Kennedy Krieger Institute
May 31, 2023
•[ leak, misconfiguration, healthcare ]
The Johns Hopkins University and the Johns Hopkins Health System Corporation (collectively "Johns Hopkins'') file a notice of data breach on behalf of the Kennedy Krieger Institute after learning that a software vulnerability resulted in confidential consumer information being leaked.
Centers for Medicare & Medicaid Services
May 31, 2023
•[ leak, sqlinjection, healthcare ]
The Centers for Medicare & Medicaid Services (CMS) notified 612,000 Medicare beneficiaries of a data breach stemming from a vulnerability in Progress Software's MOVEit Transfer software.
CCleaner
May 31, 2023
•[ leak, technology ]
The maker of the popular optimization app CCleaner confirms that threat actors stole a trove of personal information about its paid customers following a MOVEit data breach in May.
VALIC Retirement Services Company
May 31, 2023
•[ leak, finance ]
VALIC Retirement Services Company (VRSCO, VALIC) files a notice of data breach after discovering that one of the company's vendors experienced a MOVEit data breach resulting in confidential client information being leaked.
Global Atlantic Financial Group
May 30, 2023
•[ leak, sqlinjection, finance ]
Global Atlantic Financial Group files a notice of data breach after discovering the MOVEit-related data breach at Pension Benefit Information.
Unknown Organization
May 30, 2023
•[ leak, retail ]
A user dubbed fibonacci leaks the entire database (364,000 records) of Italia Militare, an e-commerce portal for military goods.
University of Texas Southwestern Medical Center (UTSW)
May 30, 2023
•[ leak, misconfiguration, healthcare ]
Reports begin to emerge about a MOVEit data breach at the University of Texas Southwestern Medical Center (UTSW) resulting in an unauthorized party being able to access patients' sensitive information.
Polish Credentials
May 29, 2023
•[ leak, malware ]
In May 2023, a credential stuffing list of 6.3M Polish email address and password pairs appeared on a local forum. Likely obtained by malware running on victims' machines, each record included an email address and plain text password alongside the website the credentials were used on. The data included 1.2M unique email addresses.
edgeMED Healthcare
May 26, 2023
•[ leak, healthcare ]
edgeMED Healthcare files a notice of data breach after discovering that confidential patient information was compromised in a recent cybersecurity incident.
Suffolk University
May 24, 2023
•[ leak, education ]
Suffolk University files a notice of data breach after learning that a recent cybersecurity event resulted in confidential student information being accessed or obtained by an unauthorized party.
National Institutes of Health Federal Credit Union
May 19, 2023
•[ leak, sqlinjection, finance ]
The National Institutes of Health Federal Credit Union confirm to have suffered a data breach occurred exploiting the MOVEit CVE-2023-34362 vulnerability.
Bank of New York Mellon Corporation (BNY Mellon)
May 13, 2023
•[ leak, misconfiguration, finance ]
Bank of New York Mellon Corporation (BNY Mellon) files a notice of data breach after learning that confidential information that had been entrusted to the company was leaked in what appears to be a third-party data breach.
TRANServe
May 12, 2023
•[ leak, government ]
The personal information of 237,000 current and former federal government employees is exposed in a data breach at the U.S. Transportation Department (USDOT) TRANServe transit benefits system.
Gainwell Technologies
May 12, 2023
•[ leak, healthcare ]
The Idaho Department of Health and Welfare confirms that the personal information of 2,501 Medicaid recipients has potentially been accessed and/or obtained in a data breach at its claims processor, Gainwell Technologies.
Illinois Application for Benefits Eligibility (ABE)
May 12, 2023
•[ leak, misconfiguration, government ]
The Illinois Department of Healthcare and Family Services (HFS) and Department of Human Services (IDHS) disclose a data breach within the State of Illinois Application for Benefits Eligibility (ABE) system's Manage My Case (MMC) portal.
Sanmina Corporation
May 12, 2023
•[ leak, manufacturing ]
A threat actor lists a dataset for sale that allegedly contains the records of 50,000 employees of the American electronics manufacturer Sanmina Corporation.
Arizona Health Care Cost Containment System (AHCCCS)
May 11, 2023
•[ leak, healthcare ]
The Arizona Health Care Cost Containment System (AHCCCS) discloses a data breach compromising over 2,000 Medicaid members.
Earlens Corporation
May 11, 2023
•[ ransomware, leak, malware ]
The BianLain ransomware group adds Earlens Corporation to their leak site.
Skybound Entertainment
May 9, 2023
•[ leak, technology ]
Skybound Entertainment, the company behind The Walking Dead series, allegedly suffers a data breach with attackers selling sensitive data of users and employees on a criminal forum.
OT&P Healthcare
May 8, 2023
•[ leak, healthcare ]
The personal data and medical history of about 100,000 patients at OT&P Healthcare could have been leaked due to a cyberattack.
