Idaho State Board of Education
July 14, 2023
•[ leak, sqlinjection, education ]
The Idaho State Board of Education posts a notice of data on its website after learning that two of the Board's vendors, the Teachers Insurance and Annuity Association ("TIAA") and the National Student Clearinghouse ("NSC"), experienced data breaches related to the file-transfer software MOVEit.
American National Insurance Company
July 11, 2023
•[ leak, sqlinjection, finance ]
American National Insurance Company confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Kansas Medical Center
July 11, 2023
•[ ransomware, leak, malware ]
The 8Base ransomware gang claims to have attacked Kansas Medical Center and threaten to publish the data as a leak on July 15.
Panorama Eyecare
July 11, 2023
•[ ransomware, leak, healthcare ]
Panorama Eyecare is added to LockBit's leak site with a claim that 798 GB of data has been exfiltrated from four of the firm's clients: Eye Center of Northern Colorado, Denver Eye Surgeons, Cheyenne Eye Clinic & Surgery Center; and 2020 Vision Center.
Jones Lang LaSalle (JLL)
July 11, 2023
•[ leak, sqlinjection ]
Jones Lang LaSalle (JLL) confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
TomTom
July 11, 2023
•[ leak, sqlinjection, manufacturing ]
Dutch GPS company TomTom confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Alight Solutions
July 10, 2023
•[ leak, sqlinjection, technology ]
Accelya Global (Accelya) files a notice of data breach after discovering that Alight Solutions ("Alight"), one of Accelya's vendors, experienced a data security incident related to the company's use of the file transfer software MOVEit.
Chapman University
July 7, 2023
•[ leak, sqlinjection, education ]
The Chapman University confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Madison College
July 7, 2023
•[ leak, sqlinjection, education ]
The Madison College confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Pace University
July 7, 2023
•[ leak, sqlinjection, education ]
The Pace University confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
TD Ameritrade
July 7, 2023
•[ leak, sqlinjection, finance ]
TD Ameritrade confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
University of Illinois
July 3, 2023
•[ leak, sqlinjection, education ]
The University of Illinois confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
AON
July 2, 2023
•[ leak, sqlinjection, finance ]
AON confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability. Among the impacted customers there is the Dublin Airport.
French Ministry of Justice
July 2, 2023
•[ leak, government ]
The hacker group KromSec leaks the personal information belonging to more than 1,100 employees of the Ministry of Justice.
Undisclosed vendor
June 30, 2023
•[ leak, sqlinjection, finance ]
Clearwater Credit Union files a notice of data breach after discovering the personal information of 25,660 individuals was leaked as a result of the massive MOVEit vulnerability.
OCR
June 30, 2023
•[ leak, education ]
Cambridgeshire Police says they are also investigating a "data breach" involving exam boards OCR
Nickelodeon
June 30, 2023
•[ leak ]
Nickelodeon, a Paramount-owned American pay TV channel, confirms that 500 gb of data leaked from an alleged breach of the company is legitimate but some of it appears to be decades old.
Pearson Edexcel
June 30, 2023
•[ leak, education ]
Cambridgeshire Police says they are in the "early stages" of investigating a "data breach" involving exam boards Pearson Edexcel.
United Bank
June 30, 2023
•[ leak, sqlinjection, finance ]
United Bank files a notice regarding a data breach within a third-party software tool. It is suspected that the breach involves the CVE-2023-34362 vulnerability in MOVEit.
Bristol Myers Squibb
June 29, 2023
•[ leak, sqlinjection, manufacturing ]
Bristol Myers Squibb files a notice regarding a data breach resulting from the CVE-2023-34362 vulnerability in MOVEit.
