OmniTRAX
December 24, 2020
•[ ransomware, malware ]
Colorado-based short line rail operator and logistics provider OmniTRAX was hit by a recent ransomware attack and data theft that targeted its corporate parent, Broe Group
Freedom Finance
December 24, 2020
•[ leak, finance ]
Russian broker Freedom Finance has admitted to a data leak after the information of 16,000 clients appeared on several shadow forums.
Scottish Environment Protection Agency
December 24, 2020
•[ ransomware, malware, government ]
The Scottish Environment Protection Agency is targeted in a cyberattack which has impacted its contact center, internal systems, processes and internal communications. The incident is revealed to be a ransomware attack by the Conti gang.
Transform Hospital Group
December 24, 2020
•[ ransomware, malware, healthcare ]
Transform Hospital Group has been attacked by the REvil ransomware threat actors.
Citrix
December 24, 2020
•[ hack, ddos, technology ]
Citrix has confirmed that a DDoS attack is affecting its Application Delivery Controller (ADC) networking appliances.
Innovaphone
December 24, 2020
•[ hack ]
Innovaphone has been hit by a hacker. The company believes that the hacker's motive was vandalism.
Sangoma Technologies
December 24, 2020
Sangoma has disclosed a data breach after files that were stolen by the Conti ransomware threat actors were published online after an attack.
The Hospital Group
December 24, 2020
•[ ransomware, malware, healthcare ]
The REvil ransomware gang hacks The Hospital Group and threatens to release before-and-after pictures of celebrity clients.
US Department of Justice
December 24, 2020
•[ hack, malware, government ]
The Department of Justice has revealed that hackers have accessed its networks as a result of the SolarWinds hack. The attackers breached the Department's Office 365 system and read its emails.
University of California
December 24, 2020
•[ hack, misconfiguration, education ]
In December 2020, the University of California suffered a data breach due to vulnerability in in a third-party provider, Accellion. The breach exposed extensive personal data on both students and staff including 547 thousand unique email addresses, names, dates of birth, genders, social security numbers, ethnicities and other academic related data attributes. Further analysis is available in Exploring the Impact of the UC Data Breach. The data was provided to HIBP courtesy of Cyril Gorlla.
MEO
December 24, 2020
•[ leak, misconfiguration, retail ]
In early 2023, a corpus of data sourced from the New Zealand based face mask company MEO was discovered. Dating back to December 2020, the data contained over 8k customer records including names, addresses, phone numbers and passwords stored as MD5 Wordpress hashes. MEO did not respond to multiple attempts to report the breach.
Innovative Solution for Healthcare
December 23, 2020
•[ hack, misconfiguration, healthcare ]
Innovative Solution for Healthcare (iSofH) misconfigured a database of sensitive patient data which was then attacked by the meow bot.
Livecoin
December 23, 2020
The Russian cryptocurrency exchange Livecoin was hacked. The hackers took control of Livecoin's infrastructure and withdrew funds from accounts after modifying exchange rates, generating massive profits.
Proliance Surgeons, Inc.
December 23, 2020
•[ financial, misconfiguration, healthcare ]
Proliance Surgeons has disclosed a data breach where payment card information may have been exposed for customers who made online payments on Proliance's platform.
Gastroenterology Consultants Ltd
December 23, 2020
•[ ransomware, malware, healthcare ]
Gastroenterology Consultants Ltd have some data dumped from the Conti ransomware group.
Leon Medical Centers
December 22, 2020
•[ ransomware, malware, healthcare ]
Leon Medical Centers has been attacked by the Conti ransomware gang.
European Court of Human Rights
December 22, 2020
•[ hack, ddos, government ]
The website of the European Court of Human Rights was knocked offline after issuing a ruling that called on Turkey to release a prominent Kurdish politician.
Koei Tecmo Europe Limited (KTE)
December 22, 2020
•[ hack, technology ]
Koei Tecmo Europe Limited, the UK subsidiary of Koei Tecmo Holdings Co., Ltd., is the victim of a cyberattack where user data was breached.
TaskRabbit
December 22, 2020
•[ hack, technology ]
TaskRabbit resets an unknown number of customer passwords after confirming it detected "suspicious activity" on its network.
DuBreton Meats
December 21, 2020
•[ hack, manufacturing ]
DuBreton Meats is the victim of a cyberattack that mainly affected its administrative servers.