FlipaClip
November 18, 2024
•[ leak, misconfiguration, technology ]
In November 2024, the animation app FlipaClip suffered a data breach that exposed almost 900k records due to an exposed Firebase server. The impacted data included name, email address, country and date of birth. FlipaClip advised the issue has since been rectified.
International Game Technology
November 17, 2024
•[ hack, technology ]
International Game Technology (IGT), one of the largest gambling companies in the U.S. says that a cyberattack caused massive disruptions to their operations, forcing them to take some systems offline.
Call of Duty gamers
November 7, 2024
•[ hack, misconfiguration, technology ]
A threat actor dubbed Vizor reveals that they banned thousands of Call of Duty gamers by abusing anti-cheat flaw.
MIT’s Technology Review
November 4, 2024
•[ leak, misconfiguration, technology ]
The threat actor known as Intel Broker claims to have stolen the personal data of 290,762 individuals from MITs Technology Review website via a third-party contractor.
Metawin
November 3, 2024
•[ financial, malware, technology ]
A threat actor steals over $4 million from crypto casino Metawin's Ethereum and Solana hot wallets
Organizations in Israel
October 31, 2024
•[ espionage, malware, technology ]
Researchers at Check Point reveal that the threat actor dubber WIRTE, affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks with the SameCoin malware that exclusively target Israeli entities.
SuperDraft
October 27, 2024
•[ leak, technology ]
In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, transactions, latitudes and longitudes, dates of birth and bcrypt password hashes.
SuperDraft
October 27, 2024
•[ leak, technology ]
In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, purchases, latitudes and longitudes, dates of birth and bcrypt password hashes.
Esport North Africa
October 23, 2024
•[ leak, technology ]
A threat actor known as Shooked, leaks the personal details of over 180,000 Esport North Africa (ESNA) users just one day before the tournament is set to begin in Morocco.
Free
October 17, 2024
•[ leak, technology ]
In October 2024, French ISP "Free" suffered a data breach which was subsequently posted for sale and later, leaked publicly. The data included 14M unique email addresses along with names, physical addresses, phone numbers, genders, dates of birth and for many records, IBAN bank account numbers. Free advised that the numbers were "not enough to make a direct debit from a bank".
Flat Earth Sun, Moon and Zodiac App
October 15, 2024
•[ leak, misconfiguration, technology ]
In October 2024, the flat earth sun, moon and zodiac app created by Flat Earth Dave was found to be leaking extensive personal information of its users. The data included 33k unique email addresses along with usernames, latitudes and longitudes (their position on the globe) and passwords stored in plain text. A small number of profiles also contained names, dates of birth and genders.
Novaya Gazeta Europe
October 14, 2024
•[ hack, ddos, technology ]
The Russian independent media outlet Novaya Gazeta Europe is targeted by several large-scale distributed denial-of-service (DDoS) attacks, temporarily knocking its website offline.
The Club Penguin Experience
October 14, 2024
•[ leak, technology ]
In October 2024, The Club Penguin Experience (TCPE) suffered a data breach. The incident exposed over 6k subscribers' email addresses alongside usernames, age groups, passwords stored as bcrypt hashes and in some cases, plain text password hints. TCPE sent prompt disclosure notices to impacted customers following the breach.
Game Freak
October 12, 2024
•[ leak, technology ]
Japanese video game developer Game Freak confirms it suffered a cyberattack in August after source code and game designs for unpublished games were leaked online.
The Wayback Machine
October 9, 2024
•[ leak, misconfiguration, technology ]
Internet Archive's "The Wayback Machine" suffers a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records.
The Wayback Machine
October 9, 2024
•[ hack, ddos, technology ]
Internet Archive's "The Wayback Machine" suffers a wave of DDoS attacks.
Young Consulting (now Connexure)
October 4, 2024
•[ ransomware, malware, technology ]
Young Consulting sends data breach notifications to 954,177 people who had their information exposed in a BlackSuit ransomware attack on April 10, 2024.
Red Barrels
October 2, 2024
•[ hack, technology ]
Canadian video game developer Red Barrels warns that the development of its Outlast games will likely be delayed after the company suffered a cyberattack impacting its internal IT systems and data.
Switch
October 1, 2024
•[ leak, misconfiguration, technology ]
In October 2024, the Hungarian IT headhunting service Switch inadvertently exposed thousands of customer records via a public GitHub repository. The exposed data contained job applications with names, email addresses and in some cases, commentary on the applicant.
Internet Archive
September 28, 2024
•[ hack, technology ]
In September 2024, the digital library of internet sites Internet Archive suffered a data breach that exposed 31M records. The breach exposed user records including email addresses, screen names and bcrypt password hashes.
