Full List

Search

Recent Breaches

• Undisclosed energy company in the U.S. May 31, 2023 • [ social, phishing, energy ] Researchers from Cofense discover a phishing campaign was observed targeting a notable energy company in the US, employing QR codes to slip malicious emails into inboxes and bypass security.
• UnitedHealthcare Student Resources May 31, 2023 UnitedHealthcare Student Resources (Student Resources) files a notice of data breach after discovering that an unauthorized party was able to access confidential information stored on the organization's MOVEit server.
• Quorum Federal Credit May 31, 2023 Quorum Federal Credit Union files a notice of data breach after discovering that a vulnerability within the file transfer software MOVEit resulted in an unauthorized party being able to access confidential customer data.
• JD Group May 31, 2023 In May 2023, the South African retailer JD Group announced a data breach affecting a number of their online assets including Bradlows, Everyshop, HiFi Corp, Incredible (Connection), Rochester, Russells, and Sleepmasters. The breach exposed over 520k unique customer records including names, email and physical addresses, phone numbers and South African ID numbers.
• Belgian State Security Service (VSSE) May 31, 2023 • [ data leak, nation-state attack, vulnerability exploit ] China-linked threat actors compromised VSSEs Barracuda Email Security Gateway between February 2021 and May 2023, exfiltrating around 10% of all staff email communications and employee personal data. No encryption or operational disruption was reported.
• Hillman Group May 30, 2023 • [ hack, manufacturing ] The Hillman Group files a notice of data breach after discovering that an unauthorized party gained access to the company's computer network.
• MHMR Authority of Brazos Valley May 30, 2023 • [ ransomware, malware, healthcare ] The MHMR Authority of Brazos Valley reveals to have suffered a Hive ransomware attack.
• Global Atlantic Financial Group May 30, 2023 • [ leak, sqlinjection, finance ] Global Atlantic Financial Group files a notice of data breach after discovering the MOVEit-related data breach at Pension Benefit Information.
• Greece's online examination platform May 30, 2023 • [ hack, education ] End-of-year high school exams in Greece are disrupted by "one of the most extensive cyberattacks in the country's history," according to the country's Education Ministry.
• Unknown Organization May 30, 2023 • [ leak, retail ] A user dubbed fibonacci leaks the entire database (364,000 records) of Italia Militare, an e-commerce portal for military goods.
• Jefferson County Health Center May 30, 2023 • [ ransomware, malware, healthcare ] Jefferson County Health Center reveals that unauthorized individuals gained access to its network between April 04, 2023, and May 30, 2023, and may have obtained files containing patients' protected health information. The Karakurt ransomware gang claims responsibility for the attack.
• University of Texas Southwestern Medical Center (UTSW) May 30, 2023 • [ leak, misconfiguration, healthcare ] Reports begin to emerge about a MOVEit data breach at the University of Texas Southwestern Medical Center (UTSW) resulting in an unauthorized party being able to access patients' sensitive information.
• University of Waterloo May 30, 2023 • [ ransomware, malware, education ] Canada's University of Waterloo confirms to be dealing with a ransomware attack on its email system.
• Meadville Medical Center May 30, 2023 • [ hack, healthcare ] Meadville Medical Center confirms that it was affected by the MOVEit Transfer hacks
• Offices of Iranian President Ebrahim Raisi May 29, 2023 A trove of documents, images and videos from the offices of Iranian President Ebrahim Raisi are posted online and appear to be authentic.
• Skolkovo Foundation May 29, 2023 • [ hack, education ] Hacktivists from Ukraine breach the systems of Skolkovo Foundation, the agency which oversees the high-tech business area located on the outskirts of Moscow. According to Skolkovo's statement, the hackers managed to gain limited access to certain information systems of the organization, including its file hosting service on physical servers.
• Chilean Army May 29, 2023 • [ ransomware, malware, government ] Threat actors behind a recently surfaced ransomware operation known as Rhysida have leak online what they claim to be documents stolen from the network of the Chilean Army.
• RaidForums May 29, 2023 A database for the notorious RaidForums hacking forums is leaked online in the Exposed forum.
• Polish Credentials May 29, 2023 • [ leak, malware ] In May 2023, a credential stuffing list of 6.3M Polish email address and password pairs appeared on a local forum. Likely obtained by malware running on victims' machines, each record included an email address and plain text password alongside the website the credentials were used on. The data included 1.2M unique email addresses.
• BCC Credito Cooperativo May 28, 2023 • [ hack, ddos, finance ] The pro-Russian group NoName057(16) takes down the website of the Italian Bank BCC Credito Cooperativo.