Balticom
May 9, 2024
•[ hack, technology ]
Balticom, a Latvian television network, is also hijacked to air the Moscow parade
The Post Millennial
May 2, 2024
•[ hack, misconfiguration, technology ]
In May 2024, the conservative news website The Post Millennial suffered a data breach. The breach resulted in the defacement of the website and links posted to 3 different corpuses of data including hundreds of writers and editors (IP, physical address and email exposed), tens of thousands of subscribers to the site (name, email, username, phone and plain text password exposed), and tens of millions of email addresses from thousands of mailing lists alleged to have been used by The Post Millennial (this has not been independently verified). The mailing lists appear to be sourced from various campaigns not necessarily run by The Post Millennial and contain a variety of different personal attributes including name, phone and physical address (depending on the campaign). The data was subsequently posted to a popular hacking forum and extensively torrented.
Multiple Airlines
April 25, 2024
•[ espionage, ddos, technology ]
State officials from Lithuania and Estonia blame Russia for GPS jamming of commercial flights.
Tappware
April 23, 2024
•[ hack, misconfiguration, technology ]
In April 2024, a substantial volume of data was taken from the Bangladeshi IT services provider Tappware and published to a popular hacking forum. Comprising of 95k unique email addresses, the data also included extensive labour information on local citizens including names, physical addresses, job titles, dates of birth, genders and scans of government issued national identity (NID) cards.
MovieBoxPro
April 15, 2024
•[ leak, misconfiguration, technology ]
In April 2024, over 6M records from the streaming service MovieBoxPro were scraped from a vulnerable API. Of questionable legality, the service provided no contact information to disclose the incident, although reportedly the vulnerability was rectified after being mass enumerated.
Frontier Communications
April 14, 2024
•[ ransomware, malware, technology ]
American telecom provider Frontier Communications is hit by a cyberattack claimed by the RansomHub ransomware operation.
Undisclosed telephony provider
April 11, 2024
•[ hack, technology ]
Cisco Duo's security team warns that threat actors stole some customers' VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack on their telephony provider.
LastPass
April 10, 2024
•[ social, phishing, technology ]
LastPass reveals that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer.
GBI Genios
April 9, 2024
•[ hack, technology ]
GBI Genios, a database company used by numerous media organizations in Germany, announces its servers are unavailable due to a massive hacker attack.
National Public Data
April 9, 2024
•[ leak, technology ]
In April 2024, a large trove of data made headlines as having exposed "3 billion people" due to a breach of the National Public Data background check service. The initial corpus of data released in the breach contained billions of rows of personal information, including US social security numbers. Further partial data sets were later released including extensive personal information and 134M unique email addresses, although the origin and accuracy of the data remains in question. This breach has been flagged as "unverified" and a full description of the incident is in the link above.
Undisclosed organization(s) or individual(s)
April 3, 2024
•[ hack, malware, technology ]
Google fixes CVE-2024-29745 and CVE-2024-29748, two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them.
Samsung Germany Customer Tickets
March 30, 2024
•[ leak, malware, technology ]
In March 2025, data from Samsung Germany was compromised in a data breach of their logistics provider, Spectos. Allegedly due to credentials being obtained by malware running on a Spectos employee's machine, the breach included 216k unique email addresses along with names, physical addresses, items purchased from Samsung Germany and related support tickets and shipping tracking numbers.
Communications Workers Union
March 25, 2024
•[ hack, technology ]
The Communications Workers Union (CWU), which represents hundreds of thousands of employees in sectors across the UK economy including tech and telecoms, is currently working to mitigate a cyberattack.
Triacom
March 22, 2024
•[ hack, technology ]
The Russian threat actors from UAC-0165 disrupts the network of Triacom, a local ISP in Ukraine and claims to have obtained the client database and internal documentation.
Linktelecom
March 22, 2024
•[ hack, technology ]
The Russian threat actors from UAC-0165 disrupts the network of Linktelecom, a local ISP in Ukraine and claims to have obtained the client database and internal documentation.
KIM
March 20, 2024
•[ leak, technology ]
The Russian threat actors from UAC-0165 disrupts the network of KIM, a local ISP in Ukraine and claims to have obtained the client database and internal documentation.
The Pokémon Company
March 19, 2024
•[ hack, technology ]
The Pokmon Company says it detected hacking attempts against some of its users and reset those user account passwords.
Radiant Logistics
March 19, 2024
•[ hack, technology ]
Radiant Logistics, an international freight technology company, says it has cut off a portion of its business in Canada after a cyberattack.
MediaWorks
March 17, 2024
•[ financial, hack, technology ]
MediaWorks, a company based in New Zealand, says it is investigating an alleged security incident after a hacker claimed to have stolen the data of just over 2.4 million people and began targeting individuals for extortion payments.
Viber
March 16, 2024
•[ hack, technology ]
Pro-Palestinian threat actors calling themselves Handala Hack claim to have accessed 740GB of data from the messaging app Viber, including source code Viber denies the breach but is investigating Users are advised to change passwords.
