Diplomatic entities and government agencies in Eastern Europe
March 14, 2023
•[ espionage, phishing, government ]
Researchers from BlackBerry reveal that the Russian state-backed group known as Nobelium is behind recent attempted cyberattacks on diplomatic entities and government agencies in the European Union via phishing emails with a malicious document attached, using the Polish Foreign Minister's recent visit to the US as a lure.
AllCare Plus Pharmacy
March 13, 2023
•[ social, phishing, healthcare ]
After an email phishing attack, AllCare Plus Pharmacy reports that 5,971 patients potentially had their protected health information (PHI) exposed.
Trinity Health Corporation
March 9, 2023
•[ leak, phishing, healthcare ]
Trinity Health Corporation files a notice of data breach after learning that a phishing incident resulted in the confidential information of tens of thousands of patients being leaked.
Beaver Medical Group (BMG)
March 8, 2023
•[ leak, phishing, healthcare ]
Beaver Medical Group (BMG) files a notice of data breach after discovering that a successful email phishing attack provided an unauthorized party with access to files containing confidential patient information.
Lake County Health Department and Community Health Center (LCHD/CHC)
March 6, 2023
•[ hack, phishing, government ]
Lake County Health Department and Community Health Center (LCHD/CHC) discloses a breach that impacted 17,000 individuals, when an unauthorized party accessed a Lake County employee's email account.
Concorde Investment Partners
March 2, 2023
•[ hack, phishing, finance ]
Concorde Investment Partners, parent company to Concorde Investment Services, Concorde Asset Management, and Concorde Insurance Agency (collectively "Concorde"), files a notice of data breach after discovering that an unauthorized party was able to access an employee's email account.
Activision
February 20, 2023
•[ social, phishing, technology ]
Activision confirms that it suffered a data breach in early December 2022 after hackers gained access to the company's internal systems by tricking an employee with an SMS phishing text. Few days later the threat actors leak some data allegedly stolen from the company.
Optima Dermatology
February 17, 2023
•[ hack, phishing, healthcare ]
The personal and health data of 59,872 Optima Dermatology patients is potentially accessed after the hack of an employee email account.
Asian Health Services (AHS)
February 13, 2023
•[ hack, phishing, healthcare ]
Asian Health Services (AHS) files a notice of data breach after learning that an unauthorized actor was able to access confidential patient information following a compromised employee email account.
La Clinica de la Raza
February 8, 2023
•[ hack, phishing, healthcare ]
La Clinica de La Raza files a notice of data breach after learning that certain employee email accounts containing confidential patient information were accessed by an unauthorized party over the course of a two-week period.
Ukrainian government agencies
February 6, 2023
•[ espionage, phishing, government ]
The Ukraine's computer emergency response team (CERT-UA) reveals that in a recent phishing campaign against Ukrainian government agencies, attackers attempted to install the Remcos surveillance software on victims' computers.
Gateway First Bank
February 1, 2023
•[ leak, phishing, finance ]
Gateway First Bank files a notice of data breach after confirming that unusual activity within multiple employee email accounts resulted in confidential customer information being leaked.
CRC Insurance Services
January 18, 2023
•[ hack, phishing, finance ]
CRC Insurance Services files a notice of data breach after discovering that an unauthorized party had accessed several employee email accounts.
United Health Services
January 18, 2023
•[ leak, phishing, healthcare ]
United Health Services of Delaware (UHS of Delaware) files a notice of data breach after learning that a vendor experienced a phishing attack compromising UHS of Delaware patient information.
Brookhaven Nuclear Laboratory (BNL)
January 6, 2023
•[ espionage, phishing, energy ]
The Russian group Cold River targeted the Brookhaven Nuclear Laboratory with a spear phishing campaign creating fake login pages.
Moldovan Govermental Institutions
January 2, 2023
•[ social, phishing, government ]
Moldova's government institutions are hit by a wave of phishing attacks after it pledged support for Ukraine in its defense against Russia.
U-Haul
January 1, 2023
•[ hack, phishing ]
stolen credentials
Minuteman Senior Services
December 22, 2022
•[ hack, phishing, healthcare ]
Minuteman Senior Services confirms that an unauthorized individual gained access to the email account of an employee.
Highmark Health
December 15, 2022
•[ social, phishing, finance ]
Highmark Health files a notice of data breach after learning that an employee's email account had been compromised following a phishing attack.
Gemini
December 13, 2022
•[ leak, phishing, finance ]
In late 2022, data allegedly taken from the Gemini crypto exchange was posted to a public hacking forum. The data consisted of email addresses and partial phone numbers, which Gemini later attributed to an incident at a third-party vendor (the vendor was not named). The data was provided to HIBP by a source who requested it be attributed to "ZAN @ BF".
