New York Times
June 8, 2024
•[ leak, misconfiguration, technology ]
The New York Times confirms that internal source code and data was leaked on the 4chan message board after being stolen from the company's GitHub repositories in January 2024.
CoinGecko
June 7, 2024
•[ leak, finance ]
CoinGecko, the worlds largest independent cryptocurrency data aggregator, experiences a data breach through its third-party email platform, GetResponse.
Los Angeles Unified School District
June 6, 2024
•[ leak, education ]
Los Angeles Unified School District (LAUSD) officials are investigating a threat actor's claims that they're selling stolen databases containing records belonging to millions of students and thousands of teachers. 24 million records are allegedly compromised.
Dubai Municipality
June 5, 2024
•[ leak, government ]
Daixin Team adds the Dubai Municipality to its dark web leak site.
Advance Auto Parts
June 5, 2024
•[ leak, misconfiguration, automotive ]
In June 2024, Advance Auto Parts confirmed they had suffered a data breach which was posted for sale to a popular hacking forum. Linked to unauthorised access to Snowflake cloud services, the breach exposed a large number of records related to both customers and employees. In total, 79M unique email addresses were included in the breach, alongside names, phone numbers, addresses and further data attributes related to company employees.
Ticketek
May 31, 2024
•[ leak, misconfiguration, retail ]
In May 2024, the Australian event ticketing company Ticketek reported a data breach linked to a third party cloud-based platform. The following month, the data appeared for sale on a popular hacking forum and was later linked to a series of breaches of the Snowflake cloud storage service. The data contained almost 30M rows with 17.6M unique email addresses alongside names, genders, dates of birth and hashed passwords.
Michigan Medicine
May 23, 2024
•[ leak, healthcare ]
Michigan Medicine, the academic medical center of the University of Michigan, notifies roughly 57,000 individuals that their personal and health information might have been compromised in a data breach.
BBC
May 21, 2024
•[ leak, misconfiguration, technology ]
The BBC discloses a data security incident that occurred on May 21, involving unauthorized access to files hosted on a cloud-based service, compromising the personal information of BBC Pension Scheme members.
Patriot Mobile
May 21, 2024
•[ leak, technology ]
U.S. cell carrier Patriot Mobile experiences a data breach that included subscribers personal information, including full names, email addresses, home ZIP codes and account PINs.
Forth
May 21, 2024
•[ leak, finance ]
Debt relief solutions provider Forth (Set Forth) notifies 1.5 million individuals that their personal information was compromised in a May 2024 data breach.
Ticketmaster
May 20, 2024
•[ leak, misconfiguration, technology ]
Live Nation confirms that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. The data of 560 million users is potentially affected.
Cooler Master
May 18, 2024
•[ leak, manufacturing ]
Computer hardware manufacturer Cooler Master suffers a data breach after a threat actor breached the company's website and claimed to steal the Fanzone member information of 500,000 customers.
Banco Santander
May 14, 2024
•[ leak, misconfiguration, finance ]
Banco Santander announces it suffered a data breach impacting customers after an unauthorized actor accessed a database hosted by one of its third-party service providers. ShinyHunters claims Santander breach, selling data for 30M customers
City of St. Helena
May 13, 2024
•[ leak, government ]
The city of St. Helena notifies 975 people that a May data breach exposed their personal information.
Landmark Admin
May 13, 2024
•[ leak, hack, government ]
Insurance administrative services company Landmark Admin warns that a data breach impacted over 800,000 people from a May cyberattack.
ConnectOnCall (a subsidiary of Phreesia)
May 12, 2024
•[ leak, healthcare ]
Healthcare software as a service (SaaS) company Phreesia notifies over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall, acquired in October 2023.
Sumo
May 11, 2024
•[ leak ]
Sumo said that the following customer information was compromised by the breach: names, addresses, dates of birth, phone numbers, credit scores, as well as either passport, Medicare, or drivers licence details.
DocGo
May 7, 2024
•[ leak, healthcare ]
Mobile medical care firm DocGo confirms it suffered a cyberattack after threat actors breached its systems and stole patient health data.
Iberdrola
May 7, 2024
•[ leak, energy ]
Spanish multinational electrical utility Iberdrola says a cyber incident to a supplier in the beginning of May resulted in a data breach involving 850,000 Spanish customers.
Human Events
May 2, 2024
•[ hack, leak ]
The conservative news website Human Events is also hacked and replaced with a page leaking private information.
