-
ELTA Systems Limited
December 21, 2020
•
[ leak, hack, government ]
Iranian-linked hackers leaked sensitive data on the dark web. The attack comes in the backdrop of Iranian pledge to retaliate against the killing of key Iranian nuclear scientist Mohsen Fakhrizadhe last month.
-
Center Hospitalier Albertville-Motiers (CHAM)
December 21, 2020
•
[ ransomware, malware, healthcare ]
The Center Hospitalier Albertville-Motiers is the victim of a ransomware attack.
-
VMware
December 21, 2020
Vmware had its systems breached as a result of the Solarwinds hack.
-
City of Ellensburg
December 21, 2020
•
[ ransomware, malware, government ]
The City of Ellensburg is the victim of a ransomware attack. The majority of the city's network drives and data cannot be accessed.
-
Exmo
December 21, 2020
•
[ hack, finance ]
UK cryptocurrency exchange EXMO has suffered a breach and had funds stolen from its hot wallets.
-
NetGalley
December 21, 2020
•
[ leak, misconfiguration, technology ]
NetGalley " a website that gives book reviewers pre-release access to new titles " has warned users about a data breach that may have exposed their passwords and other personal data. NetGalley's website was also defaced.
-
SolarWinds
December 21, 2020
•
[ hack, malware, technology ]
A second hacking has targeted SolarWinds to plant malware on corporate and government networks.
-
NetGalley
December 21, 2020
In December 2020, the book promotion site NetGalley suffered a data breach. The incident exposed 1.4 million unique email addresses alongside names, usernames, physical and IP addresses, phone numbers, dates of birth and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to pom@pompur.in.
-
Commport Communications
December 20, 2020
•
[ ransomware, leak, malware ]
Lorenz executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
-
At least seven chip manufacturers in Taiwan
December 20, 2020
•
[ hack, manufacturing ]
The same threat actor also broke into at last seven chip manufacturers in Taiwan.
-
Israel Aerospace Industries
December 20, 2020
•
[ ransomware, malware, manufacturing ]
The ransomware group Pay2Key, linked to Iran, claims to have successfully hacked the largest Israeli airpower defense corporation: Israel Aerospace Industries.
-
Rania Dridi
December 20, 2020
•
[ espionage, malware, technology ]
London-based reporter Rani Dridi has had her iPhone compromised with what appears Pegasus spyware for the past year. Researchers have said Dridi was likely targeted by the government of the UAE. The campaign is also thought to have affected at least 36 other journalists working for Al Jazeera and been perpetrated by the UAE, Saudi Arabia, and two other unnamed actors.
-
MMG Fusion
December 20, 2020
•
[ leak, misconfiguration, healthcare ]
In December 2020, the dental practice management service MMG Fusion was the victim of a data breach which exposed 2.6M unique email addresses. The data also included patient appointments, names, phone numbers, dates of birth, genders and physical addresses. A small number of records also included passwords stored as bcrypt hashes.
-
Brendon GyermekruhKft
December 19, 2020
•
[ ransomware, malware, retail ]
Brendon Gyermek., a retailer of baby clothes, reveals to have been hit with a Zeppelin ransomware attack.
-
Florida Agency for Healthcare Administration
December 19, 2020
•
[ hack, malware, healthcare ]
Florida officials have anonymously said that the state's Agency for Healthcare Administration was infiltrated as a result of the SolarWinds hack.
-
DriveSure
December 19, 2020
•
[ hack, automotive ]
In December 2020, the car dealership service provider DriveSure suffered a data breach. The incident resulted in 26GB of data being downloaded and later shared on a hacking forum. Impacted personal information included 3.6 million unique email addresses, names, phone numbers and physical addresses. Vehicle data was also exposed and included makes, models, VIN numbers and odometer readings. A small number of passwords stored as bcrypt hashes were also included in the data set.
-
Kraeber & Co
December 18, 2020
•
[ social, phishing, healthcare ]
Researchers from Cyble discover a targeted phishing campaign against Kraeber & Co, a company involved in the COVID-19 vaccine development.
-
City of Paderborn
December 18, 2020
•
[ hack, education ]
The city of Paderborn's "Lernstatt" network has been affected by a major cyberattack. Numerous mail accounts and web conferences have been paralyzed.
-
Smart Mortgage
December 18, 2020
Smart Mortgage has filed a suit against Brian Noe, one of its former senior loan processors, for allegedly stealing a database containing client information and bringing it to NEXA Mortgage, his new employer.
-
US Department of Energy
December 18, 2020
•
[ hack, malware, government ]
The Department of Energy has revealed that hackers have accessed its networks as a result of the SolarWinds hack.