Senior Dating
November 23, 2024
•[ leak, misconfiguration, technology ]
In 2024, the 40+ dating website Senior Dating suffered a data breach. Attributed to an exposed Firebase database, the breach included extensive personal information on 766k users of the service including email addresses, photos, genders, links to Facebook accounts, dates of birth and precise latitude and longitude, among other personal attributes. The website was shut down after the breach was acknowledged by the site operator in December, along with a breach of the "ladies.com" website run by the same organisation.
Numocity
November 21, 2024
•[ leak, technology ]
The threat actor named CyberN-----s claims to have breached Tesla leaking 116,000 rows of data. in reality the data belongs to Numocity, a manufacturer of EV charging software, middleware, smart charges and more.
Blue Yonder
November 21, 2024
•[ ransomware, malware, technology ]
Supply chain management firm Blue Yonder warns that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK.
Human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe
November 21, 2024
•[ espionage, malware, government ]
Researchers at Recorded Future identify an ongoing Russia-linked cyber-espionage campaign targeting human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe using custom malware.
iLearningEngines
November 18, 2024
•[ financial, hack, technology ]
iLearningEngines, an artificial intelligence company, says that a threat actor breached its network and stole a $250,000 wire payment.
FlipaClip
November 18, 2024
•[ leak, misconfiguration, technology ]
In November 2024, the animation app FlipaClip suffered a data breach that exposed almost 900k records due to an exposed Firebase server. The impacted data included name, email address, country and date of birth. FlipaClip advised the issue has since been rectified.
International Game Technology
November 17, 2024
•[ hack, technology ]
International Game Technology (IGT), one of the largest gambling companies in the U.S. says that a cyberattack caused massive disruptions to their operations, forcing them to take some systems offline.
Call of Duty gamers
November 7, 2024
•[ hack, misconfiguration, technology ]
A threat actor dubbed Vizor reveals that they banned thousands of Call of Duty gamers by abusing anti-cheat flaw.
MIT’s Technology Review
November 4, 2024
•[ leak, misconfiguration, technology ]
The threat actor known as Intel Broker claims to have stolen the personal data of 290,762 individuals from MITs Technology Review website via a third-party contractor.
Metawin
November 3, 2024
•[ financial, malware, technology ]
A threat actor steals over $4 million from crypto casino Metawin's Ethereum and Solana hot wallets
Organizations in Israel
October 31, 2024
•[ espionage, malware, technology ]
Researchers at Check Point reveal that the threat actor dubber WIRTE, affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks with the SameCoin malware that exclusively target Israeli entities.
SuperDraft
October 27, 2024
•[ leak, technology ]
In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, purchases, latitudes and longitudes, dates of birth and bcrypt password hashes.
SuperDraft
October 27, 2024
•[ leak, technology ]
In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, transactions, latitudes and longitudes, dates of birth and bcrypt password hashes.
Esport North Africa
October 23, 2024
•[ leak, technology ]
A threat actor known as Shooked, leaks the personal details of over 180,000 Esport North Africa (ESNA) users just one day before the tournament is set to begin in Morocco.
Free
October 17, 2024
•[ leak, technology ]
In October 2024, French ISP "Free" suffered a data breach which was subsequently posted for sale and later, leaked publicly. The data included 14M unique email addresses along with names, physical addresses, phone numbers, genders, dates of birth and for many records, IBAN bank account numbers. Free advised that the numbers were "not enough to make a direct debit from a bank".
Flat Earth Sun, Moon and Zodiac App
October 15, 2024
•[ leak, misconfiguration, technology ]
In October 2024, the flat earth sun, moon and zodiac app created by Flat Earth Dave was found to be leaking extensive personal information of its users. The data included 33k unique email addresses along with usernames, latitudes and longitudes (their position on the globe) and passwords stored in plain text. A small number of profiles also contained names, dates of birth and genders.
The Club Penguin Experience
October 14, 2024
•[ leak, technology ]
In October 2024, The Club Penguin Experience (TCPE) suffered a data breach. The incident exposed over 6k subscribers' email addresses alongside usernames, age groups, passwords stored as bcrypt hashes and in some cases, plain text password hints. TCPE sent prompt disclosure notices to impacted customers following the breach.
Novaya Gazeta Europe
October 14, 2024
•[ hack, ddos, technology ]
The Russian independent media outlet Novaya Gazeta Europe is targeted by several large-scale distributed denial-of-service (DDoS) attacks, temporarily knocking its website offline.
Game Freak
October 12, 2024
•[ leak, technology ]
Japanese video game developer Game Freak confirms it suffered a cyberattack in August after source code and game designs for unpublished games were leaked online.
The Wayback Machine
October 9, 2024
•[ hack, ddos, technology ]
Internet Archive's "The Wayback Machine" suffers a wave of DDoS attacks.
