Full List

Search

Recent Breaches

• Duc Giang General Hospital October 5, 2024 • [ ransomware ] In October 2024 cybercriminals attacked Duc Giang General Hospitals IT infrastructure, encrypting nine servers and causing major data loss and operational paralysis; no evidence of data exfiltration was reported.
• Young Consulting (now Connexure) October 4, 2024 • [ ransomware, malware, technology ] Young Consulting sends data breach notifications to 954,177 people who had their information exposed in a BlackSuit ransomware attack on April 10, 2024.
• EigenLayer October 4, 2024 • [ hack, phishing, finance ] EigenLayer team says it is investigating an unapproved selling activity of about 1.6 million of EigenLayers EIGEN tokens, worth about $5.7 million. In a subsequent update the company reveals that the unapproved token-selling incident was due to a hack, after a malicious attacker compromised an email thread involving an investors token transfer into custody.
• Pacific Pulmonary Medical Group October 4, 2024 • [ ransomware, malware, healthcare ] The Pacific Pulmonary Medical Group (PPMG) is hit with an Everest Team ransomware attack.
• IdeaLab October 4, 2024 • [ ransomware, data leak ] IdeaLab confirmed data theft from an Oct 2024 ransomware breach claimed by Hunters International. 137,000 files (~262.8 GB) stolen and leaked impacting employees/contractors and dependents.
• American Water October 3, 2024 American Water, the largest publicly traded U.S. water and wastewater utility company, is forced to shut down some of its systems after a cyberattack.
• Wayne County October 3, 2024 • [ ransomware, malware, government ] Wayne County in Michigan is dealing with an alleged ransomware attack that has shut down all government websites and limited the operations of several offices.
• Bloom Hearing Specialists October 3, 2024 • [ ransomware, malware, healthcare ] Bloom Hearing Specialists warns thousands of customers about a ransomware attack stealing sensitive data.
• Universal Music Group October 3, 2024 • [ leak ] Universal Music Group informs hundreds of individuals about a recent data breach impacting their personal information.
• Vocational Training Center, or Berufsbildungszentrum (BBZ) October 3, 2024 The Vocational Training Center, or Berufsbildungszentrum (BBZ), in the canton of Schaffhausen is the victim of a ransomware attack.
• ADT October 2, 2024 Home and small business security company ADT discloses it suffered a breach after threat actors gained access to its systems using stolen credentials and exfiltrated employee account data.
• Red Barrels October 2, 2024 • [ hack, technology ] Canadian video game developer Red Barrels warns that the development of its Outlast games will likely be delayed after the company suffered a cyberattack impacting its internal IT systems and data.
• Charleston Area Medical Center October 2, 2024 • [ phishing, data leak ] Phishing attack on multiple email users; unauthorized access to one mailbox between Oct 23, 2024, possibly exposing personal and health information. No other systems impacted.
• Governments and armed forces, think tanks, academic researchers, and Ukrainian entities October 1, 2024 • [ espionage, malware, government ] Researchers at Trend Micro reveal the details of a campaign carried out by the Russia-linked APT29 threat actor, leveraging malicious Remote Desktop Protocol (RDP) configuration files.
• Undisclosed nuclear-related organization October 1, 2024 • [ espionage, malware, energy ] Researchers at Kaspersky reveal that the Lazarus Group, the threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization. The attacks, part of Operation Dream Job, culminated in the deployment of a new modular backdoor referred to as CookiePlus,
• Switch October 1, 2024 • [ leak, misconfiguration, technology ] In October 2024, the Hungarian IT headhunting service Switch inadvertently exposed thousands of customer records via a public GitHub repository. The exposed data contained job applications with names, email addresses and in some cases, commentary on the applicant.
• Tecta America Corporation October 1, 2024 • [ hack ] Tecta America discovered suspicious network activity around October 1, 2024. Investigation revealed that between September 20October 2, an unauthorized actor accessed or acquired files. Impacted data includes names, Social Security numbers, drivers licenses, and financial account info for approximately 22,573 individuals Notifications sent January 2, 2025, and credit monitoring offered.
• Heartland Community Health Center October 1, 2024 • [ phishing, data leak ] Clinic reported email account breach exposing sensitive patient and insurance information.
• Andy Frain Services October 1, 2024 • [ ransomware, data leak ] Physical security firm reported a ransomware intrusion in Oct 2024 attributed to Black Basta with exfiltration of a wide range of data; notices sent to ~100k people in May 2025.
• Onsite Mammography October 1, 2024 • [ phishing, data leak ] Phishing attack compromised a single employees email account, enabling exfiltration of PII and PHI data affecting over 350,000 individuals; no encryption involved.