Bangladesh National Telecommunication Monitoring Center
November 16, 2023
•[ leak, misconfiguration, government ]
The National Telecommunication Monitoring Center (NTMC) in Bangladesh publishes people's personal information through an unsecured database until anonymous threat actors attack the exposed database, wiping details from the system and claiming to have stolen the trove of information.
Israir Airlines
November 16, 2023
•[ hack, leak ]
Hacktivists from SiegedSec claim to have allegedly compromised Israir Airlines and post a link with 1.4GB of data related to the company's internal and confidential documents.
Zadig & Voltaire
November 16, 2023
•[ leak, retail ]
In June 2024, a data brach sourced from French fashion brand Zadig & Voltaire was publicly posted to a popular hacking forum. The data included names, email and physical addresses, phone numbers and genders. When contacted about the incident, Zadig & Voltaire advised the incident had occurred more than 6 months ago and that "all measures were taken quickly".
MeridianLink
November 15, 2023
•[ ransomware, leak, malware ]
The AlphV/BlackCat ransomware group adds MeridianLink to its leak site and reports its victim to the Securities Exchange Commission (SEC.)
Plume
November 15, 2023
•[ leak, technology ]
The smart Wi-Fi service provider, Plume, apparently falls victim to a data breach. The perpetrators, claiming responsibility for the incident, make their announcement on the notorious Breach Forums.
Samsung Electronics
November 15, 2023
•[ leak, manufacturing ]
Samsung Electronics notifies some of its UK customers of a data breach that exposed their personal information to an unauthorized individual.
KitchenPal
November 14, 2023
•[ leak, misconfiguration, technology ]
In November 2023, the kitchen management application KitchenPal suffered a data breach that exposed 146k lines of data. When contacted about the incident, KitchenPal advised the corpus of data came from a staging environment, although acknowledged it contained a small number of users for debugging purposes and included passwords that could not be used. Impacted data included almost 100k email addresses, names, geolocations and incomplete data on dates of birth, genders, height and weight, social media profile identifiers and bcrypt password hashes.
State of Maine
November 10, 2023
•[ leak, sqlinjection, government ]
The State of Maine announces that its systems were breached after threat actors exploited the vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state's entire population.
Amber Hill Group
November 8, 2023
•[ ransomware, leak, malware ]
The LockBit 3.0 ransomware group adds Amber Hill Group the their leak site.
Pharmacy Group of Mississippi
November 7, 2023
•[ leak, healthcare ]
Pharmacy Group of Mississippi files a notice of data breach after discovering that information that had been entrusted to the company was subject to unauthorized access.
Robert W. Baird & Co. Incorporated
November 7, 2023
•[ leak, finance ]
Robert W. Baird & Co. Incorporated (Baird) files a notice of data breach after discovering that confidential information that consumers placed in the company's care was subject to unauthorized access.
Rosgosstrakh
November 4, 2023
•[ hack, leak, finance ]
A threat actor named Apathy hits Rosgosstrakh (Russian: ), Russia's second-largest insurance company, successfully stealing 400GB of data.
LinkedIn Scraped and Faked Data (2023)
November 4, 2023
•[ leak, misconfiguration, technology ]
In November 2023, a post to a popular hacking forum alleged that millions of LinkedIn records had been scraped and leaked. On investigation, the data turned out to be a combination of legitimate data scraped from LinkedIn and email addresses constructed from impacted individuals' names.
Summit Health
November 3, 2023
•[ ransomware, leak, malware ]
Summit Health is added in the LockBit 3.0 ransomware group leak site.
Clinique
November 1, 2023
•[ leak, manufacturing ]
The Spanish branch of Skincare products maker Clinique, a subsidiary of cosmetics giant Este Lauder, reportedly experiences a significant data breach, with the personal information of over 700,000 customers exposed by a threat actor with the moniker of Pwned.
St. Johns River Water Management District
November 1, 2023
•[ leak, government ]
St. Johns River Water Management District, a regulatory agency in Florida that oversees the long-term supply of drinking water, confirms that it responded to a cyberattack after the Cyber Av3ngers said it attacked the organization, providing samples of what it stole.
Western Washington Medical Group
October 26, 2023
•[ healthcare, leak ]
Western Washington Medical Group (WWMG) files a notice of data breach after discovering that an unauthorized party was able to access information that had been entrusted to the company.
Kearny Bank
October 25, 2023
•[ leak, sqlinjection, finance ]
Kearny Bank joins the list of the victims of the massive MOVEit attack.
Airbnb
October 25, 2023
•[ leak, technology ]
A threat actor going by the name 'Sheriff' on the darkweb puts on sale 1.2 million records allegedly stolen from Airbnb, including sensitive details such as names, email addresses, countries of residence, cities, and more.
Fredericksburg Foot & Ankle Center
October 25, 2023
•[ leak, healthcare ]
Fredericksburg Foot & Ankle Center reports a data breach that has affected up to 14,912 individuals.
