Portend Breaches

Victorian Freight Specialists June 4, 2024 • [ hack ] The threat actor known as GhostR claims to have stolen data from Australian logistics company Victorian Freight Specialists.

Spytech June 4, 2024 In July 2024, spyware maker Spytech suffered a data breach that exposed data collected as recently as the previous month. Designed to "invisibly record everything users do", the breach exposed information related to both purchasers and targets of the product. Target data collection (and subsequent exposure) included the infected computer name, browsing history, applications used, usernames of authenticated users, keywords being monitored, file operations (creation and deletion), computer usage times and email addresses, often captured within the spyware's logs. The data also included the names, purchases and md5 password hashes of purchasers.

Multiple organizations June 3, 2024 • [ hack, malware, technology ] A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches is added to the Have I Been Pwned data breach notification service.

Verny June 3, 2024 • [ hack, retail ] Verny, a popular Russian discount retail chain with over 1,000 stores nationwide is hit by a cyberattack over the weekend that disrupts its services for several days.

Official Microsoft India account on X (formerly Twitter) June 3, 2024 • [ financial, hack, phishing ] The official Microsoft India account on X (formerly Twitter), with over 211,000 followers, is hijacked by cryptocurrency scammers to impersonate Roaring Kitty, the handle used by notorious meme stock trader Keith Gill.

Gemini June 3, 2024 • [ hack, finance ] Cryptocurrency exchange Gemini warns it suffered a data breach incident caused by a cyberattack at its Automated Clearing House (ACH) service provider, whose name was not disclosed.

Nidec Corporation June 3, 2024 • [ ransomware, malware, manufacturing ] Nidec Corporation informs that threat actors behind a ransomware attack it suffered earlier this year stole data and leaked it on the dark web.

Special Health Resources June 2, 2024 • [ ransomware, malware, healthcare ] Special Health Resources suffers a BlackSuit ransomware attack.

Germany's Christian Democratic Union June 1, 2024 • [ hack, misconfiguration, government ] Germany's Christian Democratic Union (CDU), the country's leading opposition party, is hit by a major cyberattack and has taken parts of its IT-infrastructure off the grid as a precautionary measure. According to sources, the attackers exploited the CVE-2024-24919 Check Point vulnerability.

Allendale Long-Term Care Home June 1, 2024 A cybersecurity incident involving third-party software at Allendale Long-Term Care Home in Milton exposes personal electronic health records from 2005 to this summer.

Hugging Face May 31, 2024 • [ hack, technology ] AI platform Hugging Face says that its Spaces platform was breached, allowing threat actors to access authentication secrets for its members.

DMM Bitcoin May 31, 2024 The Japanese cryptocurrency exchange DMM Bitcoin announces that threat actors stole 4,502.9 Bitcoin (BTC), approximately $304 million (48.2 billion yen), from the its wallets.

Billericay School May 31, 2024 • [ hack, malware, education ] The Billericay School is hit with a malware attack.

Polish Press Agency May 31, 2024 • [ espionage, government ] Polish prosecutors investigate a suspected Russian cyberattack on the countrys state news agency Polish Press Agency (PAP) spreading disinformation with fake news claiming the countrys authorities had announced a partial mobilization of 200,000 men who were to be sent to fight in a war in Ukraine.

Tibet Post and Gyudmed Tantric University May 31, 2024 • [ espionage, malware, education ] Researchers at Recorded Future reveal that the Chinese state-sponsored threat group TAG-112 compromised two Tibetan websites, Tibet Post and Gyudmed Tantric University, to deliver the Cobalt Strike malware

Ticketek May 31, 2024 • [ leak, misconfiguration, retail ] In May 2024, the Australian event ticketing company Ticketek reported a data breach linked to a third party cloud-based platform. The following month, the data appeared for sale on a popular hacking forum and was later linked to a series of breaches of the Snowflake cloud storage service. The data contained almost 30M rows with 17.6M unique email addresses alongside names, genders, dates of birth and hashed passwords.

Operation Endgame May 30, 2024 In May 2024, a coalition of international law enforcement agencies took down a series of botnets in a campaign they coined "Operation Endgame". Data seized in the operation included impacted email addresses and passwords which were provided to HIBP to help victims learn of their exposure.

Bring Me the Horizon Webpage May 28, 2024 • [ hack ] Someone hacks the Bring Me the Horizon hidden web site in an attempt to get ahead in the game.

Combolists Posted to Telegram May 28, 2024 In May 2024, 2B rows of data with 361M unique email addresses were collated from malicious Telegram channels. The data contained 122GB across 1.7k files with email addresses, usernames, passwords and in many cases, the website they were entered into. The data appears to have been sourced from a combination of existing combolists and info stealer malware.

Daniel Freund May 27, 2024 • [ espionage, malware, government ] Daniel Freund, a German member of Europes Parliament says his mobile phone was targeted with the Candiru mobile spyware on May.

Recent Breaches