Encore Bank
January 31, 2024
•[ hack, phishing, finance ]
Encore Bank files a notice of data breach after discovering that an unauthorized party was able to gain access to an employees email account.
University of Chicago Medical Center
January 30, 2024
•[ social, phishing, healthcare ]
The University of Chicago Medical Center reveals that a phishing incident involving the emails of workers at University of Chicago Medical Center may have exposed the personal information of about 10,300 people.
Passenger Rail Agency of South Africa (PRASA)
January 19, 2024
•[ financial, phishing, government ]
South Africa's railway agency (PRASA) discloses that it lost some 30.6 million rand (US$1.6 million) after the transport network fell victim to a phishing scam.
Alpha Supported Living Services
January 12, 2024
•[ social, phishing, healthcare ]
Alpha Supported Living Services (Alpha) files a notice of data breach after discovering that the organization was the recent victim of a phishing attack.
CoinGecko’s X (formerly Twitter) account
January 10, 2024
•[ finance, phishing, hack ]
Cryptocurrency data aggregator CoinGeckos X (formerly Twitter) account is briefly compromised to promote a crypto scam.
CoinGecko’s X (formerly Twitter) account
January 10, 2024
•[ account takeover, cryptocurrency scam, phishing ]
Cryptocurrency data aggregator CoinGeckos X (formerly Twitter) account is briefly compromised to promote a crypto scam.
At least one individual in Ukraine
January 6, 2024
•[ phishing, credential harvesting, state-sponsored attack ]
The article reports researchers observed a months-long phishing/credential-harvesting operation targeting users of UKR.NET, a popular Ukrainian webmail and news service. The campaign ran from June 2024 through April 2025 and was attributed to Russian state-backed BlueDelta (APT28/Fancy Bear/Forest Blizzard). Researchers said the actors created multiple fake UKR.NET login pages and sent phishing emails with PDF attachments containing embedded links to the fraudulent portals, with more than 20 linked PDF lure files identified. The purpose was assessed as harvesting credentials and gathering intelligence supporting broader Russian objectives; the reporting did not quantify how many users were successfully compromised.
Bill Lou
January 5, 2024
•[ social, phishing, finance ]
Bill Lou, co-founder of Nest Wallet, a cryptocurrency wallet startup, loses $125,000 to a crypto scam.
X account of nonprofit consortium ‘The Green Grid'
January 3, 2024
•[ hack, phishing, healthcare ]
The X (formerly Twitter) account of nonprofit consortium The Green Grid' is hijacked to promote a cryptocurrency scam.
Game Freak
January 1, 2024
•[ hack, phishing ]
hacked (phishing)
Radioactive Waste Management
December 31, 2023
•[ social, phishing, government ]
Threat actors try to break into Radioactive Waste Management (RWM) using LinkedIn lures.
Mountain Dermatology Specialists
December 28, 2023
•[ hack, phishing, healthcare ]
Mountain Dermatology Specialists reports an email account breach that was detected on October 26, 2023.
Lake County Health Department
December 20, 2023
•[ hack, phishing, healthcare ]
Lake County Health Department investigates a security incident involving unauthorized access to an employee's email account.
Talus Pay
December 14, 2023
•[ hack, phishing, finance ]
AMCP Payments Intermediate Company d/b/a Talus Pay files a notice of data breach after discovering that an unauthorized party had gained access to an employee email account.
High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States
November 30, 2023
•[ espionage, malware, phishing ]
Researchers from Microsoft discover a new campaign from the Iranian-backed Mint Sandstom state hackers, targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing a new backdoor malware known as MediaPl.
Tax Favored Benefits
November 30, 2023
•[ hack, phishing, finance ]
Tax Favored Benefits (TFB) files a notice of data breach after discovering that an unauthorized party had gained access to an employees email account.
Washington National Insurance Company
November 29, 2023
•[ social, phishing, finance ]
Washington National Insurance Company files a notice of data breach after discovering that a senior officer was targeted in a SIM-swapping attack.
Government Agencies in Ukraine
November 12, 2023
•[ hack, phishing, government ]
Researchers from the Ukraine Computer Emergency Response Team (CERT-UA) discover a new campaign distributing the REMCOS rat via phishing letters to their targets, disguising them as official requests from Ukraine's security service (SBU).
Hilb Group Operating Company
November 2, 2023
•[ hack, phishing, finance ]
The Hilb Group Operating Company (Hilb) files a notice of data breach after learning that an unauthorized party was able to access certain employee email accounts.
Advarra
November 1, 2023
•[ ransomware, phishing, healthcare ]
An Advarra employee falls victim of a compromise of their phone number and the threat actors from ALPHV/BlackCat claim to have acquired over 120GB+ of confidential data belonging to customers, patients, and current and former employees.
