Directorate General of Population and Civil Registration (Dukcapil)
January 1, 2023
•[ leak, government ]
leaked and published
Various law enforcement agencies (Philippine National Police, National Bureau of Investigation, Bureau of Internal Revenue)
January 1, 2023
•[ leak, misconfiguration, government ]
poor security
Directorate General of Population and Civil Registration (Dukcapil)
January 1, 2023
•[ leak, government ]
leaked and published
Seguros Equinoccial
December 28, 2022
•[ ransomware, leak, malware ]
Data from Seguros Equinoccial appear in the Vice Society ransomware leak site.
Undisclosed Company
December 27, 2022
•[ leak, government ]
A cybercrime forum listed for sale what a seller purports to be 30 million passenger records for users of India's railways, including names, email addresses, phone numbers and more.
RailYatri
December 26, 2022
•[ leak, misconfiguration, technology ]
In December 2022, Indias government-approved online travel agency RailYatri suffered a data breach. The incident impacted over 31M customers and exposed 23M unique email addresses. Also impacted were names, genders, phone numbers and tickets purchased, including travel information and fares.
Maybank
December 25, 2022
•[ leak, finance ]
Communications and Digital minister Fahmi Fadzil said his ministry through the Personal Data Protection Department in collaboration with CyberSecurity Malaysia is seeking feedback from Maybank and Astro on the alleged data leaks to ensure the legitimacy of data ownership
Astro
December 25, 2022
•[ leak, misconfiguration, technology ]
A website had listed details of 3.5 million Astro customers.
Election Comission
December 25, 2022
•[ leak, government ]
The Ministry of Communications and Digital (KKD) takes seriously the alleged data leak, via a website on December 25, that allegedly involves Maybank, Astro and the Election Commission (EC).
U.S. Branch of Toyota
December 25, 2022
•[ leak, manufacturing ]
Toyota confirms that customer data was exposed in a third-party data breach after a threat actor leaked an archive of 240GB of stolen data on a hacking forum.
PayPal
December 21, 2022
•[ leak, brute-force, finance ]
PayPal sends out data breach notifications to approximately 35,000 users who had their accounts accessed through credential stuffing attacks that exposed some personal data.
MedInform
December 21, 2022
•[ leak, misconfiguration, finance ]
MedInform files a notice of data breach after learning that an unauthorized user was able to access confidential information belonging to Cleveland Clinic patients that were stored on the company's computer network.
