-
Red Cross Contractor
January 19, 2022
A cyber attack against a Red Cross contractor compromises personal data of over 515,000 individuals in the 'Restoring Family Links' program.
-
Delta Electronics
January 18, 2022
•
[ ransomware, malware, manufacturing ]
Delta Electronics, a major Taiwanese manufacturer and supplier to Apple and Tesla, is hit with significant Conti ransomware attack.
-
-
Crypto
January 17, 2022
•
[ financial, hack, finance ]
Crypto.com suffers a hack compromising 483 customer accounts with an impact estimated around $34 million.
-
Duncan Regional Hospital (DRH)
January 16, 2022
•
[ leak, healthcare ]
Duncan Regional Hospital (DRH) suffers a data breach in January 2022 that impacted over 92,000 individuals,
-
-
SRH Holding
January 14, 2022
•
[ ransomware, malware, education ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
-
Ukraine Ministry of Foreign Affairs
January 14, 2022
One of at least 15 websites belonging to Ukrainian public institutions compromised, defaced, and taken offline in a GhostWriter attack utilizing CVE-2021-32658.
-
Undetermined
January 14, 2022
On January 14, 2022 Orthodox New Year, over 70 Ukrainian government websites were defaced with political imagery and a statement in Russian, Ukrainian, and Polish before going down temporarily. Most sites were restored within hours. The attack crippled much of the government's public-facing digital infrastructure, including the most widely used site for handling government services online, Diia. Diia also has a role in Ukraine's coronavirus response and in encouraging vaccination. It also crippled the sites of the Cabinet of Ministers, and the ministries of energy, sports, agriculture, veterans' affairs, and ecology. The Ukrainian company Kitsoft also confirmed that it found the WhisperGate malware on some of its systems. At least 50 of the 70 sites targeted for defacement were developed and maintained by Kitsoft. Kitsoft was compromised, which allowed the hackers to gain access to Kitsoft's administrator panel and use the company's credentials to deface customer web sites.
-
Polish Ministry of Defense
January 14, 2022
•
[ espionage, government ]
Polish Ministry of National Defnse databases containing sensitive military information are compromised.
-
Goodwill
January 14, 2022
•
[ leak, misconfiguration, retail ]
American non-profit Goodwill suffers data breach involving information of customers using its e-commerce platform.
-
Ballad Health
January 13, 2022
•
[ social, phishing, healthcare ]
Ballad Health discloses a phishing incident that potentially led to protected health information (PHI) exposure.
-
Priority Building Services, LLC
January 13, 2022
Vice Society encrypts network and threatens to leak data on their dark web portal.
-
Lewis & Clark College
January 13, 2022
•
[ ransomware, leak, malware ]
The Quantum ransomware gand drops leaked data samples on their TOR site.
-
Undetermined
January 13, 2022
Microsoft identified a destructive malware (dubbed WhisperGate) operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022. The malware is assessed to be designed to look like ransomware but lacking a ransom recovery mechanism and is intended to be destructive rendering targeted devices inoperable rather than to obtain a ransom. Victims span multiple government, non-profit, and information technology organizations. A Ukrainian IT company also confirmed that it found the WhisperGate malware on some of its systems. At least 50 of the 70 sites targeted for defacement were developed and maintained by the said IT company. The latter was compromised, which allowed the hackers to gain access to its' administrator panel and use the company's credentials to deface customer web sites. Microsoft named the samples WhisperGate, while other security companies labeled the downloader as WhisperGate and WhisperKill as the actual wiper, which was considered a component of WhisperGate.
-
-
Boulder County
January 12, 2022
•
[ financial, social, phishing ]
Boulder County is able to recover the almost $238,000 it mistakenly sent to a fraudulent account after a phishing scam in September.
-
Catholic Hospice
January 12, 2022
•
[ social, phishing, healthcare ]
Catholic Hospice suffers phishing attack resulting in unauthroized access to employee email account containing patient information.
-
Lhensoldt
January 12, 2022
•
[ ransomware, malware, manufacturing ]
UK subsidiary of multinational defense contractor is hit with a Lorenz ransomware attack.
-
Nixon Williams
January 12, 2022
•
[ ransomware, malware, finance ]
Prominent accounting firm suffers apparent ransomware attack causing significant operations disruptions.