Rao Hondo College
October 24, 2023
•[ ransomware, leak, malware ]
Rao Hondo College in Southern California is listed in the Lockbit ransomware leak site.
University of Tokyo
October 24, 2023
•[ leak, malware, education ]
A computer at the University of Tokyo is infected with malware, possibly leaking up to 4,341 files containing addresses and grades of students from the academic years of 2003 to 2022.
Dakota Eye Institute
October 23, 2023
•[ leak, healthcare ]
Dakota Eye Institute (DEI) files a notice of data breach after discovering that patients' personal information was compromised following a cyberattack.
Toumei
October 18, 2023
•[ leak ]
In October 2023, the Japanese consultancy firm Toumei suffered a data breach. The breach exposed over 100M lines and 10GB of data including 77k unique email addresses along with names, phone numbers and physical addresses.
Gillette Children's Specialty Healthcare
October 16, 2023
•[ leak, zero-day, healthcare ]
Gillette Children's Specialty Healthcare confirms that the protected health information of 542 patients was compromised as part of the mass exploitation of the zero day vulnerability in Progress Software's MOVEit Transfer application.
Cognisight
October 13, 2023
•[ leak, sqlinjection, healthcare ]
Cognisight files notice of data breach after discovering that the CVE-2023-34362 vulnerability within MOVEit resulted in the exposure of consumers' personal information.
Morrison Community Hospital
October 13, 2023
•[ ransomware, leak, malware ]
The ALPHV/BlackCat ransomware group adds the Morrison Community Hospital to its dark web leak site and claims to have stolen 5TB of patients' and employee's information.
Shadow PC
October 11, 2023
•[ leak, manufacturing ]
Shadow PC, a provider of high-end cloud computing services, warns customers of a data breach that exposed customers' private information, as a threat actor claims to be selling the stolen data for over 500,000 customers.
FBI's Law Enforcement Enterprise Portal (LEEP)
October 3, 2023
•[ leak, government ]
A dark web user dubbed @FEDCREDS is found selling account credentials allegedly from the Law Enforcement Enterprise Portal (LEEP).
23andMe
October 2, 2023
•[ leak, brute-force, healthcare ]
23andMe confirms to be aware of user data from its platform circulating on hacker forums and attributes the leak to a credential-stuffing attack.
Prestige Care and Prestige Senior Living
October 2, 2023
•[ ransomware, leak, healthcare ]
The ALPHV (BlackCat) ransomware lists Prestige Care and Prestige Senior Living in their leak site, claiming to have 260 GB of files.
Cascade Family Dental
October 1, 2023
•[ ransomware, leak, healthcare ]
The Monti ransomware group adds Cascade Family Dental to their leak site
Facebook Marketplace
October 1, 2023
•[ leak, hack, technology ]
In February 2024, 200k Facebook Marketplace records allegedly obtained from a Meta contractor in October 2023 were posted to a popular hacking forum. The data contained 77k unique email addresses alongside names, phone numbers, Facebook profile IDs and geographic locations. The data also contained bcrypt password hashes, although there is no indication these belong to the corresponding Facebook accounts.
Arietis Health
September 28, 2023
•[ leak, sqlinjection, healthcare ]
Arietis Health is added to the list of entities affected by the MOVEit breach. 1,975,066 individuals are affected.
Blue Ridge Electric Membership Corporation
September 27, 2023
•[ leak, energy ]
Blue Ridge Electric Membership Corporation (Blue Ridge Energy) files a notice after discovering that a data breach at Meridian, one of Blue Ridge Energy's vendors, experienced a data security incident.
GI Medical Services
September 27, 2023
•[ leak, healthcare ]
Lost Trust Team adds GI Medical Services in New York to a new leak site.
European Telecommunications Standards Institute (ETSI)
September 27, 2023
•[ leak, technology ]
The European Telecommunications Standards Institute (ETSI) reveals that threat actors have stolen a database identifying its users.
West Virginia University Health System
September 26, 2023
•[ leak, sqlinjection, healthcare ]
West Virginia University Health System posts a website notice informing patients of a third-party data breach involving an incident that occurred at Nuance Communications exploiting the MOVEit vulnerability.
Sony
September 26, 2023
•[ hack, leak, retail ]
Sony it is investigating allegations of a cyberattack as different hackers have stepped up to claim responsibility for the purported hack and the subsequent leak of 3.14 GB of data.
Hospital for Sick Children (SickKids)
September 25, 2023
•[ leak, healthcare ]
The Hospital for Sick Children, more commonly known as SickKids, discloses to be among the healthcare providers impacted by the recent breach at BORN Ontario.
