New York Bill Drafting Commission
April 17, 2024
•[ hack, malware, government ]
The New York Bill Drafting Commission is taken down by a malware attack.
Argentina's driver licenses
April 16, 2024
•[ hack, leak, government ]
A threat actor allegedly hacks a database holding 5.7M Argentinas drivers licenses, requesting a payment of $3,000 USD for whoever wishes to purchase the images of Argentine licenses.
Albatross
April 15, 2024
•[ hack, leak, manufacturing ]
Ukrainian hackers from Cyber Resistance claim to have breached the Russian drone developer Albatross, leaking 100 gigabytes of data, including internal documentation, technical data and drawings of various types of unmanned aerial vehicles.
Meduza
April 15, 2024
•[ hack, ddos ]
The Russian independent news website Meduza faces repeated attempts to disrupt its digital infrastructure.
Israel's radar system
April 14, 2024
•[ hack, government ]
An Iranian cyber group named Handala claims to have breached Israel's radar systems and sent hundreds of thousands of threatening text messages to Israeli citizens.
Neiman Marcus
April 14, 2024
•[ hack, misconfiguration, retail ]
In May 2024, the American luxury retailer Neiman Marcus suffered a data breach which was later posted to a popular hacking forum. The data included 31M unique email addresses, names, phone numbers, dates of birth, physical addresses and partial credit card data (note: this is insufficient to make purchases). The breach was traced back to a series of attacks against the Snowflake cloud service which impacted 165 organisations worldwide.
Undisclosed telephony provider
April 11, 2024
•[ hack, technology ]
Cisco Duo's security team warns that threat actors stole some customers' VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack on their telephony provider.
Moskollector
April 10, 2024
•[ hack, government ]
Blackjack, a Ukrainian hacker group affiliated with the countrys security service claims to have targeted Moskollector, the firm that operates the communication system for Moscows sewage network.
GBI Genios
April 9, 2024
•[ hack, technology ]
GBI Genios, a database company used by numerous media organizations in Germany, announces its servers are unavailable due to a massive hacker attack.
CVS Group
April 8, 2024
•[ hack, healthcare ]
UK veterinary services provider CVS Group announces that it suffered a cyberattack that disrupted IT services at its practices across the country.
Russia’s prosecutor general
April 4, 2024
•[ hack, government ]
A group of hacktivists going by the name RGB-TEAM claims responsibility for hacking into the website of Russias prosecutor general, exposing data on criminal offenses committed in Russia over the past 30 years.
Filipino Department of Science and Technology
April 4, 2024
•[ hack, government ]
In name of #OpEDSA, a Filipino hacktivist group operating under the pseudonym "ph1ns," breaks into servers owned and operated by the government's Department of Science and Technology and deletes up to 25 terabytes of confidential data and backups.
Undisclosed organization(s) or individual(s)
April 3, 2024
•[ hack, malware, technology ]
Google fixes CVE-2024-29745 and CVE-2024-29748, two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them.
Paris Saint-Germain (PSG)
April 3, 2024
•[ hack ]
Paris Saint-Germain (PSG), the Qatari-owned football team, informs its supporters that a cyberattack targeted the clubs online ticketing service
New York City Automated Personnel System, Employee Self Service (known as NYCAPS/ESS)
March 31, 2024
•[ hack, phishing, government ]
The city of New York took its payroll website partially offline for the last nine days in response to a recent phishing scheme targeting city employees
Pandabuy
March 31, 2024
•[ hack, retail ]
In March 2024, 1.3M unique email addresses from the online store for purchasing goods from China, Pandabuy, were posted to a popular hacking forum. The data also included IP and physical addresses, names, phone numbers and order enquiries. The breach was alleged to be attributed to "Sanggiero" and "IntelBroker".
Florida Department of Juvenile Justice
March 29, 2024
•[ hack, government ]
Threat actors break into the computer network of the Florida Department of Juvenile Justice.
Munchables
March 26, 2024
•[ hack, financial, finance ]
The Munchables blockchain-based game is attacked, with about $62 million worth of cryptocurrency was stolen from the game. Few hours after the attacker agrees to return the stolen funds.
VNDirect Securities Company (VNDirect)
March 26, 2024
•[ hack, finance ]
VNDirect, one of Vietnam's largest brokerages, begins the process of restoring its systems after a cyberattack that forced it to suspend trading transactions.
Communications Workers Union
March 25, 2024
•[ hack, technology ]
The Communications Workers Union (CWU), which represents hundreds of thousands of employees in sectors across the UK economy including tech and telecoms, is currently working to mitigate a cyberattack.
