Portend Breaches

Adam Griffin May 6, 2024 • [ social, phishing, finance ] Adam Griffin, a crypto investor is robbed of nearly $500,000 in cryptocurrencies after a scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click yes to a Google prompt on his mobile device.

Richmond University Medical Center May 6, 2024 • [ ransomware, malware, healthcare ] The Richmond University Medical Center in New York is investigating a ransomware attack since May 2023 and it recently determined that the incident resulted in a data breach affecting more than 670,000 people.

Mālama I Ke Ola Health Center May 4, 2024 • [ hack, healthcare ] The Mlama I Ke Ola Health Center discloses to have suffered a cyberattack

Undisclosed crypto investor May 3, 2024 • [ financial, hack, phishing ] An individual loses around $71 million worth of bitcoin in what appears to be an address poisoning attack. A week later the author of the attack returns the stolen bounty.

City of Wichita May 3, 2024 • [ ransomware, malware, government ] The City of Wichita, Kansas, discloses it was forced to shut down portions of its network after suffering a weekend ransomware attack. The LockBit ransomware operation claims responsibility for the attack.

The Post Millennial May 2, 2024 Have I Been Pwned adds the information for 26,818,266 people whose data was leaked in a recent hack of The Post Millennial conservative news website.

Human Events May 2, 2024 • [ hack, leak ] The conservative news website Human Events is also hacked and replaced with a page leaking private information.

The Post Millennial May 2, 2024 • [ hack, misconfiguration, technology ] In May 2024, the conservative news website The Post Millennial suffered a data breach. The breach resulted in the defacement of the website and links posted to 3 different corpuses of data including hundreds of writers and editors (IP, physical address and email exposed), tens of thousands of subscribers to the site (name, email, username, phone and plain text password exposed), and tens of millions of email addresses from thousands of mailing lists alleged to have been used by The Post Millennial (this has not been independently verified). The mailing lists appear to be sourced from various campaigns not necessarily run by The Post Millennial and contain a variety of different personal attributes including name, phone and physical address (depending on the campaign). The data was subsequently posted to a popular hacking forum and extensively torrented.

Brandywine Realty Trust May 1, 2024 • [ ransomware, malware ] Philadelphia-based real estate company Brandywine Realty Trust discloses to have fell victim to a ransomware attack that disrupted some of its business applications.

Payroll Vendor for UK Ministry of Defence May 1, 2024 The UK Government confirmed today that a threat actor recently breached the countrys Ministry of Defence and gained access to part of the Armed Forces payment network.

Firstmac Limited May 1, 2024 • [ leak, finance ] Firstmac Limited warns customers that it suffered a data breach a day after the new Embargo cyber-extortion group leaked over 500GB of data allegedly stolen from the firm.

Atlas May 1, 2024 • [ ransomware, malware, energy ] The Back Basta extortion group claims to have breached Atlas, one of the largest national distributors of fuel in the United States. Black Basta purportedly stole 730 GB of data

South African Department of Justice and Constitutional Development May 1, 2024 • [ hack, financial, government ] The South African Department of Justice and Constitutional Development (DJ&CD) suffers a cyber security incident affecting child maintenance payments.

At least three Wyndham hotels May 1, 2024 • [ espionage, malware, hospitality ] pcTattletale, a consumer-grade spyware app is found running on the check-in systems of at least three Wyndham hotels across the United States.

AddComm May 1, 2024 Dutch bank ABN Amro says client data may have been compromised in a ransomware attack at third-party services provider AddComm.

Undisclosed contractor April 30, 2024 The infamous IntelBroker threat actor claims to have breached a third-party contractor and stolen sensitive data belonging to two prominent banks in the United Kingdom: HSBC and Barclays.

Regional Cancer Center April 30, 2024 • [ ransomware, malware, healthcare ] Details of at least 2 million patients with the Regional Cancer Center (RCC) are compromised, affecting 11 out of 14 servers and causing disruptions in many divisions, including the Radiation Department. The attackers demand a ransom.

El Centro Del Barrio (CentroMed) April 30, 2024 • [ hack, healthcare ] San Antonio-based healthcare provider El Centro Del Barrio (which operates as CentroMed) is informing 400,000 patients that their personal and protected health information was compromised in a recent cyberattack.

City of Helsinki April 30, 2024 • [ leak, education ] The City of Helsinki discloses it is investigating a data breach in its education division, which it discovered in late April 2024, impacting tens of thousands of students, guardians, and personnel.

Atrium Health April 29, 2024 • [ social, phishing, healthcare ] Atrium Health sends notifications to patients who may have been impacted by a malicious email sent to employees in April, through which an unauthorized third party gained access to a group of employees emails.

Recent Breaches