-
Refinadora Costarricense de Petróleo
November 27, 2024
•
[ ransomware, malware, energy ]
Refinadora Costarricense de Petrleo (RECOPE), the state-owned energy provider for Costa Rica is hit with a ransomware attack, requiring the company to shift to manual operations and call in help from abroad.
-
City of Hoboken
November 27, 2024
•
[ ransomware, malware, government ]
The city of Hoboken shuts down its government offices after an early morning ransomware attack caused widespread issues.
-
Fourlis Group (IKEA franchise operator)
November 27, 2024
•
[ ransomware, data leak ]
A ransomware attack on November 27 2024 disrupted Fourlis Groups IT infrastructure supporting IKEA operations in Greece and other regional markets. The company reported that forensic investigators did not prove the leakage of personal data, confirming no verified exfiltration. The attack caused significant operational disruption, with reported recovery costs of approximately 20 million ( US $23 million) but no ransom payment.
-
Douglasville-Douglas County Water & Sewer Authority
November 26, 2024
•
[ ransomware, data leak ]
The DouglasvilleDouglas County Water & Sewer Authority was targeted by the Lynx ransomware group on November 26 2024. Attackers claimed responsibility on a leak site on January 14 2025, later removed. The authority rebuilt and restored its systems with minimal data loss and reported no evidence of customer or employee data theft. Data exfiltration remains unconfirmed.
-
University Diagnostic Medical Imaging (UDMI)
November 26, 2024
•
[ data leak ]
On November 26 2024, University Diagnostic Medical Imaging in New York detected unauthorized access to its systems that exposed patient information including names, addresses, dates of birth, referring physicians, and treatment data. The breach affected 138,080 individuals and was disclosed publicly in February 2025.
-
ENGlobal Corporation
November 25, 2024
•
[ ransomware, malware, energy ]
ENGlobal Corporation, a major contractor for the energy industry confirms in a notice to regulators that it is dealing with a ransomware attack that has hindered operations.
-
Wirral University Teaching Hospital
November 25, 2024
•
[ hack, healthcare ]
Major UK healthcare provider Wirral University Teaching Hospital (WUTH), part of the NHS Foundation Trust, suffers a cyberattack that causes a systems outage leading to postponing appointments and scheduled procedures.
-
Rutherford County Schools
November 25, 2024
•
[ hack, education ]
Rutherford County Schools confirm to be dealing with a network and systems disruption since November 25.
-
Telecommunications, technology, consulting, chemical, and transportation industries, government agencies, and non-profit organizations (NGOs).
November 25, 2024
Researchers at Trend Micro observe the China-linked threat actor known as Earth Estries using customized malware such as SNAPPYBEE, DEMODEX, and GHOSTSPIDER to conduct long-term espionage activities against their targets.
-
Israel's national intelligence agency Mossad
November 24, 2024
A hacker group motivated by the death of former Hamas leader Yahya Sinwar claims to have targeted Israel's national intelligence agency Mossad and obtained a trove of documents that purportedly name hundreds of Israeli spies, after compromising Silicom.
-
Undisclosed prisons in the U.K.
November 23, 2024
•
[ leak, government ]
Confidential prison layouts in the U.K. are leaked onto the dark web.
-
Senior Dating
November 23, 2024
•
[ leak, misconfiguration, technology ]
In 2024, the 40+ dating website Senior Dating suffered a data breach. Attributed to an exposed Firebase database, the breach included extensive personal information on 766k users of the service including email addresses, photos, genders, links to Facebook accounts, dates of birth and precise latitude and longitude, among other personal attributes. The website was shut down after the breach was acknowledged by the site operator in December, along with a breach of the "ladies.com" website run by the same organisation.
-
SRP Federal Credit Union
November 22, 2024
More than 240,000 people have information stolen during a cyberattack on SRP Federal Credit Union, one of the largest in South Carolina.
-
Crypto users in Linkedin
November 22, 2024
•
[ financial, social, finance ]
Researchers at Microsoft reveal that the North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period.
-
Aerospace and defense companies
November 22, 2024
Researchers at Microsoft reveal that the group of North Korean hackers called Ruby Sleet compromised aerospace and defense companies with the aim of stealing industry secrets that could help further develop its weapons and navigation systems.
-
White Lake Township
November 21, 2024
White Lake Township officials disclose that a cyber attack has compromised at least some of its $29 million in infrastructure bond money.
-
Artivion
November 21, 2024
•
[ ransomware, malware, manufacturing ]
Artivion, a leading manufacturer of heart surgery medical devices, discloses q ransomware attack that disrupted its operations and forced it to take some systems offline.
-
Grand Forks Public Schools
November 21, 2024
•
[ financial, phishing, education ]
Grand Forks Public Schools loses $2.2M to a phishing scam
-
Numocity
November 21, 2024
•
[ leak, technology ]
The threat actor named CyberN-----s claims to have breached Tesla leaking 116,000 rows of data. in reality the data belongs to Numocity, a manufacturer of EV charging software, middleware, smart charges and more.
-
Human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe
November 21, 2024
•
[ espionage, malware, government ]
Researchers at Recorded Future identify an ongoing Russia-linked cyber-espionage campaign targeting human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe using custom malware.
