Full List

Search

Recent Breaches

• Penpie September 5, 2024 Threat actors steak about $27 million worth of cryptocurrency from the Penpie decentralized finance (DeFi) protocol.
• Undisclosed organization September 5, 2024 • [ ransomware, malware ] Researchers at Palo Alto discover a ransomware incident where the threat actor Jumpy Pisces, tied to North Korea, collaborated with the Play ransomware group.
• Cisco September 4, 2024 • [ leak, malware, technology ] Ciscos site for selling company-themed merchandise is offline and under maintenance due to threat actors compromising it with JavaScript code that steals sensitive customer details provided at checkout exploiting CVE-2024-34102.
• Latvian government and critical infrastructure websites September 4, 2024 According to Latvian cybersecurity officials, politically motivated threat actors linked to Russia and Belarus are targeting Latvian government and critical infrastructure websites in a new wave of cyberattacks.
• Plaisted Companies, Inc. September 4, 2024 • [ data leak ] On or around September 4 2024, Plaisted Companies, Inc. experienced unauthorized access to internal application servers storing personal data. The company reported potential exposure of files containing personally identifiable information and began notifications on March 26 2025. No encryption, data theft confirmation, or ransom activity was reported.
• VK September 3, 2024 • [ leak, technology ] A threat actor using the alias HikkI-Chan leaks the personal details of over 390 million VK users (specifically, 390,425,719) on the notorious cybercrime and hacker platform Breach Forums. The data was stolen from a third-party.
• Individuals in South Korea September 2, 2024 • [ social ] Telegram removes 25 pieces of deepfake pornographic materials, after South Korean police investigates its role in deepfake-powered sex crimes targeting victims in the country.
• Tracelo September 2, 2024 • [ leak, technology ] A threat actor using the alias Satanic claims to have breached Tracelo, a smartphone geolocation tracking service. As a result, the hacker has leaked the personal details of over 1.4 million individuals (1,459,014) on the notorious Breach Forums.
• Transport for London September 2, 2024 • [ hack, government ] Transport for London (TfL), the city's transport authority, is investigating an ongoing cyberattack.
• Numotion September 2, 2024 • [ phishing, data leak ] Email account compromises exposed customer information at numotion.
• Deutsche Flugsicherung September 1, 2024 • [ hack, government ] Deutsche Flugsicherung, the German state-owned company responsible for the countrys air traffic control, has confirmed being hit by a cyberattack.
• BayMark Health Services September 1, 2024 • [ ransomware, healthcare ] BayMark Health Services, North America's largest provider of substance use disorder (SUD) treatment and recovery services, notifies an undisclosed number of patients that attackers stole their personal and health information in a September 2024 breach. The RansomHub operation claimed responsibility for the breach.
• Hesley Group (UK care provider) September 1, 2024 • [ hack, healthcare ] In September 2024, a cyberattack against Hesley Group led to unauthorized access to HR folders, with a small amount of sensitive staff data stolen. Exfiltrated information included PII and employment/medical records (names, contact details, bank details, salary, criminal record, medical data, etc.). No encryption or ransomware involved. The attackers remain unidentified. The incident was publicly disclosed in August 2025 after regulatory notifications.
• Undisclosed Victims In Mena September 1, 2024 • [ malware, data theft ] Campaign used Facebook ads and Telegram links to deliver Asyncrat and steal data.
• National Police September 1, 2024 • [ data leak ] Dutch intelligence services said a previously unknown Russian group (LAUNDRY BEAR) hacked multiple orgs including police; the police GAL was stolen in Sept 2024.
• Storage Durango Blue Diamond August 31, 2024 • [ data breach, cybersecurity incident ] Company reported data breach under investigation following cybersecurity incident disclosure.
• Northwest Retirement Plan Consultants August 31, 2024 • [ data leak ] NWRPC reported August 31, 2024 network access exposing sensitive information; notifications sent.
• Australian Cancer Research Foundation August 30, 2024 • [ leak, healthcare ] The Australian Cancer Research Foundation (ACRF) sent an email to its donors late on Friday afternoon, 30 August, warning them of a data security incident.
• German Youth Hostel Association (DJH), August 30, 2024 The ransomware group Hunters International claims to have broken into German Youth Hostel Association (DJH), and to have copied large amounts of data.
• NHS August 29, 2024 • [ leak, healthcare ] Several NHS staff in Scotland have had their mobile phone numbers revealed in a cyber security incident involving a third-party supplier to several health boards.