Elector
February 12, 2024
•[ government, leak, technology ]
Researchers from Resecurity identify a data leak of 6,453,254 Israeli voter records due to the breach of Elector, an Israeli software application used to manage political campaigns.
Iraq Independent High Electoral Commission (IHEC)
February 12, 2024
•[ leak, government ]
Researchers from Resecurity identify an individual who claimed to be selling a 21.58 database containing information about 24.3 million Iraqi citizens.
Doxbin (TOoDA)
February 12, 2024
•[ leak ]
In February 2025, the "doxing" website Doxbin was compromised by a group calling themselves "TOoDA" and the data dumped publicly. Included in the breach were 336k unique email addresses alongside usernames. The data was provided to HIBP by a source who requested it be attributed to "emo.rip".
Japanese Ministry of Foreign Affairs
February 5, 2024
•[ leak, espionage, government ]
A government source reveals that classified Japanese diplomatic documents were leaked after a Chinese cyberattacks on the Ministry of Foreign Affairs.
State Street
February 4, 2024
•[ leak, finance ]
State Street files a notice of data breach after discovering that an unauthorized party was able to access confidential information in the companys possession.
Hewlett Packard Enterprise
February 1, 2024
•[ leak, technology ]
Hewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information.
SurveyLama
February 1, 2024
•[ leak, technology ]
In February 2024, the paid survey website SurveyLama suffered a data breach that exposed 4.4M customer email addresses. The incident also exposed names, physical and IP addresses, phone numbers, dates of birth and passwords stored as either salted SHA-1, bcrypt or argon2 hashes. When contacted about the incident, SurveyLama advised that they had already "notified the users by email".
Emmanuel College
January 31, 2024
•[ leak, education ]
Emmanuel College files a notice of data breach after discovering that a cybersecurity incident affected the personal information of nearly 90k individuals.
Viamedis
January 31, 2024
•[ leak, healthcare ]
French healthcare services firm Viamedis suffers a cyberattack that exposed the data of policyholders and healthcare professionals in the country.
Spoutible
January 31, 2024
•[ leak, misconfiguration, technology ]
In January 2024, Spoutible had 207k records scraped from a misconfigured API that inadvertently returned excessive personal information. The data included names, usernames, email and IP addresses, phone numbers (where provided to the platform), genders and bcrypt password hashes. The incident also exposed 2FA secrets and backup codes along with password reset tokens.
Bankers Life and Casualty Company
January 30, 2024
•[ leak, finance ]
Bankers Life and Casualty Company files a notice of data breach after discovering that an unauthorized party was able to access personal information that had been entrusted to the company.
Stock trading platform in Thailand
January 22, 2024
•[ leak, finance ]
A threat actor named Ghostr leaks about 186GB of data with 5.3 million records from a stock trading platform.
Unknown Job Seeking Platform in Thailand
January 22, 2024
•[ leak, technology ]
A threat actor named Milw0rm leaks 61,000 rows of records related to Thai job seekers and includes an extensive range of personal information.
Unknown Healthcare organization in Thailand
January 22, 2024
•[ leak, misconfiguration, healthcare ]
A threat actor named Soni posts a leaked database related to healthcare. The data breach consists of 25.5k records of user information including ID, user URL, encrypted passwords (phpass), user emails, login details, account status, display names, registration dates, and user activation keys.
Chula Book
January 22, 2024
•[ leak, retail ]
An individual known as Naraka lists a data dump for sale on breachforums.is, featuring one of Thailand's largest bookstores called Chula Book. The breach affects over 160,000 users.
Bangkok Industrial Gas Company Limited
January 22, 2024
•[ leak, energy ]
The Bangkok Industrial Gas Company Limited suffers a leak.
Trello
January 22, 2024
•[ leak, misconfiguration, technology ]
A threat actor with the moniker of 'emo' leaks the private emails of 15,115,516 Trello members, using an exposed Trello API to link private email addresses with Trello accounts, enabling the creation of millions of data profiles containing both public and private information.
Unknown organization in Thailand
January 22, 2024
•[ leak ]
The operators of the UFO Market on Telegram put on sale stolen data with 538,418 records featuring personal identifiable information (PII) of Thai individuals, encompassing details like citizens' ID card numbers.
Royal Thai Volunteers
January 22, 2024
•[ leak, government ]
A threat actor named R1g leaks the personal database of the Royal Thai Volunteers, containing 4.6 million of records with sensitive personal information such as names, citizen ID numbers, gender, birthdates, and addresses.
Thailand Navy Officers
January 22, 2024
•[ leak, government ]
The threat actor named R1g leaks sensitive information pertaining to Thailand Navy Officers.
