Brontoo Technology Solutions
July 31, 2024
•[ ransomware, technology ]
A RansomEXX ransomware attack on Brontoo Technology Solutions, a partner of C-Edge Technologies, a technology service provider, forces payment systems across nearly 300 small local banks in India to shut down temporarily.
Microsoft
July 30, 2024
•[ hack, ddos, technology ]
Microsoft says that a DDoS attack led to an eight hour outage involving its Azure portal, as well as some Microsoft 365 and Microsoft Purview services.
Locata
July 29, 2024
•[ social, phishing, technology ]
A cyber attack on software company Locata spreads across councils across Greater Manchester, leaving thousands of residents vulnerable to a phishing scam.
Ubook
July 28, 2024
•[ leak, misconfiguration, technology ]
In July 2024, 700k unique email addresses from the audiobook platform Ubook were posted to a popular hacking forum. Allegedly scraped from the service, the data appears to be sourced from the Ubook Exchange (UBX) and also includes names, genders, dates of birth and links to profile photos.
Avanpost
July 26, 2024
•[ hack, leak, technology ]
A pro-Ukrainian hacker group, known as Cyber Anarchy Squad, claims it hacked the Russian information security firm Avanpost and leaked 390 gigabytes of its data, destroyed over 60 terabytes, and disrupted over 400 virtual machines and physical workstations.
Team Software
July 26, 2024
•[ leak, technology ]
Business software maker Team Software (WorkWave) revealed this week that a recent data breach impacts nearly 100,000 individuals.
Spytech Software
July 25, 2024
•[ hack, malware, technology ]
Spytech, a little-known spyware maker is hacked, revealing thousands of devices around the world under its stealthy remote surveillance.
Megafon
July 23, 2024
•[ hack, ddos, technology ]
Ukraines military intelligence (HUR) also claims responsibility for a DDoS attack to several large telecom operators in Russia.
Taiwanese government-affiliated research institute
July 15, 2024
•[ espionage, malware, government ]
Researchers from Cisco Talos reveal that a Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by the nation-state threat actors APT41 with ties to China, through a variety of backdoors and post-compromise tools like ShadowPad and Cobalt Strike.
Fractal ID
July 14, 2024
•[ hack, misconfiguration, technology ]
Web3 identity solutions provider Fractal ID reveals that a threat actor recently managed to exfiltrate data belonging to 6,300 users or 0.5% of its user base after compromising credentials for an operator account that had admin privileges.
AT&T
July 12, 2024
•[ leak, misconfiguration, technology ]
AT&T warns of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its mobile customers, from an online database on the company's Snowflake account.
MSI
July 7, 2024
•[ leak, misconfiguration, technology ]
In July 2024, MSI inadvertently exposed hundreds of thousands of customer records related to RMA claims that were subsequently found to be publicly accessible. The data included 250k unique email addresses alongside names, phone numbers, physical addresses and warranty claims. When contacted about the incident, MSI advised that "there is no evidence the information was ever accessed" and that "the security incident we had did not trigger state data breach notification obligations" due to the absence of "(social security number, driver's license number.etc)".
FNTech
July 5, 2024
•[ hack, misconfiguration, technology ]
Roblox announces that it suffered a data breach impacting attendees of the 2022, 2023, and 2024 Roblox Developer Conference attendees, after a vendor, FNTech, is compromised.
AnimeLeague
July 4, 2024
•[ leak, sqlinjection, technology ]
In July 2024, AnimeLeague disclosed a data breach of their services. The data was posted for sale on a popular hacking forum and included 2 databases covering both event registration records and a dump of the phpBB bulletin board. The impacted data included passwords in various hashed formats including SHA-1, salted md5 and bcrypt, as well as usernames, private messages, dates of birth, purchases and 192k unique email addresses.
FNTECH
July 4, 2024
•[ leak, technology ]
In July 2024, the events management platform FNTECH suffered a data breach that exposed 10k unique email addresses. The data contained registrants from various events, including participants of the Roblox Developer Conference registration list. The data also included names and IP addresses.
Ladies.com
July 3, 2024
•[ leak, misconfiguration, technology ]
In 2024, the lesbian dating website ladies.com suffered a data breach. Attributed to an exposed Firebase database, the breach included extensive personal information on 119k users of the service including email addresses, photos, sexual orientation, genders, dates of birth and precise latitude and longitude, among other personal attributes. The website was shut down in mid-2024 and the breach later acknowledged by the site operator in December, along with a breach of the "Senior Dating" website run by the same organisation.
OVHcloud
July 2, 2024
•[ hack, ddos, technology ]
OVHcloud, says it mitigated a record-breaking distributed denial of service (DDoS) attack earlier this year, allegedly launched from a botnet of MilkroTik devices, which reached an unprecedented packet rate of 840 million packets per second (Mpps).
Roll20
June 29, 2024
•[ hack, technology ]
Roll20, a popular online tabletop platform for role-playing games (RPGs), reveals that its systems were breached.
Kadokawa
June 28, 2024
•[ ransomware, leak, malware ]
Japanese media giant Kadokawa confirms that some of its data was leaked in a ransomware attack early June 2024. The BlackSuit ransomware gang claims responsibility for the attack.
Telecommunication providers in Crimea
June 27, 2024
•[ hack, ddos, technology ]
Local authorities in Crimea warn of internet disruptions from distributed denial-of-service (DDoS) attacks targeting telecommunication providers.
