South Korean Officials and Journalists
October 31, 2023
•[ financial, phishing, finance ]
The North Korean threat actors from Kimsuky are accused of impersonating South Korean officials and journalists in a plot to steal cryptocurrency for the North Korean regime.
Bitfinex
October 31, 2023
•[ social, phishing, finance ]
Bitfinex announces to have resolved a minor information security incident after a small portion of the customer support boards was accessed by an individual or group, through the phishing of a customer support agent.
CoinFlip
October 20, 2023
•[ social, phishing, technology ]
GPD Holdings d/b/a CoinFlip files a notice of data breach after discovering that a CoinFlip employee's email account was compromised.
Wishbone Medical
October 13, 2023
•[ hack, phishing, healthcare ]
Wishbone Medical files a notice of data breach after discovering that certain employee email accounts were subject to unauthorized access.
Galxe
October 6, 2023
•[ hack, phishing, technology ]
Web3 credentials and rewards platform Galxe suffers a DNS attack, refunding 980 victims with a total cost for the company a little over $396,000 .
Royal Women's Hospital
October 5, 2023
•[ hack, phishing, healthcare ]
The personal details of patients at Royal Women's Hospital in Melbourne are compromised after cybercriminals hack a staff member's private email.
Flagler County School District
October 3, 2023
•[ financial, phishing, education ]
The Flagler County School District is the target of a phishing fraud involving around $700,000 of funds.
Erie Family Health Centers
October 1, 2023
•[ hack, phishing, healthcare ]
Erie Family Health Centers confirms that the protected health information of 6,351 patients was potentially accessed or obtained by an unknown threat actor who gained access to the email account of one of its employees.
Molina Healthcare of Iowa
September 25, 2023
•[ hack, phishing, healthcare ]
Molina Healthcare of Iowa reveals to have discovered an unauthorized access to an employee email.
City of Fort Lauderdale
September 21, 2023
•[ financial, phishing, government ]
The Fort Lauderdale Police Department investigates a financial fraud incident involving the City of Fort Lauderdale, which lost $1.2 million dollars in a phishing scam.
Butler County
September 13, 2023
•[ hack, phishing, government ]
An email account related to the Butler County is compromised, sending unauthorized spam emails.
NOW Health Group
September 6, 2023
•[ leak, phishing, healthcare ]
NOW Health Group reveals that the protected health information of 4,661 individuals was compromised in a phishing attack.
Lawrence Public Schools
September 1, 2023
•[ financial, phishing, education ]
The Lawrence Public Schools are working to recover $2.7 million in funds that were recently "frozen" when a staffer responded to a phishing email sent by scammers posing as a vendor for the school district.
Prime Therapeutics
August 30, 2023
•[ hack, phishing, manufacturing ]
Prime Therapeutics reveals to have discovered unauthorized access to an employee's mobile email account.
Retool
August 29, 2023
•[ social, phishing, technology ]
Software company Retool says the accounts of 27 cloud customers were compromised following a targeted and multi-stage social engineering attack.
Associates in Pediatric Dentistry
August 25, 2023
•[ hack, phishing, healthcare ]
Associates in Pediatric Dentistry announces that unauthorized individuals gained access to certain employee email accounts that contained patient information.
Terra Protocol
August 22, 2023
•[ social, phishing, technology ]
Terra announces a temporary shuttering of its website to protect its users from interacting with an ongoing phishing scam on the platform.
Greater Dallas Healthcare Enterprises
August 11, 2023
•[ hack, phishing, healthcare ]
Greater Dallas Healthcare Enterprises (GDHE) files a notice of data breach after discovering that an unauthorized third party gained access to an employee's email account.
Capital Neurological Surgeons
August 4, 2023
•[ hack, leak, phishing ]
Capital Neurological Surgeons discloses that an unauthorized individual gained access to an employee email account and potentially obtained patient information.
Wojeski & Company
July 28, 2023
•[ ransomware, phishing, data leak ]
NY AG says Wojeski suffered a phishing-led ransomware incident that locked access to files, followed by a second breach when a vendors employee improperly accessed and exfiltrated client data. Notifications lagged by over a year. Settlement requires encryption, inventorying locations of personal data, stronger access controls, vulnerability management, and a formal IR plan; $60,000 penalty and credit monitoring for affected New Yorkers.
