U.K. Politicians
October 3, 2022
•[ leak, misconfiguration, government ]
The current mobile phone number of the U.K. Prime Minister Liz Truss is being sold online, similarly the mobile phone numbers for Chancellor of the Exchequer, Kwasi Kwarteng, and 24 other members of the U.K. Cabinet are also accessible.
Hartnell Community College District
October 2, 2022
•[ leak, education ]
On December 5, 2022, Hartnell Community College District reported a data breach with the California Attorney General after the school experienced what appears to have been a cyberattack that resulted in sensitive student information being leaked.
The Icon Group
October 2, 2022
•[ hack, leak ]
DESORDEN group discloses a hack of The Icon Group, leaking 161 GB of databases and files, including personal information of 264,128 customers.
Locally
October 1, 2022
•[ leak, retail ]
In October 2022, "The Industry's Leading Online-to-Offline Shopping Solution" Locally suffered a data breach. Whilst Locally acknowledged the breach privately, it's unknown whether impacted customers were subsequently notified of the incident which exposed over 362k names, phone numbers, email and physical addresses, purchases, credit card type and last four digits and bcrypt password hashes.
Quetzal Container Terminal,
September 30, 2022
•[ ransomware, leak, malware ]
The Hive ransomware threat actors listed "TCQ", Quetzal Container Terminal, on their dedicated leak site,
Ministry of Foreign Affairs of Guatemala
September 29, 2022
•[ leak, government ]
Threat actors calling themselves VSOP add the Ministry of Foreign Affairs of Guatemala to their leak site.
Universidad Internacional Del Ecuador (UIDE)
September 29, 2022
•[ ransomware, leak, malware ]
Lockbit adds the Universidad Internacional Del Ecuador (UIDE) to its leaks site
Swachhata Platform (swachhata.city)
September 29, 2022
•[ leak, government ]
A threat actor claims to have breached the Swachhata Platform and stolen 16 million records.
Dallam Hartley Counties Hospital District
September 28, 2022
•[ leak, misconfiguration, healthcare ]
Dallam Hartley Counties Hospital District reports a data breach after the organization learned that an unauthorized party was able to access confidential patient information contained on its computer
GenialMoney
September 28, 2022
•[ leak, finance ]
Kelvin Security leaks 68 Gb of data with 23,000 files from GenialMoney.
Auth0
September 26, 2022
•[ leak, misconfiguration, technology ]
Authentication service provider Auth0 discloses what it calls a "security event" involving some of its code repositories (from 2020 and earlier) obtained by unknown means from its environment.
Traderie
September 24, 2022
•[ leak, technology ]
In September 2022, the in-game trading marketplace Traderie suffered a data breach that exposed almost 400k records (this preceded a subsequent breach the following year). The incident exposed email and IP addresses, usernames and links to social media profiles. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
Diodes Incorporated
September 23, 2022
•[ leak, misconfiguration, manufacturing ]
Diodes Incorporated confirms that the company experienced a data breach after consumer data entrusted to the company was accessible to an unauthorized party.
RP Consulting SpA
September 23, 2022
•[ leak ]
An archive of 7.3 Gb of data and 13,000 files belonging to RP Consulting SpA is leaked on Breach Forums.
Ukrainian automobile manufacturing and service company
September 21, 2022
•[ leak, manufacturing ]
XakNet claims to have conducted a hack and leak operation against a Ukrainian automobile manufacturing and service company, and the largest automobile distributor in the country.
Government of Brazil
September 20, 2022
•[ ransomware, leak, malware ]
The Everest ransom group adds the Government of Brazil to their leak site, claiming they got their hands on the access of gov.br network, a government services website, and stole 3TB of sensitive data.
Online Trade (Онлайн Трейд)
September 19, 2022
•[ leak, retail ]
In September 2022, the Russian e-commerce website Online Trade ( ) suffered a data breach that exposed 3.8M customer records. The data included email and IP addresses, names, phone numbers, dates of birth and MD5 password hashes.
Starbucks Singapore
September 16, 2022
•[ leak, retail ]
The Singapore division of Starbucks, the popular American coffeehouse chain, admits that it suffered a data breach incident impacting over 219,000 of its customers.
One Medical
September 9, 2022
•[ leak, healthcare ]
One Medical confirms that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data that had been entrusted to the company.
New York-Presbyterian Hospital
September 8, 2022
•[ leak, misconfiguration, healthcare ]
New York-Presbyterian Hospital discloses a security incident after detecting a possible attempts to download information by an unauthorized user.
