Full List

Search

Recent Breaches

• Tucson Unified School District January 30, 2023 • [ ransomware, malware, education ] The Tucson Unified School District is hit with a Royal ransomware attack.
• Tesorer�a General de la Republica (TGR) January 30, 2023 • [ unauthorized access, hacking forum, credential sale ] Access to Tesorer''a General de la Rep''blica, the General Treasury of the Republic of Chile (TGR) may be up for sale on a popular hacking forum.
• Gazprom January 29, 2023 • [ hack, energy ] The IT Army of Ukraine claims to have accessed a 1.5 GB archive of files belonging to the Russian state-controlled energy giant, Gazprom.
• University Medical Center Groningen January 28, 2023 • [ hack, ddos, healthcare ] Dutch cyber authorities say that several hospital websites in the Netherlands and Europe were targeted by the pro-Kremlin hacking group Killnet with DDoS attacks because of their countries' support for Ukraine.
• Morgan Hill Unified School District January 27, 2023 Morgan Hill Unified School District in California discloses a breach that occurred when an employee's email account was accessed without authorization.
• Solar Industries India January 27, 2023 • [ ransomware, malware ] The BlackCat Ransomware gang added Solar Industries India to the list of victims published on its Tor leak site.
• Stroke Scan January 27, 2023 Stroke Scan files notice of a data breach \after learning that confidential consumer information stored on the company's computer network had been compromised.
• Verizon January 27, 2023 • [ leak, misconfiguration, technology ] IntelBroker leaks a database, allegedly from Verizon, for free, containing 7.5 million clients' records, only first names, device types (Apple or Android), and service plans. Verizon verified that the data leak was legitimate and originated from a vendor which creates videos to assist clients.
• South East Regional Health Authority (SERHA) January 26, 2023 • [ ransomware, malware, healthcare ] The South East Regional Health Authority (SERHA) in Jamaica is hit with a ransomware attack.
• Undisclosed third-party vendor January 26, 2023 • [ leak, technology ] Telecommunications company Charter Communications says one of its third-party vendors suffered from a security breach after data from the company showed up on a hacking forum.
• CommuteAir January 26, 2023 • [ leak, misconfiguration, government ] A U.S. No Fly list with over 1.5 million records of banned flyers and upwards of 250,000 'selectees' is shared publicly on a hacking forum.
• Guardian Analytics January 26, 2023 • [ leak, misconfiguration, finance ] Webster Bank files a notice of data breach after learning of a third-party data breach at Guardian Analytics, one of Webster Bank's vendors.
• Matco Tools Corporation January 26, 2023 • [ leak, manufacturing ] Matco Tools Corporation files notice of a data breach following a cybersecurity incident that leaked confidential consumer information that was in the company's possession.
• Eye4Fraud January 25, 2023 • [ hack, misconfiguration, technology ] In February 2023, data alleged to have been taken from the fraud protection service Eye4Fraud was listed for sale on a popular hacking forum. Spanning tens of millions of rows with 16M unique email addresses, the data was spread across 147 tables totalling 65GB and included both direct users of the service and what appears to be individuals who'd placed orders on other services that implemented Eye4Fraud to protect their sales. The data included names and bcrypt password hashes for users, and names, phone numbers, physical addresses and partial credit card data (card type and last 4 digits) for orders placed using the service. Eye4Fraud did not respond to multiple attempts to report the incident.
• Xavier University of Louisiana January 24, 2023 Xavier University of Louisiana (XULA) says it suffered a cyberattack compromising Social Security numbers and other personal information from more than 44,000 students and vendors.
• Municipal Court of Circleville, Ohio January 24, 2023 • [ ransomware, malware, government ] The Circleville Municipal Court is hit with a LockBit 3.0 ransomware attack.
• Puma January 24, 2023 • [ leak, retail ] Private data allegedly belonging to more than 230,000 Puma customers in Chile is found on a hacker forum.
• Planet Ice January 24, 2023 • [ hack ] The ice rink operator Planet Ice suffers a data breach, and approximately 200,000 people have their details stolen.
• Duolingo January 24, 2023 • [ leak, misconfiguration, education ] In August 2023, 2.6M records of data scraped from Duolingo were broadly distributed on a popular hacking forum. Obtained by enumerating a vulnerable API, the data had earlier appeared for sale in January 2023 and contained email addresses, names, the languages being learned, XP (experience points), and other data related to learning progress on Duolingo. Whilst some of the data attributes are intentionally public, the ability to map private email addresses to them presents an ongoing risk to user privacy.
• A10 Networks January 23, 2023 • [ ransomware, malware, manufacturing ] The California-based networking hardware manufacturer A10 Networks confirms that the Play ransomware gang briefly gained access to its IT infrastructure and compromised data.