Full List

Search

Recent Breaches

• The Eye Clinic Surgicenter October 28, 2024 Meow Leaks adds The Eye Clinic Surgicenter in Montana to their leak site, after the Black Suit threat actors had added the same medical group to their leak site back in June.
• SuperDraft October 27, 2024 • [ leak, technology ] In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, transactions, latitudes and longitudes, dates of birth and bcrypt password hashes.
• SuperDraft October 27, 2024 • [ leak, technology ] In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, purchases, latitudes and longitudes, dates of birth and bcrypt password hashes.
• Fillmore County Hospital October 27, 2024 • [ phishing, data leak ] An unauthorized party accessed an employee email account on 2024-10-27. Investigation completed 2024-12-18. Affected data includes personal, medical, payment, and insurance information. Individuals were notified 2025-02-13.
• ZAGG Inc. October 26, 2024 ZAGG informs customers that their credit card data has been exposed to unauthorized individuals after hackers compromised a third-party application provided by the company's e-commerce provider, BigCommerce.
• Republican presidential nominee Donald Trump JD Vance, and people associated with the Democratic campaign of Kamala Harris October 25, 2024 Chinese threat actors engaged in a broader espionage operation targeting cellphones used by Republican presidential nominee Donald Trump JD Vance, and people associated with the Democratic campaign of Kamala Harris.
• Carolina Arthritis October 25, 2024 ThreeAM adds Carolina Arthritis to its leak site.
• Free October 25, 2024 Free, a major internet service provider (ISP) in France, confirms that threat actors breached its systems and stole customer personal information.
• Sensitive government and police databases in Italy October 25, 2024 • [ hack, espionage, government ] Four people are arrested in Italy after a business intelligence company called Equalize is accused of hacking sensitive government and police databases to create dossiers for its clients.
• Hellenic Open University October 25, 2024 • [ ransomware, data leak ] Greek open university confirmed ransomware with prolonged disruption and data leak.
• Georgia Urology October 25, 2024 • [ email compromise, healthcare, data leak ] Georgia Urology disclosed unauthorized access to two employee Microsoft 365 email accounts that exposed patient PII/PHI; notification letters began March 27 2025.
• The Superior Court of California for the County of San Joaquin October 25, 2024 • [ data leak ] The Superior Court of California for the County of San Joaquin later concluded that an unauthorized person had accessed its computer network between October 25 and 30, 2024, after first reporting significant connectivity issues and a cybersecurity incident around the end of that month. Subsequent investigation determined that files containing sensitive personal information such as Social Security numbers, drivers license numbers and credit card numbers had been exposed. The court has not disclosed how many files or people were affected but is offering one year of identity protection and credit monitoring services to potentially impacted individuals and has posted a data breach notice on its website.
• U.S. Government October 24, 2024 • [ financial, government ] A threat actor appears to have stolen approximately $20 million in stablecoins and ETH from wallets belonging to the U.S. Government.
• City of Coppell October 23, 2024 • [ ransomware, malware, government ] The RansomHub operation takes credit for a damaging attack on the city of Coppell, Texas.
• Esport North Africa October 23, 2024 • [ leak, technology ] A threat actor known as Shooked, leaks the personal details of over 180,000 Esport North Africa (ESNA) users just one day before the tournament is set to begin in Morocco.
• Russian Foreign Ministry October 23, 2024 The Russian Foreign Ministry is targeted by a severe DDoS attack, coinciding with the major BRICS summit taking place in the country, spokeswoman Maria Zakharova said.
• Unnamed Service Provider in France October 23, 2024 Frances Ministry of Labor and Employment announces that it discovered a cyberattack against an unnamed service provider, and suspected to have impacted the data of young people it was helping get into employment.
• Word & Brown Insurance Administrators, Inc. October 23, 2024 • [ data leak ] Word & Brown Insurance Administrators, Inc. experienced unauthorized access to an employee workstation on or about October 23, 2024. The attacker accessed and copied insurance administration records containing personal and health-related information for clients and employees. No encryption or operational disruption was reported. Disclosure was filed December 23, 2024.
• Transak October 21, 2024 A recent data breach at the crypto payment processor Transak exposes the information of more than 92,000 people after an employee's laptop was accessed.
• Gold Coast Health Plan October 21, 2024 • [ data leak, third-party breach, account takeover ] Gold Coast Health Plan reported that a contracted vendor (Conduent Business Solutions) suffered a cyberattack involving compromise of a single employee email account, which allowed unauthorized access to certain files during a window from Oct. 21, 2024 to Jan. 13, 2025. The vendor discovered the incident on Jan. 13, 2025 and began an investigation with law enforcement notification. A later forensic review determined that information for 540 plan members could have been exposed, listing specific claim-related and membership data elements; the release stated that Social Security numbers and financial information were not accessed or disclosed.