VoIP
September 16, 2021
•[ hack, ddos, technology ]
Voice over internet provider suffers a DDOS attack disrupting company operations.
TTEC
September 12, 2021
•[ ransomware, malware, technology ]
Customer support company is hit with Ragnar Locker ransomware.
KrebsOnSecurity
September 9, 2021
•[ hack, ddos, technology ]
US security blog is the target of a DDOS attack executed by the Meris botnet.
Yandex
September 7, 2021
•[ hack, ddos, technology ]
Russian internet giant is targeted in a massived DDOS attack continuing for over a week.
Jenkins
September 4, 2021
•[ hack, malware, technology ]
Hackers exploit vulnerability to install Monero miner in the Jenkin's Confluence project system.
Vocus NZ
September 3, 2021
•[ hack, ddos, technology ]
New Zealand's third largest internet provider is hit with a massive DDOS attack causing temporary widespread internet outage.
Voip Unlimited
September 2, 2021
•[ ransomware, ddos, technology ]
UK telecommunications company is hit with a sophisticated DDOS attack and attached to a ransom demand.
Unknown Bahrain IT company
September 1, 2021
•[ espionage, hack, technology ]
Iranian group compromised email accounts at Bahrain-based IT company that works with government clients, who were likely the group's ultimate target.
Roshan
September 1, 2021
•[ espionage, technology ]
Researchers detect espionage campaign against one of Afghanistan's largest telecommunications providers.
American Megatrends International
August 26, 2021
•[ ransomware, malware, technology ]
The RansomEXX ransomware gand drops leaked data samples on their TOR site.
DatPiff
August 25, 2021
•[ leak, misconfiguration, technology ]
In late 2021, email address and plain text password pairs from the rap mixtape website DatPiff appeared for sale on a popular hacking forum. The data allegedly dated back to an earlier breach and in total, contained almost 7.5M email addresses and cracked password pairs. The original data source allegedly contained usernames, security questions and answers and passwords stored as MD5 hashes with a static salt.
Imavex
August 20, 2021
•[ hack, misconfiguration, technology ]
In August 2021, the website development company Imavex suffered a data breach that exposed 878 thousand unique email addresses. The data included user records containing names, usernames and password material with some records also containing genders and partial credit card data, including the last 4 digits of the card and expiry date. Hundreds of thousands of form submissions and orders via Imavex customers were also exposed and contained further personal information of submitters and the contents of the form. The compromised system was subsequently sunset in January 2024 and all customer data impacted by the incident was permanently deleted.
AT&T
August 20, 2021
•[ hack, misconfiguration, technology ]
In March 2024, tens of millions of records allegedly breached from AT&T were posted to a popular hacking forum. Dating back to August 2021, the data was originally posted for sale before later being freely released. At the time, AT&T maintained that there had not been a breach of their systems and that the data originated from elsewhere. 12 days later, AT&T acknowledged that data fields specific to them were in the breach and that it was not yet known whether the breach occurred at their end or that of a vendor. AT&T also proceeded to reset customer account passcodes, an indicator that there was sufficient belief passcodes had been compromised. The incident exposed names, email and physical addresses, dates of birth, phone numbers and US social security numbers.
T-Mobile
August 14, 2021
•[ hack, technology ]
Hacker claims to have breached T-Mobile's servers stealing personal data of approximately 100 million customers.
Accenture
August 11, 2021
•[ ransomware, malware, technology ]
Accenture suffers a ransomware attack that appears to stem from a compromised employee computer, hackers claim to have stolen 6TB of data.
Stor-a-File
August 1, 2021
•[ ransomware, malware, technology ]
Data capture and storage company suffers ransomware attack.
Morley Companies
August 1, 2021
•[ ransomware, leak, technology ]
Business services provider suffers ransomware attack resulting in significant data breach including personal information of over 500,000 individuals.
Sebastian
August 1, 2021
•[ ransomware, leak, malware ]
Lorenz executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
Open Subtitles
August 1, 2021
•[ ransomware, misconfiguration, technology ]
In August 2021, the subtitling website Open Subtitles suffered a data breach and subsequent ransom demand. The breach exposed almost 7M subscribers' personal data including email and IP addresses, usernames, the country of the user and passwords stored as unsalted MD5 hashes.
AndroidLista
July 28, 2021
•[ hack, misconfiguration, technology ]
In July 2021, the Android applications and games review site AndroidLista suffered a data breach. The incident exposed 6.6M user records containing email addresses, names, usernames and passwords stored as salted SHA-1 hashes, all of which were subsequently posted to a popular hacking forum. AndroidLista did not respond when contacted about the breach.
