Fresnillo PLC
July 30, 2024
•[ hack, leak, manufacturing ]
Fresnillo PLC, the world's largest silver producer and a top global producer of gold, copper, and zinc, said attackers gained access to data stored on its systems during a recent cyberattack.
Microsoft
July 30, 2024
•[ hack, ddos, technology ]
Microsoft says that a DDoS attack led to an eight hour outage involving its Azure portal, as well as some Microsoft 365 and Microsoft Purview services.
Avanpost
July 26, 2024
•[ hack, leak, technology ]
A pro-Ukrainian hacker group, known as Cyber Anarchy Squad, claims it hacked the Russian information security firm Avanpost and leaked 390 gigabytes of its data, destroyed over 60 terabytes, and disrupted over 400 virtual machines and physical workstations.
Spytech Software
July 25, 2024
•[ hack, malware, technology ]
Spytech, a little-known spyware maker is hacked, revealing thousands of devices around the world under its stealthy remote surveillance.
Megafon
July 23, 2024
•[ hack, ddos, technology ]
Ukraines military intelligence (HUR) also claims responsibility for a DDoS attack to several large telecom operators in Russia.
Jefferson County Clerk’s Office
July 22, 2024
•[ hack, government ]
A cyber attack forces the Jefferson County Clerks Office to close eight branches.
Cadre Holdings
July 15, 2024
•[ hack, manufacturing ]
Florida-based safety equipment giant Cadre Holdings discloses a cyberattack that has impacted some of the companys operations.
Fractal ID
July 14, 2024
•[ hack, misconfiguration, technology ]
Web3 identity solutions provider Fractal ID reveals that a threat actor recently managed to exfiltrate data belonging to 6,300 users or 0.5% of its user base after compromising credentials for an operator account that had admin privileges.
At least five Macau government websites
July 11, 2024
•[ hack, ddos, government ]
At least five Macau government websites are knocked offline by suspected foreign hackers for almost an hour.
The Heritage Foundation
July 11, 2024
•[ hack, government ]
The hacktivist group SiegedSec claims responsibility for a data breach at the Heritage Foundation, stealing details of a potentially controversial Project 2025.
General Motors
July 9, 2024
•[ hack, brute-force, manufacturing ]
General Motors (GM) suffers what appears to be a credential stuffing attack, affecting 65 GM MyAccounts.
The Heritage Foundation
July 9, 2024
•[ hack, education ]
In July 2024, hacktivists published almost 2GB of data taken from The Heritage Foundation and their media arm, The Daily Signal. The data contained 72k unique email addresses, primarily used for commenting on articles (along with names, IP addresses and the comments left) and by content contributors (along with usernames and passwords stored as either MD5 or phpass hashes).
FNTech
July 5, 2024
•[ hack, misconfiguration, technology ]
Roblox announces that it suffered a data breach impacting attendees of the 2022, 2023, and 2024 Roblox Developer Conference attendees, after a vendor, FNTech, is compromised.
Husky Owners
July 4, 2024
•[ hack, leak ]
In July 2024, the Husky Owners forum website was defaced and linked to a breach of user data containing 16k records. The exposed data included usernames, email addresses, dates of birth and time zones.
OVHcloud
July 2, 2024
•[ hack, ddos, technology ]
OVHcloud, says it mitigated a record-breaking distributed denial of service (DDoS) attack earlier this year, allegedly launched from a botnet of MilkroTik devices, which reached an unprecedented packet rate of 840 million packets per second (Mpps).
Undisclosed financial institution
July 1, 2024
•[ hack, ddos, finance ]
Researchers at Radware reveal that a financial institution in the Middle East suffered a DDoS attack lasting more than 100 hours in total, averaging 4.5 million requests per second.
Roll20
June 29, 2024
•[ hack, technology ]
Roll20, a popular online tabletop platform for role-playing games (RPGs), reveals that its systems were breached.
Bloom Health Centers
June 28, 2024
•[ hack, phishing, healthcare ]
Psych Associates of Maryland LLC d/b/a Bloom Health Centers ("Bloom Health") discloses a security breach after the compromise of an employee's email.
Domestic flight in Australia
June 28, 2024
•[ hack, phishing ]
The AFP charges an Australian man (42) with operating a fake Wi-Fi access point on a domestic flight to steal user credentials and data.
Shoe Zone
June 28, 2024
•[ hack, malware, retail ]
In June 2024, the UK footwear chain Shoe Zone disclosed a data breach that was subsequently posted for sale on a popular hacking forum. The data included over 100k orders containing names, addresses, partial credit card numbers (card type and last 4 digits), and 46k unique email addresses. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker".
