-
Adopt Me Trading Values
July 1, 2022
In July 2022, the Adopt Me Trading Values website for assessing the value of pet trades within the "Adopt Me!" Roblox game suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 86k unique email addresses along with usernames (and Roblox usernames), IP addresses and bcrypt password hashes. The data was provided to HIBP by a source who requested it be attributed to "Leidhall".
-
High profile victims
June 30, 2022
•
[ espionage, government ]
The cyber-espionage group Cloud Atlas has ramped up activities targeting Russia, Belarus and disputed parts of Ukraine and Moldova since Russia's invasion this year, according to a new report.
-
Tessie Cleveland Community Services
June 30, 2022
•
[ social, phishing, healthcare ]
Tessie Cleveland Community Services discloses a breach due to a phishing attack.
-
Cardiac Imaging Associates, CIA
June 30, 2022
•
[ social, phishing, healthcare ]
Cardiac Imaging Associates (CIA) discloses a phishing incident.
-
Colombian stock exchange
June 30, 2022
•
[ hack, ddos, finance ]
Killnet claims to have conducted a DDoS attack against the website of the Colombian stock exchange. A day before the DDoS attack, KillNet posted a news article reporting that the Colombian government decided to officially send military engineers to support Ukraine's army. Killnet posted the article with the words "Why are you doing so, Colombia?".
-
HEMERIA
June 30, 2022
•
[ ransomware, malware, manufacturing ]
SNATCH executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
-
Roseltorg
June 30, 2022
•
[ hack, leak, ddos ]
Ukrainian collective "IT Army of Ukraine" conducted a DDoS attack against Russia's largest state-owned bidding company. Subsequently, the collective announced the DDoS attack was a deception for a hack and leak operation, which resulted in the leakage of the personal details of 500 000 customers.
-
Xavier College
June 30, 2022
The Xavier College discloses to have suffered a cyber attack, with the attackers threatening to release the stolen data.
-
-
Undetermined
June 29, 2022
A DDoS attack took place against public and private organizations' networks in Norway. The secure national data network was targeted forcing temporarily the suspension of online services for several hours. The website of the country's largest electronic banking identification system as well as Norway's largest newspaper were affected.
-
Apex
June 29, 2022
•
[ ransomware, malware, technology ]
SNATCH executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
-
Home Care Providers of Texas (HCPT)
June 29, 2022
Home Care Providers of Texas discloses a ransomware incident affecting more than 124,000 individuals.
-
Lithuanian state institutions
June 27, 2022
•
[ hack, ddos, government ]
A DDoS attack targeted websites of government agencies and private firms, and part of the secure national data network in Lithuania. The State Tax Inspectorate and Migration Department and the the country's leading accounting services provider were among the affected organisations. Killnet claimed responsibility for at least some of the attacks.
-
Ministry of Agriculture Rebublic Indonesia
June 27, 2022
•
[ ransomware, malware, government ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
-
Undisclosed Chinese telecommunications service provider
June 27, 2022
Imperva announces its DDoS mitigation solution has broken a new record, defending against a single attack that sent over 25.3 billion requests to one of its customers.
-
Medical University of Innsbruck
June 26, 2022
•
[ ransomware, malware, education ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
-
Wabtec Corporation
June 26, 2022
•
[ leak, manufacturing ]
U.S. rail and locomotive company Wabtec Corporation has disclosed a data breach that exposed personal and sensitive information.
-
Macmillan Publishers
June 25, 2022
•
[ hack, misconfiguration, technology ]
On December 5, 2022, Macmillan reported a data breach with the Texas Attorney General after an unauthorized party was able to bypass its data security system and gain access to sensitive consumer information on the company's computer system.
-
Altenen
June 24, 2022
In June 2022, the malicious "carding" (referring to credit card fraud) website Altenen suffered a data breach that was later redistributed as part of a larger corpus of data. The data included 1.3M unique email addresses, usernames, bcrypt password hashes and cryptocurrency wallet addresses.
-
Disk Union
June 24, 2022
•
[ leak, misconfiguration, retail ]
In June 2022, the Japanese record chain store Disk Union suffered a data breach. The incident exposed 690k unique email addresses along with names, post codes, phone numbers and plain text passwords.