Let's Secure Insurance Brokers
January 27, 2025
•[ ransomware, finance ]
Let's Secure Insurance Brokers is hit with a ransomware attack.
Individual
January 27, 2025
•[ social, phishing, finance ]
Police began investigating when a 90-year-old man told authorities he gave $49,900 to a courier purportedly acting on behalf of PayPal. Victim was deceived via fake PayPal email & link leading to remote access of computer/password theft
Episource
January 27, 2025
•[ data leak ]
Episource detected unauthorized access between January 27 and February 6 2025 affecting approximately 5.4 million individuals; attackers exfiltrated protected health information including SSNs, medical data, and insurance identifiers; no actor identified or ransom claim confirmed.
New York Blood Center (NYBC)
January 26, 2025
•[ ransomware, malware, healthcare ]
The New York Blood Center (NYBC), one of the world's largest independent blood collection and distribution organizations, says a Sunday ransomware attack forced it to reschedule some appointments.
Maagar-Tec
January 26, 2025
•[ hack, technology ]
The pro-Palestinian group called Handala reportedly breaches emergency systems used in Israeli schools, after compromising Maagar-Tec, and broadcasts rocket sirens and Arabic songs that Israels cyber agency called supportive of terrorism.
Individual in Austria
January 26, 2025
•[ financial, phishing, finance ]
Eine Sdoststeirerin hat sich im Jnner an die Polizei gewandt, nachdem sie vermutet hatte, Opfer eines Phishing-Betrugs geworden zu sein. Sie fiel einem Link in einer SMS zum Opfer, eine Betrgerbande behob daraufhin Geld von ihrem Konto. Die Polizei verffentlichte nun Fotos der mutmalichen Betrger aus Wien.
The House of Dior
January 26, 2025
•[ data leak, personally identifiable information, supply chain attack ]
Dior disclosed that a database was accessed on Jan 26, 2025 exposing data that includes names, contact details, address, DOB, and in some cases passport/ID or SSN. Believed to be related to broader LVMH/ShinyHunters vendor breach cluster.
Jan Nygaard AS, a major BMW & MINI dealership in Denmark
January 25, 2025
•[ ransomware, hack, malware ]
Den store BMW- og Mini-forhandler Jan Nygaard, der omstter for mere end to milliarder kroner, advarer efter Computerworlds afslring tirsdag morgen sine kunder om, at deres data kan vre blevet stjlet af ransomware-gruppe under hackerangreb for mere end tre uger siden.
Grubhub
January 25, 2025
•[ data leak, third-party breach ]
Grubhub disclosed that a third-party vendor account was compromised, allowing limited access to contact and partial payment information for customers, drivers, and merchants. Full card, bank, and SSN data were not accessed. No attribution to a specific threat group. Incident contained.
Marlboro-Chesterfield Pathology
January 25, 2025
•[ ransomware, data leak ]
SafePay ransomware actors stole personal and health information from MCP systems; entity reported to HHS that 235,911 individuals were affected.
Doxbin Scrape
January 24, 2025
•[ leak, misconfiguration, technology ]
In January 2025, 435k email addresses were scraped from the "doxing" service Doxbin. Posts to the service are usually intended to disclose the personal information of non-consensually third parties. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
Matagorda County
January 24, 2025
•[ hack, malware, government ]
Matagorda County discloses a cyber attack involving a virus that has affected several internal systems.
HCF Management
January 24, 2025
•[ ransomware, malware, healthcare ]
HCF Management healthcare facilities confirm a ransomware attack from the RansomHun group, with more than 70,000 patients affected.
Hospital El Cruce
January 24, 2025
•[ ransomware, malware, healthcare ]
The Hospital El Cruce is hit with a Medusa ransomware attack.
Centric.eu
January 24, 2025
•[ ransomware, technology ]
Ransomwaregroepering Clop claimt data van Centric in handen te hebben
Phemex
January 23, 2025
•[ financial, hack, finance ]
Singapore-based cryptocurrency platform Phemex is forced to pause some of its operations after a suspected cyberattack led to the theft of more than $85 million in digital coins.
Conduent
January 22, 2025
•[ hack, government ]
American business services and government contractor Conduent confirms that a recent outage resulted from what it described as a "cyber security incident."
ipany (VPN software developed by a South Korean company)
January 22, 2025
•[ espionage, technology ]
Researchers from ESET link a previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon to a supply chain attack targeting ipany a South Korean virtual private network (VPN) provider.
~100 UTEP Students
January 22, 2025
•[ social, phishing, education ]
The University of Texas at El Paso (UTEP) is urging students to remain vigilant following a phishing attack that compromised several accounts.
