Data Breaches

An operator of the HelloKitty ransomware operation announced they changed the name to 'HelloGookie,' releasing passwords for previously leaked CD Projekt source code, Cisco network information, and decryption keys from old attacks..

The hackers say they have stolen 5.3 million records from the World-Check database, used by companies and banks for screening potential customers.

A ransomware gang called Daixin has taken credit for the breach, and claimed to steal millions of customer records dating back to 2017.

The Daixin Team ransomware gang claimed a recent cyberattack on Omni Hotels & Resorts and is now threatening to publish customers' sensitive information if a ransom is not paid.

Dutch chipmaker Nexperia confirmed late last week that hackers breached its network in March 2024 after a ransomware gang leaked samples of allegedly stolen data.

This is the second group to demand a ransom payment from Change Healthcare to prevent the release of stolen patient data in as many months.

Canadian retail chain Giant Tiger disclosed a data breach in March 2024. A threat actor has now publicly claimed responsibility for the data breach and leaked 2.8 million records on a hacker forum that they claim are of Giant Tiger customers.

Hackers already received a $22 million payment. Now a second group demands money.

Non-profit healthcare service provider Group Health Cooperative of South Central Wisconsin (GHC-SCW) has disclosed that a ransomware gang breached its network in January and stole documents containing the personal and medical information of over 500,000 individuals.

AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained.

The American Renal Associates (ARA) provides care to patients suffering from end-stage renal disease (ESRD) and is one of the largest dialysis service providers in the United States.

Home Depot has confirmed that it suffered a data breach after one of its SaaS vendors mistakenly exposed a small sample of limited employee data, which could potentially be used in targeted phishing attacks.

Attack "fully contained" after Medicare numbers compromised.

Cancer treatment and research center City of Hope is warning that a data breach exposed the sensitive information of over 820,000 patients.

India's government cloud exposed reams of sensitive data to the public internet because of a misconfiguration.

The U.S. Department of State is investigating claims of a cyber incident after a threat actor leaked documents allegedly stolen from a government contractor.

Data breach alerting service Have I Been Pwned (HIBP) warns that SurveyLama suffered a data breach in February 2024, which exposed the sensitive data of 4.4 million users.

Atraf, a popular Israeli LGBTQ dating app, has suffered a major data breach exposing personal information of over half a million users – Leaked data includes clear text password and payment card data – Atraf users are advised to change their passwords immediately!

Major data breach in Pakistan: government-run body compromised, exposing personal information of over 2.7 million citizens.

Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems.

MarineMax, self-described as one of the world's largest recreational boat and yacht retailers, says attackers stole employee and customer data after breaching its systems in a March cyberattack.

The OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server.

A threat actor has claimed a high-profile data breach against Mashvisor, claiming to hold multiple user and agent databases.

The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service (NHS) of Scotland.

The Finnish Police confirmed on Tuesday that the APT31 hacking group linked to the Chinese Ministry of State Security (MSS) was behind a breach of the country's parliament disclosed in March 2021.