Macy's
November 14, 2019
•[ financial, malware, retail ]
Macy's announces a data breach caused by Magecart card-skimming code being implanted in the firm's online payment portal. The incident was discovered on October 15, and was active since October 7.
PEXSuperstore
November 4, 2019
•[ financial, malware, retail ]
Researchers from PerimeterX reveal that PEXSuperstore.com is the latest victim of a Magecart attack (simultaneously by two different criminal groups).
Indian users
October 29, 2019
•[ financial, malware, finance ]
Researchers from Group-IB discover more than 1.3 million Indian payment card details put up for sale on Joker's Stash, the internet's largest carding shop.
American Cancer Society
October 28, 2019
•[ financial, malware, healthcare ]
A Magecart attack is detected in the American Cancer Society online store.
City of Ocala
October 28, 2019
•[ financial, social, phishing ]
The City of Ocala in Florida falls victim to a business email compromise scam (BEC) that ends with redirecting over $742,000 to a bank account controlled by the fraudster(s).
Sixth June
October 28, 2019
•[ financial, malware, retail ]
French fashion online store Sixth June is infected some time ago with code that steals payment card info at checkout.
South African Banks
October 25, 2019
•[ financial, ddos, finance ]
The South African Banking Risk Information Centre (SABRIC) announces that the South African banking industry has been hit by a wave of DDoS attacks targeting consumer-facing services.
NCR Corporation
October 10, 2019
•[ financial, malware, finance ]
Researchers from FireEye discover new tools from the FIN7 group: a loader, dubbed BOOSTWRITE, that delivers payloads into memory and a module, dubbed RDFSNIFFER, that hooks into the remote administration software of ATM maker NCR Corporation.
GNV (Grandi Navi Veloci)
September 23, 2019
•[ financial, hack ]
GNV reports it has been the victim of a sophisticated cyber-attack that has led to a breach of personal information of a number of passengers and credit card holders. The attack took place in the period from 25 June to 18 July 2019.
EOSPlay
September 14, 2019
•[ financial, finance ]
A hacker spends $1,000 in EOS to steal more than $110,000 in cryptocurrency through an exploit of EOS gambling game EOSPlay.
Garmin South Africa
September 12, 2019
•[ financial, malware, manufacturing ]
The Garmin South Africa shopping portal (shop.garmin.co.za) is the latest victim of a magecart attack.
Toyota Boshoku Corporation
September 6, 2019
•[ financial, social, phishing ]
Toyota Boshoku Corporation announces that one of its European subsidiaries lost more than $37 million due to a business email compromise (BEC) attack.
Oklahoma Law Enforcement Retirement System (OLERS) Agency
September 6, 2019
•[ financial, hack, phishing ]
Oklahoma Law Enforcement Retirement System (OLERS) Agency reveals that cyber-thieves made off with $4.2 million. The theft occurred on August 26, 2019, when the perpetrators managed to hack into the email account of an investment manager.
City of Unalaska
September 5, 2019
•[ financial, social, phishing ]
The City of Unalaska recovers more than $2.3 million dollars, after wiring $2,985,406.10 to a fraudulent bank account as a result of a phishing email scam between May 15 and July 9.
Russell Stover Chocolates
August 30, 2019
•[ financial, malware, retail ]
Russell Stover Chocolates reveals that a malware infection to its POS systems compromised customer's data between February 9, 2019 and August 7, 2019.
U.K.-based energy firm
August 30, 2019
•[ financial, social, energy ]
An insurance firm (Euler Hermes Group SA) reveals that criminals used artificial intelligence-based software to impersonate a CEO's voice and demand a fraudulent transfer of 220,000 ($243,000) back in March.
Portland Public Schools
August 19, 2019
•[ social, financial, phishing ]
The Portland Public Schools district falls victim of a BEC scam costing around $2.9 million (but manages to recover the stolen amount).
Hy-Vee
August 14, 2019
•[ financial, retail ]
Supermarket chain Hy-Vee publishes a warning to customers, after staff discovered a security breach on some of its point-of-sale (PoS) systems.
National Baseball Hall of Fame
August 7, 2019
•[ financial, hack, malware ]
The website for the National Baseball Hall of Fame is hacked to include a MageCart script that stole the payment information of customers who purchased items on the site. The infection occurred between November 15, 2018 and May 14, 2019.
City of Naples, Florida
August 2, 2019
•[ financial, social, phishing ]
The City of Naples, Florida, loses $700,000 after a spear phishing attack.
