Town of Webster, New York
November 15, 2024
•[ financial, social, phishing ]
The Town of Webster fell victim to a phishing scam in November 2024, when scammers impersonated a contractor and tricked officials into diverting $520,275.67. Criminal investigation recovered over $300,000, and cyber insurance is expected to cover the remainder. No sensitive or confidential data was compromised.
DeltaPrime
November 11, 2024
•[ financial, finance ]
DeltaPrime, the decentralized finance borrowing protocol suffers a cyber attack with a loss of $4.8 million worth of crypto assets.
Hyp
November 10, 2024
•[ financial, ddos, finance ]
Devices used across Israel to read credit cards malfunction after a suspected DDoS targets the payment gateway company Hyps CreditGuard product.
Alaska Division of Retirement and Benefits
November 4, 2024
•[ hack, financial, government ]
The Alaska Division of Retirement and Benefits is hacked and State residents who work in the public sector, have employer contributions to their retirement accounts impacted
Metawin
November 3, 2024
•[ financial, malware, technology ]
A threat actor steals over $4 million from crypto casino Metawin's Ethereum and Solana hot wallets
Individuals
October 31, 2024
•[ financial, phishing, retail ]
Researchers at Human reveal that more than 1,000 legitimate shopping sites have been compromised to promote fake product listings in a credit card phishing scheme dubbed Phish n Ships,
Crypto users
October 31, 2024
•[ financial, malware, finance ]
The popular LottieFiles Lotti-Player project is compromised in a supply chain attack to inject a crypto drainer into websites that steals visitors' cryptocurrency.
CR&R Environmental Services (CR&R Incorporated)
October 30, 2024
•[ hack, financial ]
CR&R discovered unauthorized access on October 30, 2024, affecting ~9,895 individuals. Notifications were issued December 26, 2024. Data included sensitive PII such as SSNs, drivers license and financial account data.
U.S. Government
October 24, 2024
•[ financial, government ]
A threat actor appears to have stolen approximately $20 million in stablecoins and ETH from wallets belonging to the U.S. Government.
Social
October 18, 2024
•[ financial, misconfiguration, finance ]
Tapioca DAO suffers a $4.5 million exploit after an attacker compromised its native token's vesting contract.
SelectBlinds
September 28, 2024
•[ financial, malware, retail ]
More than 200,000 who shopped for blinds or window dressing this year had their credit card information and other data stolen after threat actors placed malware on the website of SelectBlinds, a major retailer.
Bedrock
September 27, 2024
•[ financial, finance ]
Crypto liquid restaking protocol Bedrock loses roughly $2 million in a security exploit. In return, the attacker is offered the job of securing the very protocol it stole from.
Truflation
September 25, 2024
•[ financial, malware, finance ]
Crypto project Truflation loses over $5 million from its treasury multisig and personal wallets in a malware attack
OpenAI's press account on X
September 23, 2024
•[ financial, social, finance ]
Crypto scammers hijack OpenAI Newsroom, OpenAI's press account on X, formerly Twitter, to advertise a nonexistent token $OPENAI.
Equiniti Trust Company, formerly known as American Stock Transfer & Trust Company
September 19, 2024
•[ financial, phishing, finance ]
Equiniti Trust Company agrees to pay $850K after an unknown threat actor, pretending to be an employee of a U.S.-based public issuer client of American Stock Transfer, instructed the Company to issue millions of new shares, liquidate those shares, and send the proceeds to an bank in Hong Kong, leading to a loss of roughly $4.78 million.
Equiniti Trust Company, formerly known as American Stock Transfer & Trust Company
September 19, 2024
•[ financial, misconfiguration, finance ]
In a second breach, an unknown threat actor was able to create fake accounts with American Stock Transfer & Trust, by using stolen Social Security numbers of various American Stock Transfer accountholders, allowing them to liquidate securities held in the legitimate accounts and transfer approximately $1.9 million to external bank accounts.
Maestro Bot
September 19, 2024
•[ financial, finance ]
Reports emerge that even the users of the cryptocurrency trading bot Maestro are drained of $200,000 worth of digital assets.
DeltaPrime
September 16, 2024
•[ financial, finance ]
DeltaPrime, a decentralized finance (DeFi) platform, announces that its Arbitrum-based protocol, DeltaPrime Blue, was exploited in a cyber attack that drained approximately $5.98 million.
Marin Housing Authority
September 15, 2024
•[ financial, government ]
Threat actors steal $950,000 that was earmarked for the rehabilitation of public housing in Marin City, from the Marin Housing Authority.
Kraken
June 19, 2024
•[ financial, misconfiguration, finance ]
The Kraken crypto exchange discloses that alleged security researchers exploited a zero-day website bug to steal $3 million in cryptocurrency and then refused to return the funds.
