Convex
January 31, 2023
•[ leak, technology ]
In name of #OpRussia, the Anonymous leak 128GB of data stolen from Russian ISP Convex.
Genova Burns
January 31, 2023
•[ hack, technology ]
Genova Burns, a mid-sized law firm representing Uber notifies an unknown number of its drivers that sensitive data was exposed and stolen due to a cyber-attack.
IT Servicios
January 30, 2023
•[ ransomware, leak, malware ]
Telecommunications firm IT Servicios is also added to LockBit3.0's ransomware leak site.
Skyview Networks
January 30, 2023
•[ hack, technology ]
An unauthorized person or group gains access to internal systems used by Skyview Networks, disrupting the delivery of the CBS World News Roundup and other programming to radio affiliates.
Verizon
January 27, 2023
•[ leak, misconfiguration, technology ]
IntelBroker leaks a database, allegedly from Verizon, for free, containing 7.5 million clients' records, only first names, device types (Apple or Android), and service plans. Verizon verified that the data leak was legitimate and originated from a vendor which creates videos to assist clients.
Undisclosed third-party vendor
January 26, 2023
•[ leak, technology ]
Telecommunications company Charter Communications says one of its third-party vendors suffered from a security breach after data from the company showed up on a hacking forum.
Eye4Fraud
January 25, 2023
•[ hack, misconfiguration, technology ]
In February 2023, data alleged to have been taken from the fraud protection service Eye4Fraud was listed for sale on a popular hacking forum. Spanning tens of millions of rows with 16M unique email addresses, the data was spread across 147 tables totalling 65GB and included both direct users of the service and what appears to be individuals who'd placed orders on other services that implemented Eye4Fraud to protect their sales. The data included names and bcrypt password hashes for users, and names, phone numbers, physical addresses and partial credit card data (card type and last 4 digits) for orders placed using the service. Eye4Fraud did not respond to multiple attempts to report the incident.
Mscripts
January 17, 2023
•[ hack, misconfiguration, technology ]
Mscripts files notice of a data breach after determining confidential consumer information entrusted to the company was accessible by an unauthorized party.
ODIN Intelligence
January 15, 2023
•[ hack, technology ]
The website for ODIN Intelligence, a company that provides technology and tools for law enforcement and police departments, is defaced.
24 Hours of Le Mans Virtual
January 15, 2023
•[ hack, ddos, technology ]
Threat actors disrupt the 24 Hours of Le Mans Virtual esports event.
Slovakian TV channels
January 14, 2023
•[ hack, ddos, technology ]
Anonymous Russia claims to have conducted DDoS attacks against the websites of four Slovakian TV channels.
MSAB
January 13, 2023
•[ hack, leak, technology ]
The same hacktivist group Enlace Hacktivist leaks some data from the Swedish forensic firm MSAB.
Cellebrite
January 13, 2023
•[ hack, technology ]
A hacktivist group named Enlace Hacktivist leaks 1.7TB of data of Cellebrite.
DNV
January 7, 2023
•[ ransomware, malware, technology ]
About 1,000 vessels are affected by a ransomware attack against DNV, a major software supplier for ships.
AT&T
January 6, 2023
•[ leak, misconfiguration, technology ]
A threat actor named IntelBroker claims to have found a third-party vendor's unsecured cloud storage containing 37 million AT&T client records. The threat actor shares a sample of 5 million records.
CGM LLC
January 5, 2023
•[ ransomware, malware, technology ]
CGM LLC, a U.S. SaaS provider is hit by the Clop ransomware gang.
3Mob
January 5, 2023
•[ hack, ddos, technology ]
The Russian-affiliated People's CyberArmy claims to have conducted a DDoS attack against the website of a Ukrainian mobile operator.
T-Mobile
January 5, 2023
•[ hack, misconfiguration, technology ]
T-Mobile discloses a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application Programming Interfaces (APIs).
CircleCI
January 4, 2023
•[ hack, technology ]
CircleCI, a software development service discloses a security incident and is urging users to rotate their secrets.
iD Tech
January 3, 2023
•[ hack, leak, technology ]
In February 2023, the tech camps for kids service iD Tech had almost 1M records posted to a popular hacking forum. The data included 415k unique email addresses, names, dates of birth and plain text passwords which appear to have been breached in the previous month. iD Tech did not respond to multiple attempts to report the incident.
