Habib Bank Limited
January 1, 2025
•[ hack, finance ]
hacked
Federal Board of Revenue
January 1, 2025
•[ hack, finance ]
hacked
Fondo Genesis (MetLife)
December 31, 2024
•[ ransomware, malware, finance ]
The ransomware group RansomHub claims responsibility for a breach of MetLife's operations in Latin America. MetLife denies the allegations, acknowledging a separate cyber incident involving Fondo Genesis, a subsidiary operating solely in Ecuador. Claims to have exfiltrated 1TB of data.
"Tony" (undisclosed crypto investor)
December 18, 2024
•[ social, phishing, finance ]
A scammer impersonating Google manages to phish 45 bitcoins approximately $4,725,000 at todays value from Tony, a 42-year-old professional from northern California.
Individuals in South Korea
December 11, 2024
•[ financial, phishing, finance ]
A South Korean law enforcement operation, dubbed Operation Midas, and carried out by the Korean Financial Security Institute (K-FSI), takes down a large-scale fraud network that extorted $6.3m from victims with fake online trading platforms.
Multiple Organizations in the Cryptocurrency Space
December 4, 2024
•[ financial, malware, finance ]
The legitimate Solana JavaScript SDK is temporarily compromised in a supply chain attack, backdoored with code to steal cryptocurrency keys and drain wallets.
Cabot Financial
November 28, 2024
•[ hack, finance ]
A cyber attack targets acquisition and credit servicing firm Cabot involving the theft of some 394,000 data files, including material related to its direct customers and its loan book.
Crypto users in Linkedin
November 22, 2024
•[ financial, social, finance ]
Researchers at Microsoft reveal that the North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period.
Yonéma
November 21, 2024
•[ leak, finance ]
In November 2024, data from the Senegalese payment platform Yonma was posted to a popular hacking forum. The data included 36k unique email addresses alongside phone numbers, names and what appears to be encrypted passwords and dates of birth.
Thala
November 15, 2024
•[ financial, misconfiguration, finance ]
Thala reveals it had suffered a security breach due to an isolated vulnerability related to its v1 farming contracts, which allowed the attacker to withdraw liquidity tokens. The company is able to recover $25.5 million of liquidity pool tokens
DeltaPrime
November 11, 2024
•[ financial, finance ]
DeltaPrime, the decentralized finance borrowing protocol suffers a cyber attack with a loss of $4.8 million worth of crypto assets.
Hyp
November 10, 2024
•[ financial, ddos, finance ]
Devices used across Israel to read credit cards malfunction after a suspected DDoS targets the payment gateway company Hyps CreditGuard product.
Crypto users
October 31, 2024
•[ financial, malware, finance ]
The popular LottieFiles Lotti-Player project is compromised in a supply chain attack to inject a crypto drainer into websites that steals visitors' cryptocurrency.
Social
October 18, 2024
•[ financial, misconfiguration, finance ]
Tapioca DAO suffers a $4.5 million exploit after an attacker compromised its native token's vesting contract.
Johnson & Johnson
October 16, 2024
•[ leak, finance ]
Insurance company Johnson & Johnson discloses a data breach impacting the personal information of thousands of people.
AnnieMac Home Mortgage
October 15, 2024
•[ leak, finance ]
New Jersey-based mortgage loan provider AnnieMac Home Mortgage (American Neighborhood Mortgage Acceptance Company) informs over 171,000 individuals of a recent data breach.
Finsure
October 15, 2024
•[ leak, misconfiguration, finance ]
In October 2024, almost 300k unique email addresses from Australian mortgage broking group Finsure were obtained from the ActivePipe real estate marketing platform. The impacted data also included names, phone numbers and physical addresses. The incident did not directly affect any of Finsure's systems or expose any passwords or financial data.
Fidelity Investments
October 9, 2024
•[ hack, finance ]
Fidelity Investments, a Boston-based multinational financial services company, discloses that the personal information of over 77,000 customers was exposed after its systems were breached in August.
EigenLayer
October 4, 2024
•[ hack, phishing, finance ]
EigenLayer team says it is investigating an unapproved selling activity of about 1.6 million of EigenLayers EIGEN tokens, worth about $5.7 million. In a subsequent update the company reveals that the unapproved token-selling incident was due to a hack, after a malicious attacker compromised an email thread involving an investors token transfer into custody.
Bedrock
September 27, 2024
•[ financial, finance ]
Crypto liquid restaking protocol Bedrock loses roughly $2 million in a security exploit. In return, the attacker is offered the job of securing the very protocol it stole from.
