Ukrainian Government Entities
December 12, 2022
•[ espionage, phishing, government ]
Ukrainian government agencies and the state railway are the latest victims of a new wave of phishing attacks, Ukraine's Computer Emergency Response Team (CERT-UA) reported last week.
HawaiiUSA Federal Credit Union (HawaiiUSA)
December 12, 2022
•[ leak, phishing, finance ]
HawaiiUSA Federal Credit Union (HawaiiUSA) files a notice of data breach after a phishing incident leaks the personal information of more than 20,000 bank customers.
Epic Management LLC
December 9, 2022
•[ hack, phishing, healthcare ]
The healthcare management company, Epic Management LLC, has recently announced that unauthorized individuals gained access to its digital environment and accessed files and data stored in its email system.
Activision
December 4, 2022
•[ social, phishing, technology ]
In December 2022, attackers socially engineered an Activision HR employee into disclosing information which led to the breach of almost 20k employee records. The data contained 16k unique email addresses along with names, phone numbers, job titles and the office location of the employee. Activision advised that no sensitive employee information was included in the breach.
Legacy Hospice
November 30, 2022
•[ hack, phishing, healthcare ]
Legacy Hospice in Alabama notified 21,202 individuals of a breach that stemmed from unauthorized access to a limited number of employee email accounts.
The Kelberman Center
November 1, 2022
•[ hack, phishing, healthcare ]
The Kelberman Center, a provider of services to individuals with autism, notifies 3,501 patients about a breach of employee email accounts.
Large U.S. car maker
November 1, 2022
•[ financial, phishing, manufacturing ]
Researchers from Blackberry reveal that the financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor.
Three Rivers Provider Network (TRPN)
October 31, 2022
•[ hack, phishing, finance ]
Three Rivers Provider Network (TRPN) submits notice of a data breach after the company determined that an unauthorized party was able to access an employee's email account containing sensitive information belonging to certain individuals.
St. Luke's Health
October 30, 2022
•[ hack, phishing, healthcare ]
St. Luke's Health notifies 16,906 individuals of a third-party data breach that impacted Adelanto Healthcare Ventures (AHCV), a consulting services vendor, after two of its employee email accounts were compromised by a third party.
Bed Bath & Beyond
October 29, 2022
•[ social, phishing, retail ]
Bed Bath & Beyond reveals in an SEC filing that it recently suffered a data breach after an employee fell victim to a phishing attack.
Zendesk
October 26, 2022
•[ hack, phishing, technology ]
Customer service solutions provider Zendesk suffers a data breach that resulted from employee account credentials getting phished by hackers.
Australian Institute of Company Directors (AIDC)
October 24, 2022
•[ social, phishing, education ]
Unknown threat actors flood the LinkedIn Chat with a fake Eventbrite link to a conference by the Australian Institute of Company Directors (AIDC).
Ukranian state organizations
October 21, 2022
•[ hack, phishing, government ]
According to Ukrainian CERT, Ukrainian state organizations have been targeted by cyberattacks using the RomCom malware. The attack vector was a phishing email, allegedly sent on behalf of the Press Service of the General Staff of the Ukrainian Armed Forces.
Seton Medical Center
October 14, 2022
•[ social, phishing, healthcare ]
A phishing incident hitting a vendor of Seton Medical Center may have exposed the patient names and clinical information.
Dropbox
October 14, 2022
•[ hack, phishing, technology ]
Dropbox discloses a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack.
Legacy Post Acute Care
October 12, 2022
•[ hack, phishing, healthcare ]
Legacy Post Acute Care confirms that multiple employee email accounts were accessed by an unauthorized individual, who may have viewed or acquired the protected health information of certain patients.
Eventus WholeHealth
October 6, 2022
•[ hack, phishing, healthcare ]
Eventus WholeHealth files an official notice of a data breach after the company learned that an unauthorized party had gained access to an employee's email account.
Crypto investors
October 3, 2022
•[ social, phishing, finance ]
The Federal Bureau of Investigation (FBI) warns of a rise in 'Pig Butchering' cryptocurrency scams used to steal ever-increasing amounts of crypto from unsuspecting investors.
Mission Essential Group (MEG)
September 30, 2022
•[ hack, phishing, government ]
The Mission Essential Group (MEG) files a notice of data breach after discovering that certain MEG email accounts may have been accessed by an unauthorized party.
Coeur Group
September 30, 2022
•[ hack, phishing, healthcare ]
The Coeur Group notifies 2,020 patients that some of their protected health information has potentially been accessed by an unauthorized individual who gained access to an employee's email account.
