Roblox
July 20, 2023
•[ leak, technology ]
The major gaming platform Roblox has suffered a major data breach, leading to the release of personal information including addresses from those who attended the Roblox Developer Conference between 2017-2020.
Este Lauder
July 18, 2023
•[ ransomware, leak, malware ]
Two ransomware actors, ALPHV/BlackCat and Clop list beauty company Este Lauder on their data leak sites as a victim of separate attacks.
Hankins & Sohn Plastic Surgery Associates
July 17, 2023
•[ hack, leak, healthcare ]
An unnamed group or individual claims responsibility for a a cyber attack to the plastic surgery practice Hankins & Sohn Plastic Surgery Associates and starts to leak data.
Highland Health Systems
July 15, 2023
•[ ransomware, leak, malware ]
The ransomware group ALPHV (AKA BlackCat) adds Highland Health Systems in Alabama to their leak site but remove the data few days after claiming the attack had violated their prohibition against attacking non-profits.
RCH
July 14, 2023
•[ leak, manufacturing ]
RCH, a provider of software and hardware solutions for points of sale, has its database dumped online.
American Multi-Cinema (AMC Theatres)
July 14, 2023
•[ leak, misconfiguration, retail ]
American Multi-Cinema (AMC Theatres) files a notice of data breach after a cyber incident resulted in an unauthorized party being able to access consumers' sensitive information. According to some source the incident stemmed from the exploitation of the MOVEit vulnerability.
Idaho State Board of Education
July 14, 2023
•[ leak, sqlinjection, education ]
The Idaho State Board of Education posts a notice of data on its website after learning that two of the Board's vendors, the Teachers Insurance and Annuity Association ("TIAA") and the National Student Clearinghouse ("NSC"), experienced data breaches related to the file-transfer software MOVEit.
Fairfax Oral & Maxillofacial Surgery (FOMS)
July 14, 2023
•[ leak, healthcare ]
Fairfax Oral & Maxillofacial Surgery (FOMS) files a notice of data breach after a cyber incident compromised patients' protected health information.
American National Insurance Company
July 11, 2023
•[ leak, sqlinjection, finance ]
American National Insurance Company confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Jones Lang LaSalle (JLL)
July 11, 2023
•[ leak, sqlinjection ]
Jones Lang LaSalle (JLL) confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Panorama Eyecare
July 11, 2023
•[ ransomware, leak, healthcare ]
Panorama Eyecare is added to LockBit's leak site with a claim that 798 GB of data has been exfiltrated from four of the firm's clients: Eye Center of Northern Colorado, Denver Eye Surgeons, Cheyenne Eye Clinic & Surgery Center; and 2020 Vision Center.
Kansas Medical Center
July 11, 2023
•[ ransomware, leak, malware ]
The 8Base ransomware gang claims to have attacked Kansas Medical Center and threaten to publish the data as a leak on July 15.
TomTom
July 11, 2023
•[ leak, sqlinjection, manufacturing ]
Dutch GPS company TomTom confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Alight Solutions
July 10, 2023
•[ leak, sqlinjection, technology ]
Accelya Global (Accelya) files a notice of data breach after discovering that Alight Solutions ("Alight"), one of Accelya's vendors, experienced a data security incident related to the company's use of the file transfer software MOVEit.
Pace University
July 7, 2023
•[ leak, sqlinjection, education ]
The Pace University confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Chapman University
July 7, 2023
•[ leak, sqlinjection, education ]
The Chapman University confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Madison College
July 7, 2023
•[ leak, sqlinjection, education ]
The Madison College confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
TD Ameritrade
July 7, 2023
•[ leak, sqlinjection, finance ]
TD Ameritrade confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
University of Illinois
July 3, 2023
•[ leak, sqlinjection, education ]
The University of Illinois confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
AON
July 2, 2023
•[ leak, sqlinjection, finance ]
AON confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability. Among the impacted customers there is the Dublin Airport.
