Cognizant / TMG
July 18, 2023
•[ hack, misconfiguration, technology ]
Cognizant / TMG files a notice of data breach after discovering that an unauthorized party accessed confidential consumer data stored on the company's computer network.
Netscout
July 17, 2023
•[ hack, misconfiguration, technology ]
Netscout is named on the Cl0p website, among the victims of the attacks exploiting the CVE-2023-34362 Vulnerability.
American Multi-Cinema (AMC Theatres)
July 14, 2023
•[ leak, misconfiguration, retail ]
American Multi-Cinema (AMC Theatres) files a notice of data breach after a cyber incident resulted in an unauthorized party being able to access consumers' sensitive information. According to some source the incident stemmed from the exploitation of the MOVEit vulnerability.
Sun Life Assurance Company of Canada (Sun Life)
July 13, 2023
•[ hack, misconfiguration, finance ]
Sun Life Assurance Company of Canada (Sun Life) posts a notice on its website revealing to have been hit by the CVE-2023-34362 MOVEit vulnerability.
Poly Network
July 2, 2023
•[ financial, misconfiguration, technology ]
Crypto platform Poly Network suspends service after hacker steals 4.4 millions of dollars in digital assets using compromised keys.
Advanced Medical Management
June 29, 2023
•[ hack, misconfiguration, healthcare ]
Advanced Medical Management files a notice of data breach after discovering that portions of the company's IT network that were designed and maintained by third-party vendors were accessible to an unauthorized party.
CareSource
June 27, 2023
•[ leak, misconfiguration, healthcare ]
CareSource notifies of a data breach involving the company's use of the MOVEit file transfer application.
Aurora National Life Assurance Company
June 25, 2023
•[ leak, misconfiguration, finance ]
Aurora National Life Assurance Company files a notice of data breach after discovering that an incident at a third-party vendor resulted in confidential consumer information being exposed to unauthorized access.
Omaha Health Insurance Company
June 21, 2023
•[ leak, misconfiguration, healthcare ]
Omaha Health Insurance Company files a notice of data breach after discovering that an incident at a third-party vendor compromised consumers enrolled in the Medicare Part D Prescription Drug Plan.
Lamont Hanley & Associates
June 20, 2023
•[ leak, misconfiguration, healthcare ]
Almost 2,800 patients at Catholic Medical Center may have had their files containing personal and health information exposed in a third-party "data security incident" occurred to Lamont Hanley & Associates.
BreachForums Clone
June 17, 2023
•[ leak, misconfiguration, technology ]
In June 2023, a clone of the previously shuttered popular hacking forum "BreachForums" suffered a data breach that exposed over 4k records. The breach was due to an exposed backup of the MyBB database which included email and IP addresses, usernames and Argon2 password hashes.
Colorado Department of Health Care Policy & Financing
June 15, 2023
•[ hack, misconfiguration, government ]
Colorado Department of Health Care Policy & Financing confirms that it is in the process of investigating an incident involving the data of state residents stolen exploiting the CVE-2023-34362 vulnerability, affecting the MOVEit file transfer tool.
Hashflow
June 14, 2023
•[ financial, misconfiguration, finance ]
An attacker exploits a smart contract vulnerability to steal at least $600,000 from trading firm Hashflow.
Starmount Life Insurance Company
June 1, 2023
•[ hack, misconfiguration, finance ]
Unum Group's subsidiary Starmount Life Insurance Company posts a notice of data breach on its website after discovering that the company's MOVEit server was accessed by an unauthorized party.
Kennedy Krieger Institute
May 31, 2023
•[ leak, misconfiguration, healthcare ]
The Johns Hopkins University and the Johns Hopkins Health System Corporation (collectively "Johns Hopkins'') file a notice of data breach on behalf of the Kennedy Krieger Institute after learning that a software vulnerability resulted in confidential consumer information being leaked.
University of Texas Southwestern Medical Center (UTSW)
May 30, 2023
•[ leak, misconfiguration, healthcare ]
Reports begin to emerge about a MOVEit data breach at the University of Texas Southwestern Medical Center (UTSW) resulting in an unauthorized party being able to access patients' sensitive information.
Bank of New York Mellon Corporation (BNY Mellon)
May 13, 2023
•[ leak, misconfiguration, finance ]
Bank of New York Mellon Corporation (BNY Mellon) files a notice of data breach after learning that confidential information that had been entrusted to the company was leaked in what appears to be a third-party data breach.
Illinois Application for Benefits Eligibility (ABE)
May 12, 2023
•[ leak, misconfiguration, government ]
The Illinois Department of Healthcare and Family Services (HFS) and Department of Human Services (IDHS) disclose a data breach within the State of Illinois Application for Benefits Eligibility (ABE) system's Manage My Case (MMC) portal.
Public Health Management Corporation (PHMC)
May 8, 2023
•[ hack, misconfiguration, healthcare ]
Public Health Management Corporation (PHMC) files a notice of data breach after discovering that an unauthorized party was able to access confidential consumer information stored on the organization's computer network.
Cutout.Pro
May 7, 2023
•[ leak, misconfiguration, technology ]
AI service Cutout.Pro suffers a data breach exposing the personal information of 20 million members, including email addresses, hashed and salted passwords, IP addresses, and names.
