Gateway First Bank
February 1, 2023
•[ leak, phishing, finance ]
Gateway First Bank files a notice of data breach after confirming that unusual activity within multiple employee email accounts resulted in confidential customer information being leaked.
Terravision
February 1, 2023
•[ leak, misconfiguration, technology ]
In February 2023, the European airport transfers service Terravision suffered a data breach. The breach exposed over 2M records of customer data including names, phone numbers, email addresses, salted password hashes and in some cases, date of birth and country of origin. Terravision did not respond to multiple attempts by individuals period over a period of months to report the incident.
Arizona Liver Health
January 31, 2023
•[ ransomware, leak, malware ]
The LockBit ransomware group adds Arizona Liver Health ito its dark web leak site.
Convex
January 31, 2023
•[ leak, technology ]
In name of #OpRussia, the Anonymous leak 128GB of data stolen from Russian ISP Convex.
Juva Skin & Laser Center
January 31, 2023
•[ ransomware, leak, malware ]
The LockBit ransomware group adds Juva Skin & Laser Center ito its dark web leak site.
IT Servicios
January 30, 2023
•[ ransomware, leak, malware ]
Telecommunications firm IT Servicios is also added to LockBit3.0's ransomware leak site.
Verizon
January 27, 2023
•[ leak, misconfiguration, technology ]
IntelBroker leaks a database, allegedly from Verizon, for free, containing 7.5 million clients' records, only first names, device types (Apple or Android), and service plans. Verizon verified that the data leak was legitimate and originated from a vendor which creates videos to assist clients.
Undisclosed third-party vendor
January 26, 2023
•[ leak, technology ]
Telecommunications company Charter Communications says one of its third-party vendors suffered from a security breach after data from the company showed up on a hacking forum.
CommuteAir
January 26, 2023
•[ leak, misconfiguration, government ]
A U.S. No Fly list with over 1.5 million records of banned flyers and upwards of 250,000 'selectees' is shared publicly on a hacking forum.
Guardian Analytics
January 26, 2023
•[ leak, misconfiguration, finance ]
Webster Bank files a notice of data breach after learning of a third-party data breach at Guardian Analytics, one of Webster Bank's vendors.
Matco Tools Corporation
January 26, 2023
•[ leak, manufacturing ]
Matco Tools Corporation files notice of a data breach following a cybersecurity incident that leaked confidential consumer information that was in the company's possession.
Puma
January 24, 2023
•[ leak, retail ]
Private data allegedly belonging to more than 230,000 Puma customers in Chile is found on a hacker forum.
Duolingo
January 24, 2023
•[ leak, misconfiguration, education ]
In August 2023, 2.6M records of data scraped from Duolingo were broadly distributed on a popular hacking forum. Obtained by enumerating a vulnerable API, the data had earlier appeared for sale in January 2023 and contained email addresses, names, the languages being learned, XP (experience points), and other data related to learning progress on Duolingo. Whilst some of the data attributes are intentionally public, the ability to map private email addresses to them presents an ongoing risk to user privacy.
ePublic
January 23, 2023
•[ leak, retail ]
The database of ePublic, an IT service provider offering services to multiple Italian municipalities, is leaked online.
Members Trust of the Southwest Federal Credit Union
January 20, 2023
•[ leak, finance ]
Members Trust of the Southwest Federal Credit Union files notice of a data breach after confirming that the confidential information of some bank customers was accessible by an unauthorized party.
United Health Services
January 18, 2023
•[ leak, phishing, healthcare ]
United Health Services of Delaware (UHS of Delaware) files a notice of data breach after learning that a vendor experienced a phishing attack compromising UHS of Delaware patient information.
Nonstop Health
January 17, 2023
•[ leak, finance ]
Nonstop Health has its source code and some data leaked in a hacking forum.
School District 42 Maple Ridge-Pitt Meadows
January 17, 2023
•[ leak, misconfiguration, education ]
The School District 42 has 19,126 records released in a breach when the documents appear to have been uploaded to a popular hacker forum.
IRS
January 16, 2023
•[ hack, leak, government ]
Anonymous Russia and Infinity Hackers BY claim to have conducted a hack and leak operation against US federal tax authorities. The leak allegedly contains 198 million lines of personal information.
MSAB
January 13, 2023
•[ hack, leak, technology ]
The same hacktivist group Enlace Hacktivist leaks some data from the Swedish forensic firm MSAB.
