Schneider Electric
November 4, 2024
•[ leak, misconfiguration, manufacturing ]
Schneider Electric confirms that a developer platform was breached after a threat actor claimed to steal 40GB of data from the company's JIRA server.
MIT’s Technology Review
November 4, 2024
•[ leak, misconfiguration, technology ]
The threat actor known as Intel Broker claims to have stolen the personal data of 290,762 individuals from MITs Technology Review website via a third-party contractor.
Saint Xavier University
October 30, 2024
•[ leak, education ]
Saint Xavier University starts notifying over 210,000 individuals that their personal information was compromised in a data breach in July 2023.
SuperDraft
October 27, 2024
•[ leak, technology ]
In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, transactions, latitudes and longitudes, dates of birth and bcrypt password hashes.
SuperDraft
October 27, 2024
•[ leak, technology ]
In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, purchases, latitudes and longitudes, dates of birth and bcrypt password hashes.
Esport North Africa
October 23, 2024
•[ leak, technology ]
A threat actor known as Shooked, leaks the personal details of over 180,000 Esport North Africa (ESNA) users just one day before the tournament is set to begin in Morocco.
Free
October 17, 2024
•[ leak, technology ]
In October 2024, French ISP "Free" suffered a data breach which was subsequently posted for sale and later, leaked publicly. The data included 14M unique email addresses along with names, physical addresses, phone numbers, genders, dates of birth and for many records, IBAN bank account numbers. Free advised that the numbers were "not enough to make a direct debit from a bank".
Johnson & Johnson
October 16, 2024
•[ leak, finance ]
Insurance company Johnson & Johnson discloses a data breach impacting the personal information of thousands of people.
AnnieMac Home Mortgage
October 15, 2024
•[ leak, finance ]
New Jersey-based mortgage loan provider AnnieMac Home Mortgage (American Neighborhood Mortgage Acceptance Company) informs over 171,000 individuals of a recent data breach.
Finsure
October 15, 2024
•[ leak, misconfiguration, finance ]
In October 2024, almost 300k unique email addresses from Australian mortgage broking group Finsure were obtained from the ActivePipe real estate marketing platform. The impacted data also included names, phone numbers and physical addresses. The incident did not directly affect any of Finsure's systems or expose any passwords or financial data.
Flat Earth Sun, Moon and Zodiac App
October 15, 2024
•[ leak, misconfiguration, technology ]
In October 2024, the flat earth sun, moon and zodiac app created by Flat Earth Dave was found to be leaking extensive personal information of its users. The data included 33k unique email addresses along with usernames, latitudes and longitudes (their position on the globe) and passwords stored in plain text. A small number of profiles also contained names, dates of birth and genders.
Central Tickets
October 14, 2024
•[ leak ]
Central Tickets confirms a data breach occurred in July 2024.
The Club Penguin Experience
October 14, 2024
•[ leak, technology ]
In October 2024, The Club Penguin Experience (TCPE) suffered a data breach. The incident exposed over 6k subscribers' email addresses alongside usernames, age groups, passwords stored as bcrypt hashes and in some cases, plain text password hints. TCPE sent prompt disclosure notices to impacted customers following the breach.
Game Freak
October 12, 2024
•[ leak, technology ]
Japanese video game developer Game Freak confirms it suffered a cyberattack in August after source code and game designs for unpublished games were leaked online.
Maxar Space Systems
October 11, 2024
•[ hack, leak, manufacturing ]
U.S. satellite maker Maxar Space Systems reveals that threat actors breached its systems and accessed personal data belonging to its employees, the company informs in a notification to impacted individuals.
The Wayback Machine
October 9, 2024
•[ leak, misconfiguration, technology ]
Internet Archive's "The Wayback Machine" suffers a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records.
Mystic Valley Elder Services
October 5, 2024
•[ leak, healthcare ]
Mystic Valley Elder Services suffers a data breach impacting many individuals.
Universal Music Group
October 3, 2024
•[ leak ]
Universal Music Group informs hundreds of individuals about a recent data breach impacting their personal information.
Switch
October 1, 2024
•[ leak, misconfiguration, technology ]
In October 2024, the Hungarian IT headhunting service Switch inadvertently exposed thousands of customer records via a public GitHub repository. The exposed data contained job applications with names, email addresses and in some cases, commentary on the applicant.
Dell
September 25, 2024
•[ leak, technology ]
The threat actor going by the handle of 'grep' claims to have breached Dell for the third time and leaks 500 MB of sensitive data.
