Allegheny Health Network (AHN)
January 17, 2025
•[ hack, healthcare ]
Allegheny Health Network discloses that an "unauthorized user" hacked its IT vendor IntraSystems.
Greece's public-sector network, SYZEFXIS
January 16, 2025
•[ hack, ddos, government ]
Government websites went down again on Wednesday afternoon for about 5 minutes. For the same period, civil servants lost access to the internet from their workplace computers.
The Idols NFT
January 15, 2025
•[ financial, hack, finance ]
The Idols NFT contract on Ethereum suffers an exploit resulting in a loss of approximately $340K.
45 schools in Rhineland-Palatinate served by IT provider Topackt
January 15, 2025
•[ hack, education ]
Die Server der betroffenen Schulen in der Pfalz sind weitgehend wiederhergestellt. Das Backup-System des Betreibers hat offensichtlich funktioniert.
Electronic School (ГИС "Электронная школа"), Novosibirsk
January 15, 2025
•[ hack, ddos, education ]
On January 15, 2025, a powerful DDoS attack targeted Novosibirsks Electronic School digital diary platform. The attack, described as one of the most massive in the region, caused several hours of disruption before service was restored.
Steel Warehouse Co. LLC (South Bend Steel Processor)
January 15, 2025
•[ hack, manufacturing ]
South Bend-based Steel Warehouse Co. LLC disclosed a data breach after a cybercriminal gang accessed systems in late 2024; breach notifications were issued in Jan 2025 and lawsuits filed Aug 2025 alleging mishandling of sensitive employee and contractor data.
DigiD
January 14, 2025
•[ hack, ddos, government ]
The DigiD outage, which prevented people from logging in for most of yesterday afternoon , was caused by a large-scale DDoS attack. The DigiD server was experiencing so much traffic that the website couldn't handle it, according to Logius, the government agency that manages DigiD.
Infobis
January 13, 2025
•[ hack, technology ]
Ukrainian threat group Cyber Anarchy Squad takes responsibility for an attack against Russian agricultural tech firm Infobis, which purportedly leads to the theft of 3 TB of data in addition to infrastructure damage.
Grinding Gear Games (developer of Path 2 Exile 2)
January 13, 2025
•[ hack, technology ]
Path of Exile 2 developers confirm that a hacked admin account allowed a threat actor to change the password and access at least 66 accounts, finally explaining how PoE 2 accounts have been breached since November.
Roseltorg
January 13, 2025
•[ hack, government ]
Roseltorg, Russia's main electronic trading platform for government and corporate procurement confirms that it had been targeted by a cyberattack. Pro-Ukraine hacker group Yellow Drift claims responsibility.
Avery Products Corporation
January 13, 2025
•[ financial, hack, retail ]
Avery Products Corporation warns it suffered a data breach after its website was hacked to steal customers' credit cards and personal information.
LandAirSea
January 12, 2025
•[ hack, technology ]
In January 2025, the GPS tracking service LandAirSea suffered a data breach that exposed 337k unique customer email addresses alongside names, usernames and password hashes. The breach also exposed partial credit card data (card type, last 4 digits and expiration), and GPS device identifiers and locations. LandAirSea is aware of the breach and has remediated the underlying vulnerability. The data was provided to HIBP by a source who requested it be attributed to "zathienaephi@proton.me".
Italy's Ministry of Infrastructure and Transport
January 11, 2025
•[ ddos, government, hack ]
Tra ieri e oggi, il gruppo NoName057(16) ha effettuato diversi attacchi DDoS contro siti istituzionali italiani e aziende, tra cui Intesa Sanpaolo.
Swiss Federal Administration
January 10, 2025
•[ hack, government ]
Beeintrchtigt gewesen sind unter anderem die Telefonie, Outlook sowie verschiedene Webseiten und Fachanwendungen des Bundes. Daten seien keine abgeflossen, hiess es vom Bund.
Centre des technologies de l’information de l’État' (CTIE)
January 10, 2025
•[ hack, ddos, government ]
Mehrere von der Regierung betriebene und vom Centre des technologies de linformation de ltat (CTIE) gehostete Internetseiten waren am Freitag zwischen 13:05 und 14:55 Uhr nicht erreichbar. Ursache dafr war eine DDOS-Attacke, die zahlreiche Webseiten lahmlegte, darunter men.public.lu und 112.public.lu. Das besttigte eine Sprecherin des CTIE gegenber dem Tageblatt. Der Angriff habe kurz nach 13 Uhr...
Lifebridge Health
January 10, 2025
•[ hack, phishing, healthcare ]
LifeBridge Health sent letters to patients and families about an email phishing incident that was discovered on Nov. 12.
Crimean Telecom Operators
January 10, 2025
•[ hack, ddos, technology ]
A massive DDoS attack is targeting major fixed-line and mobile network operators in Crimea, according to the Ministry of Internal Policy, Information and Communications... RIA Novosti, January 11, 2025
GroupGreeting[.]com
January 9, 2025
•[ hack, technology ]
Researchers at Malwarebytes discover zqxq, a widespread cyberattack that compromised GroupGreeting[.]com, a popular platform used by major enterprises to send digital greeting cards.
Scholastic
January 8, 2025
•[ hack, education ]
In January 2025, a data breach of the publishing company Scholastic surfaced. The breach contained 4.2M unique email addresses with many of the records also including name, phone number and physical address.
City of Corvallis (Councilor Paul Schaffer)
January 8, 2025
•[ hack, phishing, government ]
A Corvallis city councilor's email is hacked by a scammer and used to reach nearly 3,500 email addresses in an attempt to steal the recipients' personal information.
