Illinois Department Of Human Services
April 25, 2024
•[ social, phishing, government ]
The Illinois Department Of Human Services reveals that a phishing attack affected more than 1.1M public assistance clients.
LastPass
April 10, 2024
•[ social, phishing, technology ]
LastPass reveals that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer.
Political Parties in Germany
April 4, 2024
•[ social, phishing, government ]
The German Federal Office for Information Security, or BSI, and the Federal Office for the Protection of the Constitution warn that phishing attacks targeting political parties surged ahead of upcoming European Union elections.
IT help desks across the Healthcare and Public Health (HPH) sector.
April 3, 2024
•[ social, healthcare ]
The U.S. Department of Health and Human Services (HHS) warns that threat actors are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector.
Department of State employees and annuitants
March 25, 2024
•[ social, government ]
The State Departments oversight office warns current and former employees to be cautious of a fraudulent scheme targeting workers payroll accounts.
Crypt investors in Hong Kong
March 25, 2024
•[ social, phishing, finance ]
The Securities and Futures Commission of Hong Kong warns against entities operating under the name "HKCEXP" and "EDY" saying the names falsely poses as an SFC-registered entities.
Individuals in the U.S.
March 18, 2024
•[ social, phishing, government ]
The U.S. Federal Trade Commission (FTC) warns that scammers are impersonating its employees to steal thousands of dollars from Americans.
Crypto users in Hong Kong
March 7, 2024
•[ social, phishing, finance ]
The Hong Kong Securities and Futures Commission blocks fake websites posing as major local cryptocurrency exchanges, impersonating two licensed exchanges in Hong Kong: OSL Digital Securities and Hash Blockchain Limited, also known as HashKey.
Audiences in the US, Israel, Germany, and France.
February 22, 2024
•[ social ]
A joint effort by SentinelLabs and ClearSky Cyber Security uncover a significant propaganda and disinformation campaign, possibly orchestrated by the Russia-aligned influence operation network called Doppelgnger.
University of Chicago Medical Center
January 30, 2024
•[ social, phishing, healthcare ]
The University of Chicago Medical Center reveals that a phishing incident involving the emails of workers at University of Chicago Medical Center may have exposed the personal information of about 10,300 people.
Alpha Supported Living Services
January 12, 2024
•[ social, phishing, healthcare ]
Alpha Supported Living Services (Alpha) files a notice of data breach after discovering that the organization was the recent victim of a phishing attack.
CoinGecko’s X (formerly Twitter) account
January 10, 2024
•[ finance, phishing, hack ]
Cryptocurrency data aggregator CoinGeckos X (formerly Twitter) account is briefly compromised to promote a crypto scam.
X account for the U.S. Securities and Exchange Commission (SEC)
January 9, 2024
•[ hack, social, government ]
The X account for the U.S. Securities and Exchange Commission is hacked to issue a fake announcement on the approval of Bitcoin ETFs on security exchanges.
Bill Lou
January 5, 2024
•[ social, phishing, finance ]
Bill Lou, co-founder of Nest Wallet, a cryptocurrency wallet startup, loses $125,000 to a crypto scam.
Radioactive Waste Management
December 31, 2023
•[ social, phishing, government ]
Threat actors try to break into Radioactive Waste Management (RWM) using LinkedIn lures.
Italian Istituto Poligrafico e Zecca dello Stato (IPZS)
December 10, 2023
•[ social, government ]
The Italian Istituto Poligrafico e Zecca dello Stato (IPZS) (State Mint and Polygraphic Institute) falls victim of a BEC scam and sends 3 million Euros (3.23 million USD) in Hungary.
Washington National Insurance Company
November 29, 2023
•[ social, phishing, finance ]
Washington National Insurance Company files a notice of data breach after discovering that a senior officer was targeted in a SIM-swapping attack.
Bitfinex
October 31, 2023
•[ social, phishing, finance ]
Bitfinex announces to have resolved a minor information security incident after a small portion of the customer support boards was accessed by an individual or group, through the phishing of a customer support agent.
CoinFlip
October 20, 2023
•[ social, phishing, technology ]
GPD Holdings d/b/a CoinFlip files a notice of data breach after discovering that a CoinFlip employee's email account was compromised.
Shadow
September 28, 2023
•[ hack, social, technology ]
In September 2023, the cloud gaming provider Shadow suffered a data breach that exposed over half a million customer records. The data included email and physical addresses, names and dates of birth. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
