Undetermined
March 20, 2022
•[ hack, misconfiguration, finance ]
Anonymous claimed to have remotely accessed printers across Russia and forced them to print over 100,000 documents with messages against war and propaganda, and how to bypass censorship in the country. The hacked printers were forced to print PDFs with a message informing Russians that "their president, the government, and media all have been feeding them lies."
Regional Ministry of Health
March 15, 2022
•[ hack, misconfiguration, government ]
A hacker dubbed Spielerkid89 remotely accesses a computer belonging to a regional Ministry of Health in Russia, exploiting a VNC Server without authentication
Undetermined
February 26, 2022
•[ hack, misconfiguration, finance ]
A number of Russia's largest domestic news websites were attacked and information replaced with a "tombstone" for the war dead. Many of the sites were then taken offline.
Work Health Solutions
February 16, 2022
•[ hack, misconfiguration, healthcare ]
Work Health Solutions reports a data breach after an unauthorized party was able to access an employee's email account that contained sensitive information related to certain individuals.
Quantum Group
February 10, 2022
•[ leak, misconfiguration, healthcare ]
Highmark Inc., a non-profit healthcare company and Integrated Delivery Network announces that some HIPAA-protected data has been exposed in a data breach at the printing and mailing vendor, Quantum Group.
Vodafone
February 10, 2022
•[ leak, misconfiguration, technology ]
Vodafone launches an investigation after the cybercrime group Lapsus$ claims to have obtained roughly 200 Gb of source code files, allegedly representing approximately 5,000 GitHub repositories.
Washington Department of Licensing
January 24, 2022
•[ leak, misconfiguration, government ]
Washington Department of Licensing suffers data breach of its online portal compromising personal information of hundreds of thousands of licensed professionals.
Goodwill
January 14, 2022
•[ leak, misconfiguration, retail ]
American non-profit Goodwill suffers data breach involving information of customers using its e-commerce platform.
CompSource Mutual Insurance Company
January 7, 2022
•[ hack, misconfiguration, finance ]
CompSource Mutual Insurance Company files a notice of data breach after determining that an unauthorized party accessed confidential consumer information stored on the company's computer system.
FlexBooker
December 23, 2021
•[ hack, misconfiguration, technology ]
In December 2021, the online booking service FlexBooker suffered a data breach that exposed 3.7 million accounts. The data included email addresses, names, phone numbers and for a small number of accounts, password hashes and partial credit card data. FlexBooker has identified the breach as originating from a compromised account within their AWS infrastructure. The data was found being actively traded on a popular hacking forum and was provided to HIBP by a source who requested it be attributed to "white_peacock@riseup.net".
Belgium's Ministry of Defense
December 16, 2021
•[ hack, misconfiguration, government ]
Belgium's Ministry of Denfense is hit by a cyberattack, attackers exploit CVE-2021-44228. Log4j, vulnerability.
VulcanForge
December 13, 2021
•[ hack, misconfiguration, finance ]
Cryptocurrency gaming platform is hacked, hackers compromise private keys of 96 wallets and steal approximately $135 million.
Pace Center for Girls
December 13, 2021
•[ hack, misconfiguration, education ]
Florida education program for at risk teenage girls experiences unauthorized access to servers compromising student data.
Jefferson Health
November 18, 2021
•[ hack, misconfiguration, healthcare ]
The personal information of over 9,000 Jefferson Health patients is compromised by unauthorized access to its online insurance portal.
