Full List

Search

Recent Breaches

• Cream Finance August 30, 2021 Cream Finance suffers a cyber attack, hacker utilized a reentrancy attack on the flash loan feature to steal $29 million in cryptocurrenies.
• North East Independent School District August 30, 2021 • [ financial, phishing, education ] North East ISD discovers an email account is compromised in an attempted wire fraud.
• Barlow Respiratory Hospital August 27, 2021 • [ ransomware, leak, malware ] California hospital suffers a ransomware attack, some patient informaiton is leaked on dark web.
• Council on Aging Southwestern Ohio August 27, 2021 • [ hack, phishing, healthcare ] Individuals protected health information is compromised through unauthroized access to an employee email account.
• Team Alvarez Insurance August 26, 2021 • [ ransomware, malware, finance ] California insurance broker suffers ransomware attack.
• American Megatrends International August 26, 2021 • [ ransomware, malware, technology ] The RansomEXX ransomware gand drops leaked data samples on their TOR site.
• QRS August 26, 2021 • [ ransomware, malware, healthcare ] Healthcare technology services company is hit with a ransomware attack following a compromised patient portal, the incident impacts over 6,000 individuals.
• Seneca Family of Agencies August 25, 2021 • [ hack, misconfiguration, healthcare ] California health and social services provider suffers unauthorized network access compromising protected health information of nearly 20,000 individuals.
• Boston Public Library August 25, 2021 • [ hack, ddos, government ] Boston Public Library System suffers a cyber attack causing a system-wide outage.
• Luminis Health August 25, 2021 • [ hack, phishing, healthcare ] Maryland hospital suffers email server breach comrpomising patient person information.
• Throckmorten County Memorial Hospital August 25, 2021 • [ ransomware, malware, healthcare ] Texas hospital is hit with ransomware attack compromising personal information of over 3,000 employees and patients.
• DatPiff August 25, 2021 • [ leak, misconfiguration, technology ] In late 2021, email address and plain text password pairs from the rap mixtape website DatPiff appeared for sale on a popular hacking forum. The data allegedly dated back to an earlier breach and in total, contained almost 7.5M email addresses and cracked password pairs. The original data source allegedly contained usernames, security questions and answers and passwords stored as MD5 hashes with a static salt.
• Evin prison (Tehran) August 24, 2021 • [ hack, government ] Hacktivist group breaches Tehran prison complex video system and leaks videos showing extensive prisoner abuse.
• Weddell Pediatric Dental Specialists August 23, 2021 Patient personal information is compromised following unauthorized access to an employee email.
• Bangkok Airways August 23, 2021 • [ ransomware, malware ] Bangkok Airways is hit with LockBit 2.0 ransomware attack, passenger information is compromised.
• ROC Mondriaan August 22, 2021 • [ ransomware, education ] Educational institution suffers a ransomware attack blocking all student and employee access to files and systems.
• Tech Etch August 20, 2021 • [ ransomware, malware, manufacturing ] Manufacturing company suffers ransomware attack comrpomising protected health information of its employees covered by employee insurance.
• Lojas Renner August 20, 2021 • [ ransomware, malware, retail ] Brazil's largest department store chain suffers a severe ransomware attack shutting down systems and its web store.
• Imavex August 20, 2021 • [ hack, misconfiguration, technology ] In August 2021, the website development company Imavex suffered a data breach that exposed 878 thousand unique email addresses. The data included user records containing names, usernames and password material with some records also containing genders and partial credit card data, including the last 4 digits of the card and expiry date. Hundreds of thousands of form submissions and orders via Imavex customers were also exposed and contained further personal information of submitters and the contents of the form. The compromised system was subsequently sunset in January 2024 and all customer data impacted by the incident was permanently deleted.
• AT&T August 20, 2021 • [ hack, misconfiguration, technology ] In March 2024, tens of millions of records allegedly breached from AT&T were posted to a popular hacking forum. Dating back to August 2021, the data was originally posted for sale before later being freely released. At the time, AT&T maintained that there had not been a breach of their systems and that the data originated from elsewhere. 12 days later, AT&T acknowledged that data fields specific to them were in the breach and that it was not yet known whether the breach occurred at their end or that of a vendor. AT&T also proceeded to reset customer account passcodes, an indicator that there was sufficient belief passcodes had been compromised. The incident exposed names, email and physical addresses, dates of birth, phone numbers and US social security numbers.