At least one LastPass user
October 24, 2025
•[ phishing, credential theft, account takeover ]
Phishing emails impersonated password-vault Emergency Access notices using false death claims to coerce replies (e.g., STOP), pivoting victims to a look-alike portal tied to CryptoChameleon infrastructure; harvested credentials enabled vault takeover attempts and secondary account compromise. Campaign reflects profit-seeking credential theft across many individuals rather than a single named organization.
At least one undisclosed e-commerce site (running Adobe Commerce / Magento 2)
October 22, 2025
•[ vulnerability, account takeover, skimming ]
Observed active attempts to hijack Magento/Adobe Commerce sessions via the SessionReaper flaw weeks after patches, enabling account takeover, checkout abuse, and skimmer deployment on e-commerce sites. This is broad criminal monetization activity against many sites; no single named victim with a confirmed primary effect, so not recorded as a discrete event.
Sony Interactive Entertainment (PlayStation Network)
October 7, 2025
•[ account takeover, poor security practices, hacking ]
Hackers compromised a PlayStation Network account belonging to well-known gamer dav1d_123, apparently exploiting weak account protection or internal credential handling by PSN support. The incident revealed deficiencies in Sonys customer-support and account-security processes.
Anne Helen Petersen's Substack account
October 1, 2025
•[ phishing, account takeover, impersonation ]
Former Buzzfeed journalist Anne Helen Petersen received a phishing email that imitated a security alert from Substack, warning that her ability to send emails would be frozen unless she verified her account. After she responded, attackers captured her credentials and gained unauthorized access to her Culture Study Substack newsletter and podcast account, which has more than 25,000 followers. The intruders changed the newsletters name to impersonate cryptocurrency wallet company Trezor and added thousands of new email addresses to the mailing list, hijacking her distribution channel to push a crypto-related scam through her audience.
Sesame Workshop (Elmo account)
July 29, 2025
•[ account takeover ]
Sesame Workshop said it regained control of the Elmo X account after it was hijacked and used to post racist content; company apologized and removed the posts.
Mike Graham's Facebook Account
July 18, 2025
•[ account takeover ]
Saifuddin Nasution Ismail (WhatsApp account)
May 28, 2025
•[ phishing, account takeover, government ]
WhatsApp account of Malaysias Home Minister hacked in late May 2025 and used via a foreign VPN to send malicious/phishing links to contacts; government confirmed account compromise Jun 2 2025; no evidence of large-scale data theft or system outage.
Chile national football team (official YouTube channel)
April 18, 2025
•[ malware, account takeover ]
Hackers hijacked the Chile national football teams verified YouTube channel (~43,000 subscribers) for about 48 hours (April 1820 2025), replacing legitimate videos with gaming content embedding malware links and maintaining full administrative control until recovery.
Czech Government – Prime Minister’s X (Twitter) Account
April 8, 2025
•[ account takeover, hacktivism, disinformation ]
On April 8 2025, hacktivists compromised the official X account of Czech Prime Minister Petr Fiala and posted fabricated messages about Russian attacks and U.S. tariffs in protest of Czech government policies. Authorities confirmed the intrusion, removed the posts, and restored control within hours. No data theft or encryption occurred.
Jaaved Jaaferi / X (Twitter) account
April 5, 2025
•[ account takeover, phishing, scam ]
On April 5 2025, the verified X (formerly Twitter) account of Indian actor Jaaved Jaaferi was hijacked and used to post cryptocurrency scam and phishing messages. The actor warned followers via Instagram not to engage. Control was restored within hours, and no data theft or cross-platform compromise was reported.
AustralianSuper
April 1, 2025
•[ account takeover, credential stuffing, theft ]
Hackers used stolen credentials to access about 600 AustralianSuper accounts in a coordinated campaign targeting Australias superannuation funds; small monetary thefts reported.
Rest Super
April 1, 2025
•[ credential stuffing, account takeover ]
Rest Super confirmed credential-stuffing attempts compromising some member accounts as part of coordinated April 2025 campaign; no losses disclosed.
Troy Hunt / Have I Been Pwned Mailing List
March 25, 2025
•[ phishing, data leak, account takeover ]
Phishing led to Mailchimp account takeover and export of subscriber list.
Presidency Of Costa Rica (YouTube Account)
March 21, 2025
•[ account takeover, cryptocurrency scam ]
Costa Rica presidencys YouTube account was hijacked and posted crypto content.
John Dramani Mahama
March 18, 2025
•[ account takeover ]
Mahamas official X account was compromised and used to post unauthorized content.
Pump.fun X account
February 26, 2025
•[ account takeover, social engineering, cryptocurrency scam ]
The official X account of Pump.fun was hijacked on February 26, 2025, and used to promote a fake governance token named PUMP and other scam cryptocurrencies, misleading users and causing financial harm before the fraudulent posts were removed and access was restored.
Gold Coast Health Plan
October 21, 2024
•[ data leak, third-party breach, account takeover ]
Gold Coast Health Plan reported that a contracted vendor (Conduent Business Solutions) suffered a cyberattack involving compromise of a single employee email account, which allowed unauthorized access to certain files during a window from Oct. 21, 2024 to Jan. 13, 2025. The vendor discovered the incident on Jan. 13, 2025 and began an investigation with law enforcement notification. A later forensic review determined that information for 540 plan members could have been exposed, listing specific claim-related and membership data elements; the release stated that Social Security numbers and financial information were not accessed or disclosed.
