First Contact Health
May 1, 2024
•[ phishing, unauthorized access, health data ]
Guernseys Office of the Data Protection Authority (ODPA) sanctioned First Contact Health after cyber criminals successfully targeted an employee email account in a phishing attack, gaining unauthorized access to confidential health data. The practice reported the breach to the ODPA in May 2024, and the unauthorized access was believed to have occurred at least five months earlier. The enforcement action cited failures in key security controls intended to prevent phishing-based account compromise.
Atrium Health
April 29, 2024
•[ social, phishing, healthcare ]
Atrium Health sends notifications to patients who may have been impacted by a malicious email sent to employees in April, through which an unauthorized third party gained access to a group of employees emails.
Illinois Department Of Human Services
April 25, 2024
•[ social, phishing, government ]
The Illinois Department Of Human Services reveals that a phishing attack affected more than 1.1M public assistance clients.
LastPass
April 10, 2024
•[ social, phishing, technology ]
LastPass reveals that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer.
Political Parties in Germany
April 4, 2024
•[ social, phishing, government ]
The German Federal Office for Information Security, or BSI, and the Federal Office for the Protection of the Constitution warn that phishing attacks targeting political parties surged ahead of upcoming European Union elections.
New York City Automated Personnel System, Employee Self Service (known as NYCAPS/ESS)
March 31, 2024
•[ hack, phishing, government ]
The city of New York took its payroll website partially offline for the last nine days in response to a recent phishing scheme targeting city employees
Crypt investors in Hong Kong
March 25, 2024
•[ social, phishing, finance ]
The Securities and Futures Commission of Hong Kong warns against entities operating under the name "HKCEXP" and "EDY" saying the names falsely poses as an SFC-registered entities.
SPA Grand Prix
March 18, 2024
•[ hack, phishing, entertainment ]
Threat actors hijack the official contact email for the Belgian SPA Grand Prix event and use it to lure fans to a fake website promising a 50 gift voucher.
Individuals in the U.S.
March 18, 2024
•[ social, phishing, government ]
The U.S. Federal Trade Commission (FTC) warns that scammers are impersonating its employees to steal thousands of dollars from Americans.
Crypto users in Hong Kong
March 7, 2024
•[ social, phishing, finance ]
The Hong Kong Securities and Futures Commission blocks fake websites posing as major local cryptocurrency exchanges, impersonating two licensed exchanges in Hong Kong: OSL Digital Securities and Hash Blockchain Limited, also known as HashKey.
Los Angeles County Department of Health Services
February 19, 2024
•[ hack, phishing, government ]
The Los Angeles County Department of Health Services discloses a data breach after thousands of patients' personal and health information was exposed in a phishing attack impacting over two dozen employees.
Lexington Medical Center
February 14, 2024
•[ hack, phishing, healthcare ]
Lexington Medical Center files a notice of data breach discovering that an unauthorized actor was able to access an employees email account.
Unnamed Lincoln Project vendor
February 1, 2024
•[ financial, phishing, government ]
The anti-Donald Trump super PAC Lincoln Project discloses to have lost $35,000 to a business email compromise (BEC) scam.
Encore Bank
January 31, 2024
•[ hack, phishing, finance ]
Encore Bank files a notice of data breach after discovering that an unauthorized party was able to gain access to an employees email account.
University of Chicago Medical Center
January 30, 2024
•[ social, phishing, healthcare ]
The University of Chicago Medical Center reveals that a phishing incident involving the emails of workers at University of Chicago Medical Center may have exposed the personal information of about 10,300 people.
Passenger Rail Agency of South Africa (PRASA)
January 19, 2024
•[ financial, phishing, government ]
South Africa's railway agency (PRASA) discloses that it lost some 30.6 million rand (US$1.6 million) after the transport network fell victim to a phishing scam.
Alpha Supported Living Services
January 12, 2024
•[ social, phishing, healthcare ]
Alpha Supported Living Services (Alpha) files a notice of data breach after discovering that the organization was the recent victim of a phishing attack.
CoinGecko’s X (formerly Twitter) account
January 10, 2024
•[ finance, phishing, hack ]
Cryptocurrency data aggregator CoinGeckos X (formerly Twitter) account is briefly compromised to promote a crypto scam.
CoinGecko’s X (formerly Twitter) account
January 10, 2024
•[ account takeover, cryptocurrency scam, phishing ]
Cryptocurrency data aggregator CoinGeckos X (formerly Twitter) account is briefly compromised to promote a crypto scam.
At least one individual in Ukraine
January 6, 2024
•[ phishing, credential harvesting, state-sponsored attack ]
The article reports researchers observed a months-long phishing/credential-harvesting operation targeting users of UKR.NET, a popular Ukrainian webmail and news service. The campaign ran from June 2024 through April 2025 and was attributed to Russian state-backed BlueDelta (APT28/Fancy Bear/Forest Blizzard). Researchers said the actors created multiple fake UKR.NET login pages and sent phishing emails with PDF attachments containing embedded links to the fraudulent portals, with more than 20 linked PDF lure files identified. The purpose was assessed as harvesting credentials and gathering intelligence supporting broader Russian objectives; the reporting did not quantify how many users were successfully compromised.
