Tipton Wastewater Treatment Plant
April 20, 2024
•[ hack ]
The Cyber Army of Russia claims responsibility for a cyber attack to the Tipton Wastewater Treatment Plant. An investigation by Mandiant claims that this group may be linked operationally to APT44 GRU Sandworm
Government of British Columbia
April 18, 2024
•[ hack, government ]
The Government of British Columbia is investigating multiple "cybersecurity incidents" that have impacted the Canadian province's government networks.
Grodno Azot
April 17, 2024
•[ hack, manufacturing ]
Belarusian politically motivated hacktivists from the Belarusian Cyber-Partisans group claim to have attacked the countrys largest state-run manufacturer of fertilizers, Grodno Azot, for its alleged involvement in political repression, sanctions evasion, and human rights violations.
New York Bill Drafting Commission
April 17, 2024
•[ hack, malware, government ]
The New York Bill Drafting Commission is taken down by a malware attack.
Argentina's driver licenses
April 16, 2024
•[ hack, leak, government ]
A threat actor allegedly hacks a database holding 5.7M Argentinas drivers licenses, requesting a payment of $3,000 USD for whoever wishes to purchase the images of Argentine licenses.
Meduza
April 15, 2024
•[ hack, ddos ]
The Russian independent news website Meduza faces repeated attempts to disrupt its digital infrastructure.
Albatross
April 15, 2024
•[ hack, leak, manufacturing ]
Ukrainian hackers from Cyber Resistance claim to have breached the Russian drone developer Albatross, leaking 100 gigabytes of data, including internal documentation, technical data and drawings of various types of unmanned aerial vehicles.
Neiman Marcus
April 14, 2024
•[ hack, misconfiguration, retail ]
In May 2024, the American luxury retailer Neiman Marcus suffered a data breach which was later posted to a popular hacking forum. The data included 31M unique email addresses, names, phone numbers, dates of birth, physical addresses and partial credit card data (note: this is insufficient to make purchases). The breach was traced back to a series of attacks against the Snowflake cloud service which impacted 165 organisations worldwide.
Israel's radar system
April 14, 2024
•[ hack, government ]
An Iranian cyber group named Handala claims to have breached Israel's radar systems and sent hundreds of thousands of threatening text messages to Israeli citizens.
Undisclosed telephony provider
April 11, 2024
•[ hack, technology ]
Cisco Duo's security team warns that threat actors stole some customers' VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack on their telephony provider.
Moskollector
April 10, 2024
•[ hack, government ]
Blackjack, a Ukrainian hacker group affiliated with the countrys security service claims to have targeted Moskollector, the firm that operates the communication system for Moscows sewage network.
GBI Genios
April 9, 2024
•[ hack, technology ]
GBI Genios, a database company used by numerous media organizations in Germany, announces its servers are unavailable due to a massive hacker attack.
CVS Group
April 8, 2024
•[ hack, healthcare ]
UK veterinary services provider CVS Group announces that it suffered a cyberattack that disrupted IT services at its practices across the country.
Russia’s prosecutor general
April 4, 2024
•[ hack, government ]
A group of hacktivists going by the name RGB-TEAM claims responsibility for hacking into the website of Russias prosecutor general, exposing data on criminal offenses committed in Russia over the past 30 years.
Filipino Department of Science and Technology
April 4, 2024
•[ hack, government ]
In name of #OpEDSA, a Filipino hacktivist group operating under the pseudonym "ph1ns," breaks into servers owned and operated by the government's Department of Science and Technology and deletes up to 25 terabytes of confidential data and backups.
Undisclosed organization(s) or individual(s)
April 3, 2024
•[ hack, malware, technology ]
Google fixes CVE-2024-29745 and CVE-2024-29748, two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them.
Paris Saint-Germain (PSG)
April 3, 2024
•[ hack ]
Paris Saint-Germain (PSG), the Qatari-owned football team, informs its supporters that a cyberattack targeted the clubs online ticketing service
Pandabuy
March 31, 2024
•[ hack, retail ]
In March 2024, 1.3M unique email addresses from the online store for purchasing goods from China, Pandabuy, were posted to a popular hacking forum. The data also included IP and physical addresses, names, phone numbers and order enquiries. The breach was alleged to be attributed to "Sanggiero" and "IntelBroker".
New York City Automated Personnel System, Employee Self Service (known as NYCAPS/ESS)
March 31, 2024
•[ hack, phishing, government ]
The city of New York took its payroll website partially offline for the last nine days in response to a recent phishing scheme targeting city employees
Florida Department of Juvenile Justice
March 29, 2024
•[ hack, government ]
Threat actors break into the computer network of the Florida Department of Juvenile Justice.
