-
Unnamed federal civilian executive branch (FCEB) agency
March 15, 2023
The CISA, FBI, and MS-ISAC reveal that a U.S. federal agency's Microsoft Internet Information Services (IIS) web server was hacked by exploiting a critical .NET deserialization vulnerability in the Progress Telerik UI for ASP.NET AJAX component.
-
Harding, Shymanski & Company
March 15, 2023
Harding, Shymanski & Company files a notice of data breach after learning that an employee's credentials were used to access customer 2021 tax returns, leading to fraudulent 2022 tax returns being filed on behalf of certain patients.
-
Kroger Postal Prescription Services
March 15, 2023
•
[ leak, misconfiguration ]
Kroger Postal Prescription Services (Kroger PPS) files a notice of data breach after learning that confidential consumer information in the company's possession was subject to unauthorized access.
-
Retirement Clearinghouse
March 15, 2023
Retirement Clearinghouse files a notice of data breach after learning that an unauthorized party had gained access to an employee email account that contained confidential information pertaining to certain individuals.
-
Autoridad de Acueductos y Alcantarillados (AAA)
March 15, 2023
•
[ ransomware, malware, government ]
Autoridad de Acueductos y Alcantarillados (AAA) confirms it suffered a ransomware attack. The attack reportedly affects AAA's electronic customer service systems.
-
HLA Grupo Hospitalario
March 15, 2023
•
[ leak, healthcare ]
A forum user on BreachForums lists data from the HLA Grupo Hospitalario in Spain for sale. The listing advertises 45,000 patient records and information on 1,600 doctors, with samples provided of each.
-
Municipality of Taggia
March 15, 2023
•
[ hack, government ]
The Municipality of Taggia in Italy is hit with a cyber attack.
-
Poolz Finance
March 15, 2023
•
[ financial, finance ]
An attacker steals $390,000 from cross-chain platform Poolz Finance
-
United Home Loans
March 15, 2023
•
[ hack, finance ]
United Home Loans (UHL) files a notice of data breach after discovering that what appeared to be suspicious activity on its computer network turned out to be a cyberattack.
-
Merritt Healthcare Advisors
March 15, 2023
•
[ social, phishing, finance ]
Merritt Healthcare Advisors reports a phishing attack that exposed the data of some of its healthcare clients.
-
MediaWorks
March 15, 2023
In March 2024, millions of rows of data from the New Zealand media company MediaWorks was publicly posted to a popular hacking forum. The incident exposed 163k unique email addresses provided by visitors who filled out online competitions and included names, physical addresses, phone numbers, dates of birth, genders and the responses to questions in the competition. Some victims of the breach subsequently received ransom demands requesting payment to have their data deleted.
-
Maximum Industries
March 14, 2023
•
[ ransomware, malware, manufacturing ]
The LockBit ransomware group claims to have stolen valuable SpaceX files after breaching the systems of piece part production company Maximum Industries.
-
Mobile banking users of PagBank
March 14, 2023
Researchers from Cyble discover GoatRAT, an Android banking Trojan targeting Brazilian banks.
-
PetroVietnam
March 14, 2023
•
[ leak, energy ]
Kernelware postes data from PetroVietnam, a state-owned oil and gas group.
-
PharMerica
March 14, 2023
•
[ hack, healthcare ]
PharMerica, one of the largest pharmacy service providers in the United States has confirmed that hackers accessed the personal data of almost six million patients.
-
Rubrik
March 14, 2023
Cybersecurity company Rubrik confirms that its data was stolen using a zero-day vulnerability in the Fortra GoAnywhere secure file transfer platform.
-
Undisclosed supplier
March 14, 2023
•
[ leak, manufacturing ]
A threat actor leaks some data allegedly stolen from the Italian engineering company Fincantieri. A subsequent analysis reveals that the data was stolen from a third party.
-
Essen Medical Associates
March 14, 2023
•
[ hack, healthcare ]
Essen Medical Associates (Essen Health Care) files a notice of data breach after discovering that an unauthorized party accessed the company's IT network.
-
Bitrue
March 14, 2023
•
[ financial, finance ]
Singapore-based cryptocurrency trading platform Bitrue says that $23 million was stolen from one of its own digital wallets.
-
Diplomatic entities and government agencies in Eastern Europe
March 14, 2023
•
[ espionage, phishing, government ]
Researchers from BlackBerry reveal that the Russian state-backed group known as Nobelium is behind recent attempted cyberattacks on diplomatic entities and government agencies in the European Union via phishing emails with a malicious document attached, using the Polish Foreign Minister's recent visit to the US as a lure.
