Portend Breaches

Zürcher Kantonalbank (ZKB) January 21, 2025 • [ hack, ddos, finance ] Erneut hat die Hackergruppe NoName aus Russland eine Reihe von Schweizer Websites mit DDoS-Attacken lahmgelegt. Der Zeitpunkt der Angriffe hat wohl vor allem mit der Durchfhrung des WEF zu tun.

Stadt Schaffhausen January 21, 2025 • [ hack, ddos, government ] Two cantonal banks and various public websites were unavailable on Tuesday morning. A hacker group with ties to Russia is "testing" the resilience of Switzerland's internet infrastructure, as they call it. Today, Ukrainian President Volodomir Zelensky will speak at the WEF in Davos.

Ville de Sierre / Stadt Siders January 21, 2025 • [ hack, ddos, government ] In the morning, Schaffhausen energy supplier SH Power also displayed an error message. However, its site was back online before midday. Meanwhile, the websites for the cities of Sierre and Geneva remained inaccessible.

Cycle & Carriage Singapore January 21, 2025 • [ hack, leak, retail ] Cycle & Carriage Singapore disclosed a data breach in which attackers accessed an application server and exfiltrated ~147,000 customer records. No encryption or disruption of operations was reported.

Ascension January 21, 2025 • [ data leak, vulnerability ] Ascension disclosed a data breach linked to a former business partners software vulnerability; filings indicate 437,329 impacted individuals.

ZÃƒÂ¼rcher Kantonalbank (ZKB) January 21, 2025 • [ DDoS attack, NoName, WEF ] Erneut hat die Hackergruppe NoName aus Russland eine Reihe von Schweizer Websites mit DDoS-Attacken lahmgelegt. Der Zeitpunkt der Angriffe hat wohl vor allem mit der Durchfhrung des WEF zu tun.

Individual in Galicia January 20, 2025 La entidad alegaba que su clienta haba sido imprudente

Northwest Radiologists / Mount Baker Imaging January 20, 2025 • [ hack, leak, healthcare ] Northwest Radiologists (Mount Baker Imaging) discovered a network intrusion on January 25, 2025, with malicious activity beginning around January 20 that exposed patient data from its systems. The breach compromised PII/PHIincluding names, contact details, dates of birth, SSNs, drivers license/ID numbers, treatment/diagnosis information, medical record and insurance detailsimpacting about 348,118 Washington residents; no ransomware claim or operational disruption was confirmed.

Manpower January 20, 2025 • [ ransomware, leak, malware ] Manpower disclosed that a ransomware attack by RansomHub led to the theft of 500GB of files and the exposure of personal data from roughly 140000 individuals. The attackers listed Manpower on their leak site but later removed it, suggesting a ransom settlement.

Telecom / ISP / cloud providers in Switzerland January 20, 2025 • [ DDoS ] Over 1,400 distributed denial-of-service attacks observed during WEF in Davos, targeting telcos and cloud providers using amplification and TCP floods, peaking at ~426 Gbps in reconnaissance, then ~24 Gbps during sessions.

Medical Associates of Brevard January 18, 2025 • [ ransomware, malware, healthcare ] {"richText":[{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"BianLian claimed MAB in Jan 2025; MABs review (by 07/07/2025) identified affected individuals and data types; HHS breach portal lists "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"246,711"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" affected in a "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"Hacking/IT Network Server"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" incident reported "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"09/05/2025"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"; no outage confirmed."}]}

Allegheny Health Network (AHN) January 17, 2025 • [ hack, healthcare ] Allegheny Health Network discloses that an "unauthorized user" hacked its IT vendor IntraSystems.

Blacon High School January 17, 2025 • [ ransomware, education ] Blacon High School announces a temporary closure after falling victim to a "ransomware attack".

Otelier January 17, 2025 • [ leak, misconfiguration, technology ] Hotel management platform Otelier suffers a data breach after threat actors breached its Amazon S3 cloud storage to stole millions of guests' personal information and reservations for well-known hotel brands like Marriott, Hilton, and Hyatt.

United Domestic Workers Of America January 17, 2025 • [ data leak ] Union reported unauthorized access; breach letters mailed March 27 to affected members.

Loretto Hospital January 17, 2025 • [ ransomware, data leak ] On January 17 2025, RansomHouse gained unauthorized access to Loretto Hospitals network in Chicago and exfiltrated approximately 1.5 TB of sensitive data. The group listed the hospital on its leak site and released sample medical and billing files. No encryption occurred. The hospital later confirmed about 500 affected individuals in its HHS filing.

Frame & Optic January 16, 2025 • [ leak, retail ] In January 2025, the eyewear seller Frame & Optic suffered a data breach. The incident exposed almost 16k unique email addresses along with names, phone numbers and geolocation data including country, state and postcode. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".

Town of Ulster January 16, 2025 • [ ransomware, malware, government ] The Town of Ulster discloses a ransomware attack.

Apex Custom Software January 16, 2025 • [ ransomware, malware, technology ] Apex Custom Software is hit with a ransomware attack.

Heart Centre January 16, 2025 • [ ransomware, malware, healthcare ] Heart Centre in Australia is hit with a DragonForce ransomware attack.

Recent Breaches