-
Asia Pacific University
May 3, 2022
•
[ ransomware, malware, education ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
-
Defense and cybersecurity organizations in the Baltics
May 3, 2022
Google's Threat Analysis Group reveals that the Russian threat actor Turla is targeting defense and cybersecurity organizations in the Baltics via emails distributing malicious documents.
-
Government and defense officials, politicians, NGOs and think tanks, and journalists
May 3, 2022
•
[ espionage, phishing, government ]
Google's Threat Analysis Group reveals that the Russian threat actor Calisto is targeting government and defense officials, politicians, NGOs and think tanks, and journalists via phishing links directly in the email, linking to PDFs and/or DOCs hosted on Google Drive and Microsoft One Drive.
-
Government, military, logistics and manufacturing organizations in Ukraine, Russia and Central Asia
May 3, 2022
Google's Threat Analysis Group reveals that the Chinese threat actor Curious Gorge has remained active against government, military, logistics and manufacturing organizations in Ukraine, Russia and Central Asia.
-
TUI UK
May 3, 2022
•
[ ransomware, malware, technology ]
SNATCH executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
-
Allwell Behavioral Health Services
May 3, 2022
•
[ hack, healthcare ]
Allwell Behavioral Health Services announces that a computer system used to store quality assurance information related to the treatment of patients was accessed by an unauthorized individual.
-
Transport for NSW
May 3, 2022
Transport for NSW confirms its Authorised Inspection Scheme (AIS) online application was impacted by a cyber incident in early April.
-
Capsule
May 3, 2022
Capsule, a digital pharmacy, starts notifying 27,486 individuals that some of their protected health information has been exposed in a cyberattack where unauthorized individuals gained access to certain Capsule accounts on April 5, 2022.
-
High risk individuals in Ukraine
May 3, 2022
Google's Threat Analysis Group reveals that the Belarusian threat actor Ghostwriter has resumed its activity of targeting Gmail accounts via credential phishing.
-
Government Agencies of Germany
May 2, 2022
•
[ hack, ddos, government ]
Over several days, the websites of German authorities and ministries have been targeted in a series of DDoS attacks. the targets included the Ministry of Defence, the Bundestag, the Federal Police and several state police authorities.
-
Nauru Police Force
May 2, 2022
The Anonymous collective releases 82GB worth of emails apparently belonging to the Nauru Police Force in protest against the alleged ill-treatment of asylum seekers and refugees carried out by Island authorities on behalf of the Australian government.
-
Spain's Prime Minister Pedro Sanchez and Defense Minister Margarita Robles
May 2, 2022
•
[ espionage, malware, government ]
Spanish government officials reveal that the mobile phones used by Spain's Prime Minister Pedro Sanchez and Defense Minister Margarita Robles were infected with Pegasus spyware, a well-known surveillance tool made by Israel's NSO Group.
-
Qiwi
May 1, 2022
•
[ hack, finance ]
In name of #OpRussia, NB65, one of the Anonymous affiliate hacktivist groups claims to have gained access to the database of Qiwi, a Russian Payment Processor.
-
Dis-Chem Pharmacies
May 1, 2022
•
[ leak, retail ]
Dis-Chem Pharmacies reveals that nearly 3.7 million of its clients' records were compromised during an incident involving a third-party service provider.
-
Government Agencies of Moldova
May 1, 2022
•
[ hack, ddos, government ]
A number of web pages belonging to public authorities were subjected to DDoS attacks. The attacks compromise equipment and networks, by exploiting security vulnerabilities and enrolling them in botnet network.
-
Rari Capital
April 30, 2022
•
[ financial, hack, finance ]
Rari Capital confirms reports from several blockchain security companies that about $80 million worth of cryptocurrency was stolen through their platform.
-
Valley View Hospital
April 30, 2022
•
[ social, phishing, healthcare ]
Valley View Hospital is hit by a phishing attack, potentially impacting the personal data of about 21,000 people.
-
Saddle Finance
April 30, 2022
•
[ financial, finance ]
Saddle Finance reports that about $10.3 million worth of cryptocurrency was stolen from their platform.
-
Fanpass
April 30, 2022
•
[ leak, retail ]
In April 2022, the UK based website for buying and selling soccer tickets Fanpass suffered a data breach which exposed 112k customer records. Impacted data includes names, phone numbers, physical addresses, purchase histories and salted password hashes. The data was provided to HIBP by a source who requested it be attributed to "breaches.net".
-