Numotion
September 2, 2024
•[ phishing, data leak ]
Email account compromises exposed customer information at numotion.
Fur Affinity
August 22, 2024
•[ hack, phishing, technology ]
Fur Affinity, a popular social networking website for the furry community, is compromised, after threat actors successfully gained control of the websites domain, redirecting users to phishing sites, crypto scams and other malicious content.
Locata
July 29, 2024
•[ social, phishing, technology ]
A cyber attack on software company Locata spreads across councils across Greater Manchester, leaving thousands of residents vulnerable to a phishing scam.
Connally Memorial Medical Center
July 29, 2024
•[ phishing, data leak ]
Unauthorized access to an employee email led to confirmation of broader file access; notice posted 27-09-2024; continued notifications.
Bloom Health Centers
June 28, 2024
•[ hack, phishing, healthcare ]
Psych Associates of Maryland LLC d/b/a Bloom Health Centers ("Bloom Health") discloses a security breach after the compromise of an employee's email.
Domestic flight in Australia
June 28, 2024
•[ hack, phishing ]
The AFP charges an Australian man (42) with operating a fake Wi-Fi access point on a domestic flight to steal user credentials and data.
The Ambulatory Surgery Center of Westchester
June 26, 2024
•[ social, phishing, healthcare ]
The Mount Kisco Surgery Center LLC d/b/a The Ambulatory Surgery Center of Westchester ("ASCW") discloses a security breach after the compromise of an employee's email.
Town of Arlington
June 5, 2024
•[ financial, phishing, government ]
The town of Arlington discloses that it had lost nearly $446,000 in a monthslong business email compromise (BEC) scam.
Official Microsoft India account on X (formerly Twitter)
June 3, 2024
•[ financial, hack, phishing ]
The official Microsoft India account on X (formerly Twitter), with over 211,000 followers, is hijacked by cryptocurrency scammers to impersonate Roaring Kitty, the handle used by notorious meme stock trader Keith Gill.
Alternate Solutions Health Network, LLC
May 30, 2024
•[ phishing, data leak ]
On or around May 30 2024, an unauthorized actor accessed an employee email account at Alternate Solutions Health Network. The account was secured after discovery; investigation concluded February 14 2025 and confirmed exposure of PHI. Notifications were issued beginning April 14 2025.
RestorixHealth
May 29, 2024
•[ phishing, data leak ]
Investigation confirmed unauthorized access to one mailbox (May 729, 2024); notification letters commenced Feb 14, 2025.
Adam Griffin
May 6, 2024
•[ social, phishing, finance ]
Adam Griffin, a crypto investor is robbed of nearly $500,000 in cryptocurrencies after a scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click yes to a Google prompt on his mobile device.
Undisclosed crypto investor
May 3, 2024
•[ financial, hack, phishing ]
An individual loses around $71 million worth of bitcoin in what appears to be an address poisoning attack. A week later the author of the attack returns the stolen bounty.
Atrium Health
April 29, 2024
•[ social, phishing, healthcare ]
Atrium Health sends notifications to patients who may have been impacted by a malicious email sent to employees in April, through which an unauthorized third party gained access to a group of employees emails.
Illinois Department Of Human Services
April 25, 2024
•[ social, phishing, government ]
The Illinois Department Of Human Services reveals that a phishing attack affected more than 1.1M public assistance clients.
LastPass
April 10, 2024
•[ social, phishing, technology ]
LastPass reveals that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer.
Political Parties in Germany
April 4, 2024
•[ social, phishing, government ]
The German Federal Office for Information Security, or BSI, and the Federal Office for the Protection of the Constitution warn that phishing attacks targeting political parties surged ahead of upcoming European Union elections.
New York City Automated Personnel System, Employee Self Service (known as NYCAPS/ESS)
March 31, 2024
•[ hack, phishing, government ]
The city of New York took its payroll website partially offline for the last nine days in response to a recent phishing scheme targeting city employees
Crypt investors in Hong Kong
March 25, 2024
•[ social, phishing, finance ]
The Securities and Futures Commission of Hong Kong warns against entities operating under the name "HKCEXP" and "EDY" saying the names falsely poses as an SFC-registered entities.
SPA Grand Prix
March 18, 2024
•[ hack, phishing, entertainment ]
Threat actors hijack the official contact email for the Belgian SPA Grand Prix event and use it to lure fans to a fake website promising a 50 gift voucher.
