Mutua Madrileña
September 27, 2024
•[ hack, misconfiguration, finance ]
Mutua Madrilea suffers a cyber attack on its home customer base, through an external provider, which affects thousands of customers.
Truflation
September 25, 2024
•[ financial, malware, finance ]
Crypto project Truflation loses over $5 million from its treasury multisig and personal wallets in a malware attack
French Citizens
September 25, 2024
•[ leak, misconfiguration, finance ]
In September 2024, over 90M rows of data on French Citizens was found left exposed in a publicly facing database. Compiled from various data breaches, the corpus contained 28M unique email addresses with the various source breaches each exposing different fields including name, physical and IP address, phone number and partial credit card data including payment type and last 4 digits.
MoneyGram
September 23, 2024
•[ hack, finance ]
Money transfer giant MoneyGram confirms it suffered a cyberattack after dealing with system outages and customer complaints about lack of service since Friday.
OpenAI's press account on X
September 23, 2024
•[ financial, social, finance ]
Crypto scammers hijack OpenAI Newsroom, OpenAI's press account on X, formerly Twitter, to advertise a nonexistent token $OPENAI.
Shezmu
September 21, 2024
•[ hack, finance ]
Shezmu, a crypto landing platform, suffers a $4.9 million worth hack after a storage vault is compromised. However the platform is able to recover the stolen funds within hours of successfully negotiating with the threat actor.
Equiniti Trust Company, formerly known as American Stock Transfer & Trust Company
September 19, 2024
•[ financial, phishing, finance ]
Equiniti Trust Company agrees to pay $850K after an unknown threat actor, pretending to be an employee of a U.S.-based public issuer client of American Stock Transfer, instructed the Company to issue millions of new shares, liquidate those shares, and send the proceeds to an bank in Hong Kong, leading to a loss of roughly $4.78 million.
Equiniti Trust Company, formerly known as American Stock Transfer & Trust Company
September 19, 2024
•[ financial, misconfiguration, finance ]
In a second breach, an unknown threat actor was able to create fake accounts with American Stock Transfer & Trust, by using stolen Social Security numbers of various American Stock Transfer accountholders, allowing them to liquidate securities held in the legitimate accounts and transfer approximately $1.9 million to external bank accounts.
Wright, Moore, DeHart, Dupuis & Hutchinson
September 19, 2024
•[ hack, finance ]
Public accounting firm Wright, Moore, DeHart, Dupuis & Hutchinson (WMDDH) notifies over 127,000 individuals that their personal information was stolen in a July 2023 data breach.
Maestro Bot
September 19, 2024
•[ financial, finance ]
Reports emerge that even the users of the cryptocurrency trading bot Maestro are drained of $200,000 worth of digital assets.
DeltaPrime
September 16, 2024
•[ financial, finance ]
DeltaPrime, a decentralized finance (DeFi) platform, announces that its Arbitrum-based protocol, DeltaPrime Blue, was exploited in a cyber attack that drained approximately $5.98 million.
Monobank
August 19, 2024
•[ hack, ddos, finance ]
Threat actors target Monobank, one of Ukraines most popular online banks with a massive distributed denial-of-service (DDoS) attack, primarily focusing on a service used by Ukrainians to raise donations for the military.
Star Health and Allied Insurance
August 13, 2024
•[ leak, misconfiguration, finance ]
Stolen customer data including medical reports from India's biggest health insurer, Star Health, is publicly accessible via chatbots on Telegram
CreditRiskMonitor
August 7, 2024
•[ leak, finance ]
CreditRiskMonitor, a provider of intelligence and analytics for credit and supply chain professionals, discloses a data breach impacting employees and contractors.
Undisclosed financial institution
July 1, 2024
•[ hack, ddos, finance ]
Researchers at Radware reveal that a financial institution in the Middle East suffered a DDoS attack lasting more than 100 hours in total, averaging 4.5 million requests per second.
Patelco Credit Union
June 29, 2024
•[ ransomware, malware, finance ]
Patelco Credit Union discloses it experienced a ransomware attack that led to the proactive shutdown of several of its customer-facing banking systems to contain the incident's impact.
Landmark Admin
June 27, 2024
•[ leak, finance ]
Life insurance company Landmark Admin sends notifications to an unknown number of individuals about a data breach impacting personal, medical, and insurance information.
CoinStats
June 23, 2024
•[ hack, finance ]
CoinStats reveals to have suffered a massive security breach that compromised 1,590 cryptocurrency wallets, draining over $2 million in virtual assets, with the attack suspected to have been carried out by North Korean threat actors.
Zacks (2024)
June 22, 2024
•[ leak, finance ]
In June 2024, the investment research company Zacks was allegedly breached, and data was later published to a popular hacking forum. This comes after a separate Zacks data breach confirmed by the organisation in 2023 with the subsequent breach disclosing millions of additional records representing a superset of data from the first incident. The 2024 breach included 12M unique email addresses along with IP and physical addresses, names, usernames, phone numbers and unsalted SHA-256 password hashes. Zacks did not respond to multiple attempts to contact them about the incident.
Kraken
June 19, 2024
•[ financial, misconfiguration, finance ]
The Kraken crypto exchange discloses that alleged security researchers exploited a zero-day website bug to steal $3 million in cryptocurrency and then refused to return the funds.
