-
European institutions and states
August 15, 2024
The massive February leak of internal documents from Chinese hacking contractor iSoon reveals apparent hacking against European institutions and states.
-
Multiple organizations
August 15, 2024
•
[ hack, misconfiguration, technology ]
Researchers at Sysdig discover a large-scale malicious operation named "EmeraldWhale" scanning for exposed Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories.
-
schenkYOU
August 15, 2024
•
[ hack, retail ]
In September 2024, data from the online German gift store schenkYOU was put up for sale on a popular hacking forum. Obtained the month before, the data included 237k unique email addresses alongside names, dates of birth and salted SHA-256 password hashes. The standalone store was subsequently shut down with all traffic redirected to their Amazon store.
-
Explore Talent (August 2024)
August 15, 2024
•
[ leak, misconfiguration, technology ]
In August 2024, a slew of security vulnerabilities were identified with a conglomerate of online services which included the talent network Explore Talent. A vulnerable API exposed the personal records of 11.4M users of the service of which 8.9M unique email addresses were provided to HIBP. This incident is separate to the Explore Talent breach which occurred in 2022 and was loaded into HIBP in July 2024.
-
Tracki
August 15, 2024
•
[ leak, misconfiguration, technology ]
In August 2024, a slew of security vulnerabilities were identified with a conglomerate of online services which included the GPS tracking service Tracki. Multiple vulnerabilities exposed the personal records of 372k users of the service including names and email addresses.
-
City of Flint
August 14, 2024
•
[ ransomware, malware, government ]
Phones and computers used by government workers in Flint, Michigan are facing outages due to a ransomware attack.
-
Central Bank of Iran (CBI) and several other banks in the country
August 14, 2024
Iran International reports that a massive cyber attack disrupted operations of the Central Bank of Iran (CBI) and several other banks in the country.
-
Welhof
August 14, 2024
•
[ leak, retail ]
In August 2024, the Dutch appliance store Welhof suffered a data breach. The incident exposed over 100k unique email addresses along with names, physical addresses and the value of purchases made. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
-
POLADA
August 13, 2024
Threat actors "from a hostile state are believed to be behind the leak of over 50,000 confidential files from Polands anti-doping agency POLADA.
-
Star Health and Allied Insurance
August 13, 2024
•
[ leak, misconfiguration, finance ]
Stolen customer data including medical reports from India's biggest health insurer, Star Health, is publicly accessible via chatbots on Telegram
-
X
August 12, 2024
•
[ hack, technology ]
Elon Musks interview with US Presidential candidate Donald Trump on the X social media platform is impacted by technical glitches and what is a cyberattack.
-
Undisclosed South Korean defense contractor
August 12, 2024
A South Korean defense contractor which produces operational and maintenance manuals for military equipment, including the two spy planes "Baekdu" and "Geumgang", was allegedly hacked by threat actors from North Korea.
-
AutoCanada
August 11, 2024
AutoCanada suffers a cyberattack that impacts the automobile dealership group's internal IT systems, which may lead to disruptions.
-
Orion SA
August 10, 2024
Luxembourg-based chemicals and manufacturing giant Orion SA notifies US regulators that it will lose out on around $60 million after it was targeted by a criminal wire fraud scheme.
-
Chris Leong
August 10, 2024
•
[ hack, malware, healthcare ]
In August 2024, the website of Master Chris Leong "a leading Tit Tar practitioner in Malaysia" suffered a data breach. The incident exposed 27k unique email addresses along with names, physical addresses, dates of birth, genders, nationalities and in many cases, links to Facebook profiles. The company did not respond when contacted about the breach.
-
Unicoin
August 9, 2024
Unicoin, a prominent cryptocurrency company notifies the SEC that a threat actor broke into its systems and locked all of the companys employees out before taking several actions that are still being investigated.
-
-
Russia's Kursk Region
August 8, 2024
•
[ hack, ddos, government ]
Russia's Kursk region is hit by a massive distributed denial-of-service (DDoS) attack amid Ukraines surprise cross-border incursion.
-
Evolution Mining
August 8, 2024
•
[ ransomware, malware, energy ]
Evolution Mining informs that it has been targeted by a ransomware attack, which impacted its IT systems.
-
OnePoint Patient Care
August 8, 2024
•
[ ransomware, malware, healthcare ]
OnePoint Patient Care (OPPC) informs customers about a data breach impacting their personal information. The Inc Ransom ransomware group takes credit for the attack. The impact is bigger than initially believed, with over 1.7 million people affected
