Elephant Money
April 12, 2022
•[ hack, finance ]
Elephant Money, the decentralized finance (DeFi) protocol behind the ELEPHANT token and the TRUNK stablecoin, announces that hackers stole $11.2 million worth of Binance Coin.
Basler Versicherungen
April 1, 2022
•[ ransomware, malware, finance ]
Black Basta drops examples of sensitive organizational data on their dark web page demanding payment under threat of publication.
Undetermined
March 30, 2022
•[ hack, finance ]
Unknown actors compromised the network of a major media organization.
Thozis Corp.
March 30, 2022
•[ hack, finance ]
In name of #OpRussia, the Anonymous release 5,500 emails from Thozis Corp., a Russian investment firm owned by Zakhar Smushkin, a Russian oligarch which is involved in the project to build a satellite city in Saint Petersburg.
TIC International Corporation (TIC)
March 30, 2022
•[ ransomware, malware, finance ]
TIC International Corporation (TIC) reports a data breach after the company learned it had been the target of a ransomware attack.
Revest Finance
March 27, 2022
•[ financial, misconfiguration, finance ]
Decentralized finance (DeFi) protocol Revest Finance discloses that $2 million was stolen through a vulnerability on their platform.
PayHere
March 27, 2022
•[ hack, misconfiguration, finance ]
In late March 2022, the Sri Lankan payment gateway PayHere suffered a data breach that exposed more than 65GB of payment records including over 1.5M unique email addresses. The data also included IP and physical addresses, names, phone numbers, purchase histories and partially obfuscated credit card data (card type, first 6 and last 4 digits plus expiry date). A month later, PayHere published a blog on the incident titled Ensuring Integrity on PayHere Cybersecurity Incident.
Undetermined
March 23, 2022
•[ leak, finance ]
Anonymous leaked 28GB worth of a Russian bank's data now available for public download. Distributed Denial of Secrets (aka DDoSecrets) announced archiving the entire data on its official website. Those 35,000 files contain some of the regulator's "secret agreements". They have been distributed to various online points. According to a post by the BBC Russian Service, in the files are hundreds of audit reports and information on bank owners.
Horizon Actuarial Services
March 21, 2022
•[ ransomware, malware, finance ]
Horizon Actuarial Services, a consulting firm that provides actuarial solutions to multiemployer benefit plans, notifies 38,418 individuals of a ransomware cyberattack.
OneRing Finance
March 21, 2022
•[ financial, finance ]
Attackers steal $1.4 million from the One Ring protocol via a flash loan attack.
Undetermined
March 20, 2022
•[ hack, misconfiguration, finance ]
Anonymous claimed to have remotely accessed printers across Russia and forced them to print over 100,000 documents with messages against war and propaganda, and how to bypass censorship in the country. The hacked printers were forced to print PDFs with a message informing Russians that "their president, the government, and media all have been feeding them lies."
Lakeview Loan Servicing
March 18, 2022
•[ hack, finance ]
Lakeview Loan Servicing says it had uncovered "a security incident involving unauthorized access to the file servers.
Morgan Stanley Wealth Management
March 18, 2022
•[ social, phishing, finance ]
Morgan Stanley Wealth Management, the wealth and asset management division of Morgan Stanley, says some of its customers had their accounts compromised in voice phishing (vishing) social engineering attacks.
Undetermined
March 15, 2022
•[ hack, finance ]
The Anonymous collective claims to have hacked more than 1300 network cameras from Russia/Belarus
Undetermined
March 14, 2022
•[ hack, malware, finance ]
ESET researchers have uncovered yet another destructive data wiper that was used in attacks against a limited number of organizations in Ukraine. No code similarities to either HermeticWiper or IsaacWiper were identified. There's evidence to suggest that the threat actors behind CaddyWiper infiltrated the target's network before executing the wiper.
Undetermined
March 13, 2022
•[ espionage, finance ]
A suspected Russian nation state actor stole data from a nuclear safety organization. "EnergeticBear" compromised this entity in December 2021 and stole data from it from December through mid-March.
Undetermined
March 10, 2022
•[ espionage, finance ]
A suspected Russian threat actor compromised an institution in Ukraine that was featured in false Russian weapons conspiracies in the past.
Technology Management Resources (TMR)
March 4, 2022
•[ hack, finance ]
Technology Management Resources, a payment processor, discloses to have been hit by a breach when discovering unusual activity with a user account. Multiple entities are affected.
Undetermined
March 3, 2022
•[ ransomware, malware, finance ]
SNATCH executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
Undetermined
March 1, 2022
•[ hack, malware, finance ]
Suspected Russian threat actor launched "DesertBlade" malware against a major broadcasting company on March 1, the same day that the Russian military announced its intention to destroy "disinformation" targets in Ukraine and directed a missile strike against a TV tower in Kyiv.
