Innovative Service Technology Management Services
June 3, 2022
•[ ransomware, malware, technology ]
Innovative Service Technology Management Services reports a data breach after the company experienced a ransomware attack targeting its computer system.
SATT Sud-Est
June 2, 2022
•[ ransomware, malware, technology ]
SATT Sud-Est is the first victim of a new modus operandi by a ransomware gang dubbed Industrial Spy that compromises the victim's website to announce the attack.
MemeChat
June 1, 2022
•[ leak, misconfiguration, technology ]
In mid-2022, "the ultimate hub of memes" MemeChat suffered a data breach that exposed 7.4M records. Alleged to be due to a misconfigured Elasticsearch instance, the data contained 4.3M unique email addresses alongside usernames.
Pegasus Airlines
May 30, 2022
•[ leak, misconfiguration, technology ]
Turkish flight operator Pegasus Airlines suffers a data breach after an AWS cloud storage bucket is reportedly left unprotected and there was unauthorized access to certain information held by carrier.
Verizon
May 26, 2022
•[ hack, misconfiguration, technology ]
A hacker obtains a database that includes the full name, email address, corporate ID numbers, and phone number of hundreds of Verizon employees.
QuestionPro
May 21, 2022
•[ hack, misconfiguration, technology ]
In May 2022, the survey website QuestionPro was the target of an extortion attempt relating to an alleged data breach. Over 100GB of data containing 22M unique email addresses (some of which appear to be generated by the platform), are alleged to have been extracted from the service along with IP addresses, browser user agents and results relating to surveys. QuestionPro would not confirm whether a breach had occurred (although they did confirm they were the target of an extortion attempt), so the data was initially flagged as "unverified". Subsequent verification by impacted HIBP subscribers later led to the removal of the unverified flag.
Italian airports of Malpensa, Linate and Orio al Serio
May 20, 2022
•[ hack, ddos, technology ]
The websites of the Italian airports of Malpensa, Linate and Orio al Serio are taken down by the pro-Russian Killnet collective.
Nikkei
May 13, 2022
•[ ransomware, malware, technology ]
Publishing giant Nikkei discloses that the group's headquarters in Singapore was hit by a ransomware attack on May 13, 2022.
Trans Technology Pte Ltd.
May 11, 2022
•[ ransomware, leak, malware ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
Opus Interactive
May 9, 2022
•[ ransomware, malware, technology ]
Opus Interactive, a web hosting provider, is hit with a ransomware attack.
Ukrainian News Agencies
May 9, 2022
•[ hack, ddos, technology ]
Large-scale DDoS attack against leading telecommunications companies in Ukraine resulted in partial inaccessibility of their websites.
Russian TV
May 9, 2022
•[ hack, misconfiguration, technology ]
During the Russian President Putin's speech at today's "Victory Day" military parade, pro-Ukrainian hacking groups defaced the online Russian TV schedule page to display anti-war messages.
BlackBerry Fans
May 6, 2022
•[ hack, misconfiguration, technology ]
In May 2022, the Chinese BlackBerry enthusiasts website BlackBerry Fans suffered a data breach that exposed 174k member records. The impacted data included usernames, email and IP addresses and passwords stored as salted MD5 hashes.
Heroku
May 4, 2022
•[ hack, misconfiguration, technology ]
Salesforce-owned Heroku performs a forced password reset on a subset of user accounts. The company admits that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database.
PRGX Global Inc.
May 4, 2022
•[ ransomware, malware, technology ]
Black Basta drops examples of sensitive organizational data on their dark web page demanding payment under threat of publication.
Ziedot
May 4, 2022
•[ hack, ddos, technology ]
A Latvian national news agency and another latvian news organization were hit by DDoS attacks on May 04. This attack was the largest of a spate of attacks that had affected the news agency since the start of the war.
TUI UK
May 3, 2022
•[ ransomware, malware, technology ]
SNATCH executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
TV NORD GROUP
April 23, 2022
•[ ransomware, malware, technology ]
Black Basta drops examples of sensitive organizational data on their dark web page demanding payment under threat of publication.
AHS Aviation Handling Services GmbH
April 16, 2022
•[ ransomware, leak, technology ]
RANSOM HOUSE criminal gang exploits data and encrypts systems. Data and ransom demands presented on "leak" site on dark web.
