Alchip
January 3, 2025
•[ hack, manufacturing ]
On the afternoon of January 3, Qingyun Technology, Alchip, Popular Computer, and Formosa Plastics released important information, saying that their websites had been attacked. After they noticed the incident, they had activated relevant defense mechanisms and recovery operations. The website has resumed normal operation. At present, it is assessed that there is no impact on the company's operations. Qingyun and Alchip further mentioned that they initially assessed that no personal information or internal documents had been leaked.
Google Play Users
January 3, 2025
•[ state-sponsored, infiltration ]
Report said North Korean hackers infiltrated Google Play to target users.
NTT Docomo
January 2, 2025
•[ hack, technology ]
Japan's largest mobile carrier, NTT Docomo, reports that it is working to restore services after a cyberattack temporarily disrupted operations.
Kong Inc.
January 2, 2025
•[ hack, malware, technology ]
An attacker accesses Kong's DockerHub account and replaces the legitimate Kong Ingress Controller v.3.4.0 image with a malicious version containing malicious code that enabled cryptojacking.
Community Health Center (CHC)
January 2, 2025
•[ leak, healthcare ]
Community Health Center (CHC), a leading Connecticut healthcare provider, notifies over 1 million patients of a data breach that impacted their personal and health data.
InfoCert via Third Party Ticketing Vendor
January 2, 2025
•[ hack, leak, technology ]
I dati sottratti messi in vendita sul dark web. L'azienda provider di servizi di identit digitale rassicura:Informazioni sottratte sono quelle delle richieste di assistenza clienti, i dati di accesso a InfoCert non sono stati compromessi
Chipson Electronics
January 2, 2025
•[ ddos, manufacturing ]
Chipson Electronics released important information on the stock market public observatory, stating that their website was attacked by a distributed denial of service (DDoS) attack.
First International Computer, Inc.
January 2, 2025
•[ hack, ddos, manufacturing ]
NoName057(16) claims responsibility for DDOS against several Taiwanese entities
Unnamed high-profile Ukrainian entities
January 2, 2025
•[ espionage, malware, government ]
{"richText":[{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"ESET observed coordination where "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"Gamaredon tools (PteroGraphin/PteroOdd/PteroPaste)"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" deployed or restarted "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"Turlas Kazuar"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" on Ukrainian systems during "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"FebApr 2025"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":", marking the first documented collaboration between these FSB-linked groups; focus is "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"espionage access"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" rather than disruption."}]}
Health Service Executive (HSE) – primary care services, Midlands (third-party processor)
January 2, 2025
•[ ransomware, data breach, third-party breach ]
DataBreaches summarized reporting that the Irish Health Service Executive confirmed a second ransomware attack occurred in February 2025, targeting a third-party processor and resulting in a data protection breach reported by HSE primary care services in the Midlands. The HSE stated there was no evidence that patients data was stolen in the incident, and the brief report did not describe prolonged operational disruption or specify what systems were encrypted. Based on the confirmation of a ransomware incident affecting a processor, this is coded as a disruptive event with limited publicly available detail on scope and duration.
Habib Bank Limited
January 1, 2025
•[ hack, finance ]
hacked
Federal Board of Revenue
January 1, 2025
•[ hack, finance ]
hacked
Resona Bank
January 1, 2025
•[ hack, ddos, finance ]
Osaka-based Resona Bank says a DDoS attack resulted in a network malfunction and impacted the functioning of its customer-facing My Gate application. The parent company Resona Holdings confirms the incident temporarily disrupted services at other company-owned banks, including Minato Bank, Kansai Mirai Bank and Saitama Resona Bank.
Mizuho Bank
January 1, 2025
•[ financial, hack, ddos ]
Mizuho Bank, Japan's third largest financial company, suffers a denial-of-service attack that disrupts online banking services for three hours.
City of Winston-Salem
January 1, 2025
•[ hack, government ]
Winston-Salem, North Carolina, residents are not able to pay their utility bills online after a post-Christmas cyberattack knocked the city's systems offline.
MedSave Health Insurance
January 1, 2025
•[ leak, healthcare ]
A threat actor with the Moniker 0mid16B claims to have breached MedSave Health Insurance TPA Ltd (MedSave), stealing 561 gigabytes of databases, containing data of 10,617,943 people.
STIIIZY
January 1, 2025
•[ ransomware, retail ]
Popular cannabis brand STIIIZY discloses a data breach after threat actors breached its point-of-sale (POS) vendor to steal customer information, including government IDs and purchase information. The Everest. ransomware group claims responsibility for the attack.
Undisclosed law firm in Canada
January 1, 2025
•[ espionage ]
EarthKapre, also known as RedCurl, is a highly sophisticated cyber espionage group known for its advanced operations, primarily targeting private-sector organizations with a focus on corporate espionage. The target of this attack is an organization within the Law Firms & Legal Services industry.
