MedExHCO
April 22, 2023
•[ ransomware, malware, finance ]
The Cl0p ransomware gang claims to have hacked MedExHCO, allegedly exfiltrated exploiting the CVE-2023-0669 Fortra GoAnywhere MFT Vulnerability.
Multiplan
April 22, 2023
•[ ransomware, malware, finance ]
The Cl0p ransomware gang claims to have hacked Multiplan, allegedly exfiltrated exploiting the CVE-2023-0669 Fortra GoAnywhere MFT Vulnerability.
Murfreesboro Medical Clinic & SurgiCenter
April 22, 2023
•[ hack, healthcare ]
Murfreesboro Medical Clinic & SurgiCenter is forced offline after a cyberattack.
Cementos Progreso
April 21, 2023
•[ ransomware, leak, malware ]
Cementos Progreso is added to BlackCat's ransomware leak site. As proof, they offer some samples with internal documents.
Logistica Integrada Sulamericana (LISA)
April 21, 2023
•[ ransomware, malware ]
Logistica Integrada Sulamericana (LISA) is listed in the BlackCat's ransomware leak site.
Robeson Health Care Corporation
April 21, 2023
•[ hack, malware, healthcare ]
Robeson Health Care Corporation files a notice of data breach after learning that confidential patient data was accessed by an unauthorized party following a malware attack.
Seguros la Occidental
April 21, 2023
•[ ransomware, malware, finance ]
Seguros la Occidental, a Venezuelan insurer that offers general and life insurance products, is added to BlackCat's ransomware leak site with samples containing 27 screenshots of images of various insurance company documents that included ID cards.
Saville Row
April 21, 2023
•[ ransomware, leak, malware ]
Saville Row, a Chilean clothing store, is added to BlackCat's ransomware leak site.
Undisclosed critical infrastructure organization in the United States
April 21, 2023
•[ hack, malware, energy ]
Researchers from Symantec/Broadcom reveal that the software supply chain attack that led to last month's 3CX breach has also impacted at least several critical infrastructure organizations in the United States and Europe.
Atrium Health Wake Forest Baptist
April 20, 2023
•[ social, phishing, healthcare ]
Atrium Health Wake Forest Baptist announces that patient information was stored in an employee email account that was accessed by unauthorized individuals as a result of the employee being tricked by a phishing email.
Unknown Organization
April 20, 2023
•[ hack, malware, government ]
Even a Brazilian state government website (semed.capital.ms.gov.br) is observed serving Fortnite spam within the same campaign.
University of Massachusetts Amherst
April 20, 2023
Security researchers observe websites of multiple U.S. universities, including Stanford, MIT, Berkeley, UMass Amherst, Northeastern, Caltech, serving Fortnite and 'gift card' spam.
RentoMojo
April 20, 2023
•[ leak, retail ]
Indian start-up furniture rental platform RentoMojo discloses a data breach impacting over 150,000 subscribers.
Peachtree Orthopedics
April 20, 2023
•[ ransomware, malware, healthcare ]
Peachtree Orthopedics posts a notice of data breach on the company's website after determining that an unauthorized party had gained access to its computer network. The Karakurt ransomware gang claims responsibility for the attack.
3CX
April 20, 2023
•[ espionage, malware, technology ]
Researchers from Mandiant reveal that the 3CX supply chain attack was caused by another supply chain compromise where suspected North Korean attackers breached the site of stock trading automation company Trading Technologies to push trojanized software builds.
Europa
April 20, 2023
•[ hack, misconfiguration, government ]
Even the Europa.eu website is observed serving Fortnite spam within the same campaign.
Rubino & Company
April 19, 2023
Rubino & Company files a notice of data breach after learning that confidential consumer information stored on the company's IT network was subject to unauthorized access.
EUROCONTROL
April 19, 2023
•[ hack, government ]
Europe's air-traffic control agency EUROCONTROL announces to be under attack from the Killnet pro-Russian attackers.
IMA Financial Group
April 19, 2023
•[ leak, finance ]
IMA Financial Group files a notice of data breach after experiencing a data security incident resulting in confidential consumer data being made accessible to an unauthorized party.
Coldiretti
April 19, 2023
•[ ransomware, malware ]
Coldiretti, the Italian organization of agricultural entrepreneurs, suffers a Play ransomware attack.