MP Kalyan Banerjee
November 8, 2025
•[ online banking fraud, identity theft, insider threat ]
Reports from Indian media state that cybercriminals somehow obtained the ability to operate a dormant State Bank of India account held by Trinamool Congress MP Kalyan Banerjee, transferring about 5556 lakh from his active Kalighat branch account into the dormant account and then withdrawing the full amount; the bank has filed a complaint with the Kolkata Police cybercrime division, which is investigating how forged or manipulated KYC information, including Banerjees photo and mobile number, was used to facilitate the online banking fraud and whether any internal security lapses contributed to the theft.
National prison management platform of the National Penitentiary Administration (ANP)
August 1, 2025
•[ insider threat, financial fraud, unauthorized access ]
A prisoner in the Dej hospital prison hacked tablet/kiosk systems used to access the national inmate-services portal, manipulating requests and financial accounts tied to commissary and sentence-credit workflows. Activity persisted for weeks across multiple institutions before detection; the union and national media detail platform misuse and credential abuse rather than broad IT outages.
Origin Energy
July 30, 2025
•[ insider threat, data leak ]
Encrypted credit/debit card details for 732 customers (plus associated account data) exfiltrated to a personal email account on the employees last day; company disclosed the insider-led breach and began notifications.
Neblio Technologies Pvt Ltd
July 19, 2025
•[ insider threat, data leak ]
Company reported approximately Rs 384 crore (~$44M) in cryptocurrency transferred from a company wallet around 2:37 am on July 19 to six accounts; internal probe suggested an employee laptop compromise and potential insider involvement.
C&M Software (service provider to Banco Central ecosystem)
July 2, 2025
•[ insider threat, compromised credentials, financial theft ]
Attackers allegedly bought an employee's credentials for ~$2,700 to access C&M systems and steal BRL 800M from connected institutions; part converted to crypto and laundered.
Chief Electoral Officer – West Bengal
May 17, 2025
•[ data breach, insider threat, unauthorized access ]
A security breach led to deletion of at least 1,000 voters from the electoral roll in a West Bengal assembly constituency; subsequent reports cited misuse of AERO credentials.
Coinbase
May 15, 2025
•[ insider threat, data leak, supply chain ]
Coinbase disclosed a data breach involving bribed third-party support agents; customer data was accessed and losses estimated at $180$400M for remediation and reimbursements.
Kerala State Film Development Corporation (KSFDC)
May 12, 2025
•[ data leak, insider threat, surveillance ]
Reporting described a major cybersecurity breach in which CCTV footage recorded inside government-owned theatres in Thiruvananthapuram (Kairali, Sree, and Nila) appeared on pornographic websites and then spread via Telegram/X and other channels. The leaked clips visibly displayed the KSFDC logo on seats, strongly indicating the source. Authorities opened a high-level inquiry and a cyber-cell investigation, with officials considering possibilities including insider misuse by staff with access to surveillance systems or an external intrusion into the CCTV network. No specific perpetrator, intrusion method, or exact timeframe for initial compromise was provided, but the incident resulted in non-consensual exposure of surveillance video of patrons.
Rochester Public School listserv
May 12, 2025
•[ misconfiguration, insider threat, email abuse ]
Rochester School District officials reported that students and staff were bombarded with sexually explicit and threatening emails after a student exploited a misconfiguration in an email distribution list. The distribution list had been inadvertently configured with broader permissions than intended, allowing a student to send an unauthorized mass message to a large number of student accounts across grade levels. The districts technology team worked to identify the source, recall the messages, and correct the permission setting; students were then blocked from sending to distribution groups. The incident primarily affected communications integrity and student safety, rather than causing extended operational downtime.
Barnstable County Sheriff’s Office
April 22, 2025
•[ insider threat, data leak ]
BCSO reported an intentional insider breach learned April 22, involving leaking of personal information of 100+ former employees and one current employee; the employee was placed on leave.
Infini (Infini Earn)
February 24, 2025
•[ insider threat, financial theft, cryptocurrency ]
A former developer or compromised admin key was used to withdraw $49.5 million from Infinis smart-contract vault on February 24 2025. The attacker converted USDC to ETH and moved the funds off-chain. Infini, a Hong Kong-based stablecoin bank, offered a 20% bounty for fund return and filed legal action against a former developer in Hong Kong.
Opexus
February 1, 2025
•[ insider threat, data leak, sabotage ]
Insider compromise at Opexus by two employees previously convicted of hacking led to improper access, and the compromise/deletion of dozens of databases (including IRS and GSA data sets), triggering outages in two key software systems used by federal agencies; terminations followed and investigations cite a major lapse in security controls.
Texas Health and Human Services Commission
December 5, 2024
•[ insider threat, data leak ]
HHSC update: following insider wrongdoing identified in 2024, the agency added 33,529 more affected, bringing the total to ~94,000 individuals; misconduct spanned 2021Jan 2025 and led to terminations and OIG referral.
St. Anthony Hospital (SSM Health)
August 6, 2024
•[ malware, data leak, insider threat ]
On August 6 2024, Jeffrey Bowie, CEO of cybersecurity firm Veritaco, allegedly installed malware on computers at St. Anthony Hospital (SSM Health) in Oklahoma City. The malware took screenshots roughly every 20 minutes and transmitted them to an external address. The activity was detected and contained quickly, and hospital officials reported no patient or clinical data access. Bowie was arrested on April 16 2025.
Wojeski & Company
July 28, 2023
•[ ransomware, phishing, data leak ]
NY AG says Wojeski suffered a phishing-led ransomware incident that locked access to files, followed by a second breach when a vendors employee improperly accessed and exfiltrated client data. Notifications lagged by over a year. Settlement requires encryption, inventorying locations of personal data, stronger access controls, vulnerability management, and a formal IR plan; $60,000 penalty and credit monitoring for affected New Yorkers.
Government Communications Headquarters
August 24, 2022
•[ insider threat, data leak ]
Former intern admitted unauthorized transfer of top secret data from Gchq.
