Hankins & Sohn Plastic Surgery Associates
July 17, 2023
•[ hack, leak, healthcare ]
An unnamed group or individual claims responsibility for a a cyber attack to the plastic surgery practice Hankins & Sohn Plastic Surgery Associates and starts to leak data.
Highland Health Systems
July 15, 2023
•[ ransomware, leak, malware ]
The ransomware group ALPHV (AKA BlackCat) adds Highland Health Systems in Alabama to their leak site but remove the data few days after claiming the attack had violated their prohibition against attacking non-profits.
RCH
July 14, 2023
•[ leak, manufacturing ]
RCH, a provider of software and hardware solutions for points of sale, has its database dumped online.
American Multi-Cinema (AMC Theatres)
July 14, 2023
•[ leak, misconfiguration, retail ]
American Multi-Cinema (AMC Theatres) files a notice of data breach after a cyber incident resulted in an unauthorized party being able to access consumers' sensitive information. According to some source the incident stemmed from the exploitation of the MOVEit vulnerability.
Fairfax Oral & Maxillofacial Surgery (FOMS)
July 14, 2023
•[ leak, healthcare ]
Fairfax Oral & Maxillofacial Surgery (FOMS) files a notice of data breach after a cyber incident compromised patients' protected health information.
Idaho State Board of Education
July 14, 2023
•[ leak, sqlinjection, education ]
The Idaho State Board of Education posts a notice of data on its website after learning that two of the Board's vendors, the Teachers Insurance and Annuity Association ("TIAA") and the National Student Clearinghouse ("NSC"), experienced data breaches related to the file-transfer software MOVEit.
American National Insurance Company
July 11, 2023
•[ leak, sqlinjection, finance ]
American National Insurance Company confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Kansas Medical Center
July 11, 2023
•[ ransomware, leak, malware ]
The 8Base ransomware gang claims to have attacked Kansas Medical Center and threaten to publish the data as a leak on July 15.
Panorama Eyecare
July 11, 2023
•[ ransomware, leak, healthcare ]
Panorama Eyecare is added to LockBit's leak site with a claim that 798 GB of data has been exfiltrated from four of the firm's clients: Eye Center of Northern Colorado, Denver Eye Surgeons, Cheyenne Eye Clinic & Surgery Center; and 2020 Vision Center.
Jones Lang LaSalle (JLL)
July 11, 2023
•[ leak, sqlinjection ]
Jones Lang LaSalle (JLL) confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
TomTom
July 11, 2023
•[ leak, sqlinjection, manufacturing ]
Dutch GPS company TomTom confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Alight Solutions
July 10, 2023
•[ leak, sqlinjection, technology ]
Accelya Global (Accelya) files a notice of data breach after discovering that Alight Solutions ("Alight"), one of Accelya's vendors, experienced a data security incident related to the company's use of the file transfer software MOVEit.
Chapman University
July 7, 2023
•[ leak, sqlinjection, education ]
The Chapman University confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Madison College
July 7, 2023
•[ leak, sqlinjection, education ]
The Madison College confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Pace University
July 7, 2023
•[ leak, sqlinjection, education ]
The Pace University confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
TD Ameritrade
July 7, 2023
•[ leak, sqlinjection, finance ]
TD Ameritrade confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
University of Illinois
July 3, 2023
•[ leak, sqlinjection, education ]
The University of Illinois confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
AON
July 2, 2023
•[ leak, sqlinjection, finance ]
AON confirms to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability. Among the impacted customers there is the Dublin Airport.
French Ministry of Justice
July 2, 2023
•[ leak, government ]
The hacker group KromSec leaks the personal information belonging to more than 1,100 employees of the Ministry of Justice.
Undisclosed vendor
June 30, 2023
•[ leak, sqlinjection, finance ]
Clearwater Credit Union files a notice of data breach after discovering the personal information of 25,660 individuals was leaked as a result of the massive MOVEit vulnerability.
