-
Israel's national intelligence agency Mossad
November 24, 2024
A hacker group motivated by the death of former Hamas leader Yahya Sinwar claims to have targeted Israel's national intelligence agency Mossad and obtained a trove of documents that purportedly name hundreds of Israeli spies, after compromising Silicom.
-
Undisclosed prisons in the U.K.
November 23, 2024
•
[ leak, government ]
Confidential prison layouts in the U.K. are leaked onto the dark web.
-
Senior Dating
November 23, 2024
•
[ leak, misconfiguration, technology ]
In 2024, the 40+ dating website Senior Dating suffered a data breach. Attributed to an exposed Firebase database, the breach included extensive personal information on 766k users of the service including email addresses, photos, genders, links to Facebook accounts, dates of birth and precise latitude and longitude, among other personal attributes. The website was shut down after the breach was acknowledged by the site operator in December, along with a breach of the "ladies.com" website run by the same organisation.
-
SRP Federal Credit Union
November 22, 2024
More than 240,000 people have information stolen during a cyberattack on SRP Federal Credit Union, one of the largest in South Carolina.
-
Crypto users in Linkedin
November 22, 2024
•
[ financial, social, finance ]
Researchers at Microsoft reveal that the North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period.
-
Aerospace and defense companies
November 22, 2024
Researchers at Microsoft reveal that the group of North Korean hackers called Ruby Sleet compromised aerospace and defense companies with the aim of stealing industry secrets that could help further develop its weapons and navigation systems.
-
White Lake Township
November 21, 2024
White Lake Township officials disclose that a cyber attack has compromised at least some of its $29 million in infrastructure bond money.
-
Artivion
November 21, 2024
•
[ ransomware, malware, manufacturing ]
Artivion, a leading manufacturer of heart surgery medical devices, discloses q ransomware attack that disrupted its operations and forced it to take some systems offline.
-
Grand Forks Public Schools
November 21, 2024
•
[ financial, phishing, education ]
Grand Forks Public Schools loses $2.2M to a phishing scam
-
Numocity
November 21, 2024
•
[ leak, technology ]
The threat actor named CyberN-----s claims to have breached Tesla leaking 116,000 rows of data. in reality the data belongs to Numocity, a manufacturer of EV charging software, middleware, smart charges and more.
-
Human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe
November 21, 2024
•
[ espionage, malware, government ]
Researchers at Recorded Future identify an ongoing Russia-linked cyber-espionage campaign targeting human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe using custom malware.
-
The Real World
November 21, 2024
Threat actors break into The Real World, far-right influencer Andrew Tates online university, steal user data on close to 800,000 users, and flood chats with emojis.
-
Blue Yonder
November 21, 2024
•
[ ransomware, malware, technology ]
Supply chain management firm Blue Yonder warns that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK.
-
Yonéma
November 21, 2024
•
[ leak, finance ]
In November 2024, data from the Senegalese payment platform Yonma was posted to a popular hacking forum. The data included 36k unique email addresses alongside phone numbers, names and what appears to be encrypted passwords and dates of birth.
-
Concord Orthopaedics
November 21, 2024
•
[ data leak, third-party breach ]
Vendor breach exposed patient Pii/phi; notifications sent months after discovery.
-
Hazleton Anesthesia Services
November 21, 2024
•
[ data leak ]
On Nov 21, 2024, Somnia (management company) identified suspicious activity in its email environment and later confirmed unauthorized access to a limited number of accounts that included Hazleton Anesthesia Services. Review completed Mar 10, 2025; public substitute notice issued Mar 31, 2025. No encryption or operational disruption reported.
-
Central Group
November 20, 2024
•
[ leak, retail ]
A threat actor with the moniker 0mid16B claims to have breached the1 Card membership system across every retail and consumer brand under the Central Group, and to have stolen 5,108,826 records.
-
Mexico Legal Affairs Office
November 20, 2024
•
[ ransomware, malware, government ]
Mexicos president Claudia Sheinbaum says that the government is investigating an alleged ransomware hack of her administrations legal affairs office after what appeared to be samples of personal information from a database of government employees were posted online.
-
Minneapolis Park and Recreation Board
November 20, 2024
•
[ ransomware, malware, government ]
The RansomHub operation takes credit for a damaging attack on the Minneapolis Park and Recreation Board.
-
Amazon users
November 20, 2024
Amazon, Amazon Music, and Audible are flooded with bogus listings that push dubious "forex trading" sites, Telegram channels, and suspicious links claiming to offer pirated software.
