Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday 19 August 2024

Data Breaches Digest - Week 34 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 19th August and 25th August 2024.


25th August

A Threat Actor Claims to Sell Data of Leal.co

Audit finds notable security gaps in FBI's storage media management

Don't get tricked: How to check if your Social Security number was part of data breach

Event Logging Key to Detecting Living-Off-The-Land (LOTL) Attacks, Security Agencies Say

New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules

Seattle Airport Admits Possible Cyber Attack Has Taken Key Check-In Systems Offline and Snarled The Baggage Sorting System

Telegram founder Pavel Durov arrested in France

Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures

Text scam: Chinese phishing crew behind fake delivery notifications

The Port of Seattle and Sea-Tac Airport say they’ve been hit by ‘possible cyberattack’

24th August

Check if Your Social Security Number Is Included in the National Public Data Breach

CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September

Cyber Attack in US: Iranian Hackers Targeted WhatsApp Accounts of Staffers in Joe Biden, Donald Trump Administrations, Meta Says

Firm in US accidentally hires North Korean hacker

Hacker Brigades: Why Did Hezbollah Establish Cyber Warfare Units?

Halliburton probes impact of cyber attack with law enforcement

Iranian hackers target WhatsApp accounts of Trump, Biden staff

Massive data breach affected billions - Here’s what to know

Meta blocks Whatsapp accounts in the USA due to hacker attacks

Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp

New Copybara Android Malware Remotely Controlling Infected Device

Qilin Ransomware Upgrades and Now Steals Google Chrome Credentials

Researchers Discover Several Potential Attack Vectors in Bicycles With Shimano Di2 Wireless Gear-Shifting System

Stealthy 'sedexp' Linux malware evaded detection for two years

Telegram Founder Pavel Durov Reportedly Arrested in France

Threat Actor Claims to Sell Data of 107 Million DPR RI Users for $100,000

U.S. Department of Justice Alleges Cybersecurity Failings By Georgia Tech

US Bank Data Breach: 10,953 Customers Sensitive Information Leaked

Vietnamese IT Firm BPOTech Allegedly Breached

Zimbabwe Government Places Priority on Cybersecurity Training for Public Servants

23rd August

$75M ransom payment made – 5 Key ransomware findings

90% of Americans are concerned about the rise in fraud

₦555m fine: Nigerian bank responds to data breach allegation

10,953 Customers at Two US Banks Receive Data Breach Alerts As Lenders Warn Extremely Sensitive Information at Risk

A Threat Actor Alleged Breach of Sri Lankan Farmers Community Database

A Threat Actor Alleged Database Access Sale of US Multinational Corporation

Almost a third of businesses in Ireland reserve budget for paying ransoms

American Radio Relay League confirms $1 million ransom payment

Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987)

Attackers draining bank accounts using new Android card cloning malware

Audit: FBI is Losing Track of Storage Devices Holding Sensitive Data

Audit Exposes Security Lapses in FBI’s Handling of Sensitive Storage Media

August Markets Face 11 Phishing Attacks, Investors Lose $57M

BlackSuit Ransomware Threat Actors Demand Up To $500 Million

Carespring Healthcare says October cyber attack impacted over 75,000 patients

Chilean Municipality Allegedly Breached

City of Flint making progress toward recovering from cyber attack

Congress demands answers about consumer data breach

Cyber attack disrupts Microchip's manufacturing operations

Cyberattack Hits Major Oil Company Halliburton, Forcing Some Systems Offline

Cybercrime: Assume breach, never trust and always verify

Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC)

Data breach at Dental Specialists of Minnesota exposes sensitive patient information

Department of Justice joins suit against Georgia Tech over cybersecurity failures with Defense Department

Expert Calls Iranian Hacker Who Attacked Donald Trump Experienced And Allegedly Related To Military Intelligence

Feds arrest Latvian man accused of extorting Karakurt victims

Fidelity Bank denies Nigerian Data Protection Commission (NDPC) data breach allegations

Fidelity Bank faults Nigerian Data Protection Commission (NDPC) data breach allegation

File sharing phishing attacks increase 350 percent

Five million WordPress websites in danger due to critical LiteSpeed Cache vulnerability

Focus on What Matters Most: Exposure Management and Your Attack Surface

Fraud tactics and the growing prevalence of AI scams

Georgia Tech Sued Over Cybersecurity Violations

Google Chrome details can be stolen by this clever new ransomware

GPs still face blood testing disruption two months after cyber attack

Gramercy Surgery Center Data Breach Affects Over 50,000 Patients

Greasy Opal's CAPTCHA solver still serving cybercrime after 16 years

Hacker sentenced after faking death to get out of paying child support

Hacker tried breaking into registry to fake his death

Hacker Tried to Dodge Child Support by Breaking Into Registry to Fake His Death, Prosecutors Say

