Undetermined
February 26, 2022
•[ hack, misconfiguration, finance ]
A number of Russia's largest domestic news websites were attacked and information replaced with a "tombstone" for the war dead. Many of the sites were then taken offline.
Work Health Solutions
February 16, 2022
•[ hack, misconfiguration, healthcare ]
Work Health Solutions reports a data breach after an unauthorized party was able to access an employee's email account that contained sensitive information related to certain individuals.
Quantum Group
February 10, 2022
•[ leak, misconfiguration, healthcare ]
Highmark Inc., a non-profit healthcare company and Integrated Delivery Network announces that some HIPAA-protected data has been exposed in a data breach at the printing and mailing vendor, Quantum Group.
Vodafone
February 10, 2022
•[ leak, misconfiguration, technology ]
Vodafone launches an investigation after the cybercrime group Lapsus$ claims to have obtained roughly 200 Gb of source code files, allegedly representing approximately 5,000 GitHub repositories.
Washington Department of Licensing
January 24, 2022
•[ leak, misconfiguration, government ]
Washington Department of Licensing suffers data breach of its online portal compromising personal information of hundreds of thousands of licensed professionals.
Goodwill
January 14, 2022
•[ leak, misconfiguration, retail ]
American non-profit Goodwill suffers data breach involving information of customers using its e-commerce platform.
CompSource Mutual Insurance Company
January 7, 2022
•[ hack, misconfiguration, finance ]
CompSource Mutual Insurance Company files a notice of data breach after determining that an unauthorized party accessed confidential consumer information stored on the company's computer system.
FlexBooker
December 23, 2021
•[ hack, misconfiguration, technology ]
In December 2021, the online booking service FlexBooker suffered a data breach that exposed 3.7 million accounts. The data included email addresses, names, phone numbers and for a small number of accounts, password hashes and partial credit card data. FlexBooker has identified the breach as originating from a compromised account within their AWS infrastructure. The data was found being actively traded on a popular hacking forum and was provided to HIBP by a source who requested it be attributed to "white_peacock@riseup.net".
Belgium's Ministry of Defense
December 16, 2021
•[ hack, misconfiguration, government ]
Belgium's Ministry of Denfense is hit by a cyberattack, attackers exploit CVE-2021-44228. Log4j, vulnerability.
VulcanForge
December 13, 2021
•[ hack, misconfiguration, finance ]
Cryptocurrency gaming platform is hacked, hackers compromise private keys of 96 wallets and steal approximately $135 million.
Pace Center for Girls
December 13, 2021
•[ hack, misconfiguration, education ]
Florida education program for at risk teenage girls experiences unauthorized access to servers compromising student data.
Jefferson Health
November 18, 2021
•[ hack, misconfiguration, healthcare ]
The personal information of over 9,000 Jefferson Health patients is compromised by unauthorized access to its online insurance portal.
UT Air
November 9, 2021
•[ leak, misconfiguration, transportation ]
Database of clients of the Russian air carrier utair in the database there are phone numbers and addresses of famous Russian senators
Stripchat
November 5, 2021
•[ leak, misconfiguration, technology ]
In November 2021, the live sex cams and adult chat website Stripchat left several databases exposed and unsecured. In June the following year, over 10M Stripchat records appeared on a popular hacking forum. The exposed data included usernames, email addresses and IP addresses.
