The Wayback Machine
October 9, 2024
•[ hack, ddos, technology ]
Internet Archive's "The Wayback Machine" suffers a wave of DDoS attacks.
Young Consulting (now Connexure)
October 4, 2024
•[ ransomware, malware, technology ]
Young Consulting sends data breach notifications to 954,177 people who had their information exposed in a BlackSuit ransomware attack on April 10, 2024.
Red Barrels
October 2, 2024
•[ hack, technology ]
Canadian video game developer Red Barrels warns that the development of its Outlast games will likely be delayed after the company suffered a cyberattack impacting its internal IT systems and data.
Switch
October 1, 2024
•[ leak, misconfiguration, technology ]
In October 2024, the Hungarian IT headhunting service Switch inadvertently exposed thousands of customer records via a public GitHub repository. The exposed data contained job applications with names, email addresses and in some cases, commentary on the applicant.
Internet Archive
September 28, 2024
•[ hack, technology ]
In September 2024, the digital library of internet sites Internet Archive suffered a data breach that exposed 31M records. The breach exposed user records including email addresses, screen names and bcrypt password hashes.
Dell
September 25, 2024
•[ leak, technology ]
The threat actor going by the handle of 'grep' claims to have breached Dell for the third time and leaks 500 MB of sensitive data.
Deloitte
September 24, 2024
•[ leak, misconfiguration, technology ]
The threat actor known as IntelBroker announces late last week on the BreachForums cybercrime forum the availability of internal communications obtained from Deloitte, specifically an internet-exposed Apache Solr server that was accessible with default credentials. However the company replies that there is no thret to sensitive data.
Lebanon’s telecoms networks
September 23, 2024
•[ hack, technology ]
Israeli military officials warn residents in southern Lebanon and parts of Beirut to evacuate villages and neighbourhoods, sparking concerns that Israel had hacked into its northern neighbours telecommunications networks.
Dell
September 22, 2024
•[ hack, technology ]
Grep, the threat actor who claimed to have breached Dell, now claims to have breached the same company again.
Dell
September 19, 2024
•[ leak, technology ]
Dell confirms to be investigating recent claims that it suffered a data breach after a threat actor dubbed "grep" leaked the data for over 10,000 employees.
Muah.AI
September 17, 2024
•[ leak, technology ]
In September 2024, the "AI girlfriend" website Muah.AI suffered a data breach. The breach exposed 1.9M email addresses alongside prompts to generate AI-based images. Many of the prompts were highly sexual in nature, with many also describing child exploitation scenarios.
Experience Engine
September 16, 2024
•[ leak, technology ]
The threat actor known as IntelBroker claims to have breached the UK-based company Experience Engine, allegedly exposing sensitive data. The hacker is selling the data on an online forum, raising concerns about data security for affected clients and businesses.
Radio Geretsried
September 15, 2024
•[ ransomware, malware, technology ]
Radio Geretsried, a local station in Germany, has blamed unknown attackers from Russia after an apparent ransomware incident left it broadcasting music from emergency backups.
Fortinet
September 12, 2024
•[ leak, misconfiguration, technology ]
Fortinet confirms it suffered a data breach after a threat actor with the moniker of "Fortibitch" claims to have stolen 440GB of files from the company's Microsoft Sharepoint server.
Cisco
September 4, 2024
•[ leak, malware, technology ]
Ciscos site for selling company-themed merchandise is offline and under maintenance due to threat actors compromising it with JavaScript code that steals sensitive customer details provided at checkout exploiting CVE-2024-34102.
VK
September 3, 2024
•[ leak, technology ]
A threat actor using the alias HikkI-Chan leaks the personal details of over 390 million VK users (specifically, 390,425,719) on the notorious cybercrime and hacker platform Breach Forums. The data was stolen from a third-party.
Tracelo
September 2, 2024
•[ leak, technology ]
A threat actor using the alias Satanic claims to have breached Tracelo, a smartphone geolocation tracking service. As a result, the hacker has leaked the personal details of over 1.4 million individuals (1,459,014) on the notorious Breach Forums.
Fur Affinity
August 22, 2024
•[ hack, phishing, technology ]
Fur Affinity, a popular social networking website for the furry community, is compromised, after threat actors successfully gained control of the websites domain, redirecting users to phishing sites, crypto scams and other malicious content.
Zee Media Corporation Limited
August 21, 2024
•[ hack, misconfiguration, technology ]
A group of Bangladeshi hacktivists, operating under the alias SYSTEMADMINBD, defaces the official website of Zee Media Corporation Limited, accusing the media giant of making fun of the situation in Bangladesh, referring to the ongoing floods caused by heavy rainfall.
MC2 Data
August 18, 2024
•[ leak, misconfiguration, technology ]
In August 2024, data aggregator MC2 Data left a database publicly accessible without a password which was subsequently discovered by a security researcher. The breach exposed the personal information of 2.1M subscribers to the service which was marketed under a series of different brand names. The data included email addresses, names and salted SHA-256 password hashes.
