Deloitte
September 24, 2024
•[ leak, misconfiguration, technology ]
The threat actor known as IntelBroker announces late last week on the BreachForums cybercrime forum the availability of internal communications obtained from Deloitte, specifically an internet-exposed Apache Solr server that was accessible with default credentials. However the company replies that there is no thret to sensitive data.
Equiniti Trust Company, formerly known as American Stock Transfer & Trust Company
September 19, 2024
•[ financial, misconfiguration, finance ]
In a second breach, an unknown threat actor was able to create fake accounts with American Stock Transfer & Trust, by using stolen Social Security numbers of various American Stock Transfer accountholders, allowing them to liquidate securities held in the legitimate accounts and transfer approximately $1.9 million to external bank accounts.
Fortinet
September 12, 2024
•[ leak, misconfiguration, technology ]
Fortinet confirms it suffered a data breach after a threat actor with the moniker of "Fortibitch" claims to have stolen 440GB of files from the company's Microsoft Sharepoint server.
Banham Poultry
August 28, 2024
•[ hack, misconfiguration, manufacturing ]
Banham Poultry, based in Attleborough, said criminals had remotely accessed its system in the early hours of 18 August, stealing the personal details of the staff.
Zee Media Corporation Limited
August 21, 2024
•[ hack, misconfiguration, technology ]
A group of Bangladeshi hacktivists, operating under the alias SYSTEMADMINBD, defaces the official website of Zee Media Corporation Limited, accusing the media giant of making fun of the situation in Bangladesh, referring to the ongoing floods caused by heavy rainfall.
MC2 Data
August 18, 2024
•[ leak, misconfiguration, technology ]
In August 2024, data aggregator MC2 Data left a database publicly accessible without a password which was subsequently discovered by a security researcher. The breach exposed the personal information of 2.1M subscribers to the service which was marketed under a series of different brand names. The data included email addresses, names and salted SHA-256 password hashes.
Multiple organizations
August 15, 2024
•[ hack, misconfiguration, technology ]
Researchers at Sysdig discover a large-scale malicious operation named "EmeraldWhale" scanning for exposed Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories.
Explore Talent (August 2024)
August 15, 2024
•[ leak, misconfiguration, technology ]
In August 2024, a slew of security vulnerabilities were identified with a conglomerate of online services which included the talent network Explore Talent. A vulnerable API exposed the personal records of 11.4M users of the service of which 8.9M unique email addresses were provided to HIBP. This incident is separate to the Explore Talent breach which occurred in 2022 and was loaded into HIBP in July 2024.
Tracki
August 15, 2024
•[ leak, misconfiguration, technology ]
In August 2024, a slew of security vulnerabilities were identified with a conglomerate of online services which included the GPS tracking service Tracki. Multiple vulnerabilities exposed the personal records of 372k users of the service including names and email addresses.
Star Health and Allied Insurance
August 13, 2024
•[ leak, misconfiguration, finance ]
Stolen customer data including medical reports from India's biggest health insurer, Star Health, is publicly accessible via chatbots on Telegram
Not SOCRadar
August 3, 2024
•[ leak, misconfiguration, technology ]
In August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The post alleged the addresses were scraped from cybersecurity firm SOCRadar, however an investigation on their behalf concluded that "the actor merely utilised functionalities inherent in the platform's standard offerings, designed to gather information from publicly available sources". There is no suggestion the incident compromised SOCRadar's security or posed any risk to their customers. In total, the data set contained 282M unique addresses of valid email address format.
Ubook
July 28, 2024
•[ leak, misconfiguration, technology ]
In July 2024, 700k unique email addresses from the audiobook platform Ubook were posted to a popular hacking forum. Allegedly scraped from the service, the data appears to be sourced from the Ubook Exchange (UBX) and also includes names, genders, dates of birth and links to profile photos.
Fractal ID
July 14, 2024
•[ hack, misconfiguration, technology ]
Web3 identity solutions provider Fractal ID reveals that a threat actor recently managed to exfiltrate data belonging to 6,300 users or 0.5% of its user base after compromising credentials for an operator account that had admin privileges.
AT&T
July 12, 2024
•[ leak, misconfiguration, technology ]
AT&T warns of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its mobile customers, from an online database on the company's Snowflake account.
Undisclosed app
July 7, 2024
•[ leak, misconfiguration, retail ]
E-commerce platform Shopify denies it suffered a data breach after a threat actor with the moniker of 888 begins selling customer data they claim was stolen from the company's network. According to Shopify, the data loss reported was caused by a third-party app.
MSI
July 7, 2024
•[ leak, misconfiguration, technology ]
In July 2024, MSI inadvertently exposed hundreds of thousands of customer records related to RMA claims that were subsequently found to be publicly accessible. The data included 250k unique email addresses alongside names, phone numbers, physical addresses and warranty claims. When contacted about the incident, MSI advised that "there is no evidence the information was ever accessed" and that "the security incident we had did not trigger state data breach notification obligations" due to the absence of "(social security number, driver's license number.etc)".
FNTech
July 5, 2024
•[ hack, misconfiguration, technology ]
Roblox announces that it suffered a data breach impacting attendees of the 2022, 2023, and 2024 Roblox Developer Conference attendees, after a vendor, FNTech, is compromised.
Ladies.com
July 3, 2024
•[ leak, misconfiguration, technology ]
In 2024, the lesbian dating website ladies.com suffered a data breach. Attributed to an exposed Firebase database, the breach included extensive personal information on 119k users of the service including email addresses, photos, sexual orientation, genders, dates of birth and precise latitude and longitude, among other personal attributes. The website was shut down in mid-2024 and the breach later acknowledged by the site operator in December, along with a breach of the "Senior Dating" website run by the same organisation.
Central Tickets
July 1, 2024
•[ leak, misconfiguration, retail ]
In September 2024, data from the ticketing service Central Tickets was publicly posted to a hacking forum. The data suggests the breach occurred several months earlier and exposed 723k unique email addresses alongside names, phone numbers, IP addresses, purchases and passwords stored as unsalted SHA-1 hashes.
BudTrader
June 27, 2024
•[ hack, misconfiguration ]
In July 2024, a data breach of the now defunct cannabis social platform BudTrader was posted for sale on a hacking forum. Dating back to the previous month, the breach of the website exposed 2.7M email addresses, usernames and WordPress password hashes.
