-
White Settlement Independent School District
February 28, 2023
•
[ ransomware, malware, education ]
LockBit adds White Settlement Independent School District in Texas to their leak site, with a proof pack that suggests that the threat actors were able to access and may have exfiltrated a lot of files.
-
Pierce Transit
February 27, 2023
•
[ ransomware, malware, government ]
Pierce Transit discloses to have been hit with a LockBit 3.0 ransomware attack.
-
LastPass
February 27, 2023
LastPass discloses more information on a "coordinated second attack," where a threat actor accessed and stole data from the Amazon AWS cloud storage servers for over two months.
-
U.S. Marshals Service (USMS)
February 27, 2023
•
[ ransomware, malware, government ]
The U.S. Marshals Service (USMS) is investigating the theft of sensitive law enforcement information following a ransomware attack that has impacted what it describes as "a stand-alone USMS system."
-
Pipefitters Local 537
February 27, 2023
•
[ financial, healthcare ]
A cyberattack on Pipefitters Local 537, a Boston-based labor union's health fund, results in the loss of $6.4 million.
-
CityJerks
February 27, 2023
•
[ hack, leak ]
In early 2023, the "mutual masturbation" website CityJerks suffered a data breach that exposed 177k unique email addresses. The breach also included data from the TruckerSucker "dating app for REAL TRUCKERS and REAL MEN" with the combined corpus of data also exposing usernames, IP addresses, dates of birth, sexual orientations, geo locations, private messages between members and passwords stored as salted MD5 hashes. The data was listed on a public hacking site and provided to HIBP by a source who requested it be attributed to "discord.gg/gN9C9em".
-
Tennessee State University (TSU)
February 26, 2023
•
[ ransomware, malware, education ]
Tennessee State University (TSU) posts a "Notice of Suspicious Network Activity" after the institution experienced what it believes to have been a ransomware attack.
-
Nine Danish hospitals
February 26, 2023
•
[ hack, ddos, healthcare ]
A series of distributed-denial-of-service (DDoS) attacks shut down nine Danish hospitals' websites for a few hours, but did not have any life-threatening impact on the medical centers' operations or digital infrastructure.
-
TheGradCafe
February 26, 2023
•
[ leak, education ]
In February 2023, the grad school admissions search website TheGradCafe suffered a data breach that disclosed the personal records of 310k users. The data included email addresses, names and usernames, genders, geographic locations and passwords stored as bcrypt hashes. Some records also included physical address, phone number and date of birth. TheGradCafe did not respond to multiple attempts to disclose the breach.
-
Baldor Specialty Foods
February 25, 2023
•
[ hack ]
Baldor Specialty Foods files a notice of data breach after a malicious actor carried out a cyberattack against the company resulting in confidential consumer information being compromised.
-
LCS Financial Services
February 25, 2023
•
[ hack, finance ]
LCS Financial Services files a notice of data breach after discovering that hackers were able to access the company's computer system.
-
Southeastern Louisiana University (SLU)
February 25, 2023
Southeastern Louisiana University (SLU) posts notice of a potential data breach after certain SLU systems were down in response to what the school characterized as a "Temporary Network and System Disruption." The BianLian ransomware gang claims responsibility for the attack.
-
Dish Network
February 25, 2023
•
[ ransomware, malware, technology ]
American TV giant and satellite broadcast provider, Dish Network confirms that a ransomware attack was the cause of a multi-day network and service outage.
-
Phished Data via CERT Poland
February 25, 2023
In August 2023, CERT Poland observed a phishing campaign that collected credentials from 68k victims. The campaign collected email addresses and passwords via a phishing email masquerading as a purchase order confirmation. CERT Poland identified a further 202 other phishing campaigns operating on the same C2 server, which has now been dismantled.
-
Empresa Distribuidora Del Este (EdeEste)
February 24, 2023
•
[ ransomware, malware, energy ]
The Empresa Distribuidora Del Este (EdeEste), an electricity distribution firm, is named on BlackCat's ransomware leak site. The group claims to have 420 GB of information from the company.
-
Advanced Health Media (AHM)
February 24, 2023
•
[ hack, misconfiguration, healthcare ]
Advanced Health Media (AHM) files a notice of data breach after learning that an unauthorized party was able to access certain company servers that stored confidential consumer data.
-
Minneapolis Public Schools
February 24, 2023
•
[ ransomware, malware, education ]
Minneapolis Public Schools reveals to be experiencing technical difficulties due to an encryption event due to a ransomware attack.
-
Zurcal
February 24, 2023
•
[ ransomware, malware, energy ]
The Zurcal group, which belongs to the energy saving and efficiency sector, is named by the Stormous ransomware group in its Telegram channel.
-
Encino Energy
February 24, 2023
•
[ ransomware, malware, energy ]
Encino Energy, one of the largest private natural gas and oil producers in the U.S., said it has investigated and remediated a recent cyberattack allegedly carried out by the BlackCat ransomware gang.
-
Undetermined
February 24, 2023
•
[ ransomware, malware, finance ]
ncora Sistemas de Fixa a company specializing in the manufacture and marketing of fasteners for civil construction, is added to the Royal gang's leak site with 88 GB uploaded to the site at the same time.