelius July 12, 2023 • [ ransomware, malware, government ] The Town of Cornelius, North Carolina, is dealing with delayed or unavailable services after a ransomware attack.
• Sigrist, Cheek, Potter & Huyser July 11, 2023 • [ hack, phishing, finance ] Sigrist, Cheek, Potter & Huyser (SCP&H) files a notice of data breach after discovering that an unauthorized party gained access to the companys email system and cloud-based storage site.
• American National Insurance Company July 11, 2023 • [ leak, sqlinjection, finance ] American National Insurance Company confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
• Hamilton College July 11, 2023 • [ hack, sqlinjection, education ] The Hamilton College confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
• Kansas Medical Center July 11, 2023 • [ ransomware, leak, malware ] The 8Base ransomware gang claims to have attacked Kansas Medical Center and threaten to publish the data as a leak on July 15.
• Multichain July 11, 2023 • [ financial, finance ] Multichain suffers an additional $103 million loss of crypto assets despite it is not clear if the loss is the result of a cyber attack or a rug pull.