Hackers now use AppDomain Injection to drop CobaltStrike beacons

Hacks trigger a cascade of problems for altcoins

Halliburton Calls In Law Enforcement to Investigate Cyber Attack Impact

Halliburton confirms cyber attack on certain systems

Halliburton Confirms Cyber Attack on Some Systems

Halliburton confirms cyber incident in SEC filing

Halliburton Confirms Reports of Cyberattack, Investigates Possible Data Breach

Halliburton forced to take systems offline to contain cyberattack

Halliburton probes impact of cyber attack with law enforcement

Halliburton shuts down systems after cyberattack

Healthcare Data Breach Statistics

Healthcare Sector Warned About Everest Ransomware Group

Hong Kong Monetary Authority Issues Alert on Fraudulent Websites and Phishing Messages Related to ICBC (Asia)

Hong Kong Monetary Authority Warns of Fraudulent Website and Phishing Emails Linked to Public Bank (Hong Kong) Limited

Hong Kong Monetary Authority Warns Public About Fraudulent Websites and Phishing Messages Related to Mox Bank

Horne Data Breach Impacting an Unknown Number of Consumers

Hospital hacker extradited to U.S., facing charges for extortion and fraud

House Oversight Committee requests briefing on data breach that may have exposed billions of personal information records

How to prevent your email from being hacked

Is Your Social Security Number Exposed? How to Verify in the Latest National Data Breach

July 2024 sees significant increase in ransomware activity

Karakurt Ransomware Group Member Charged in Ohio

Karakurt Ransomware Group Suspect Appears in US Courtroom

Latvian Hacker Deniss Zolotarjovs Extradited to U.S. Over Karakurt Ties

Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group

Liverpool Fans Lose Big in Premier League Ticket Scams

Man charged for treason over DDoS attacks

McDonald’s Instagram Hack: Crypto Scammers Claim to Steal $700,000

Medibank’s Data Breach Costs Expected To Hit $126 Million By Mid-2025

Medibank’s Data Breach Nightmare: A $126 Million Price Tag and Counting

Meta says Iranian hacker group attempted to target Trump, Biden officials’ WhatsApp accounts

Missouri Attorney General to investigate widespread data breach

National hearing services provider hit by ransomware attack

New Android Malware used in phishing campaign

New Cheana Stealer Threat Targets VPN Users Across Multiple Operating Systems

New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data

New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads

New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data

New WithSecure report reveals signs of evening out in ransomware productivity

Oldham Council Confirms Third Party Systems Hit by Cyber-Attack

ParkTree Community Health Center Data Breach Leaks Sensitive Patient Information

PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads

Phishing attacks target mobile users via Progressive Web Applications (PWA)

Pool Your Cybersecurity Resources to Build the Perfect Security Ecosystem

Preparing for ransomware threats in 2025: What you need to know

Privacy Watchdog Files Complaints Against the European Parliament for Massive Data Breach

Progress made to restore Flint services after cyber attack

Qilin Caught Red-Handed Stealing Credentials in Google Chrome

Qilin ransomware group executes mass Chrome credential theft

Qilin ransomware group is now stealing credentials stored in Google Chrome

Qilin ransomware steals credentials stored in Google Chrome

Ransomware: What Is It, and How Can We Prevent It?

Ransomware attacks rise 20% in July, industrial sectors hit hardest

Ransomware attacks surged 20% in July global report reveals

Ransomware Group Everest Targeting Healthcare Sector

Ransomware Hits 110,000 Domains with Exposed AWS Access Keys Due to Cloud Misconfigurations

Ransomware Resiliency: How the Financial Services Sector Can Adopt Effective Defence Strategies to Defend Itself from Attackers

Recent Snowflake Data Breach Exposes Dangers of Third-Party Data Platforms: Your 5-Step Plan After Suffering a Data Breach

Russian arrested in Argentina for laundering money for hackers

Russian Karakurt Ransomware Group Member Charged For Laundered Ransom Payment

Russian laundering millions for Lazarus hackers arrested in Argentina

Scammers are increasingly using messaging and social media apps to attack

Survey data shows decline in ransomware attacks

T-Mobile fined $60M following data breach

Telegram CEO Pavel Durov arrested at French airport

Telegram founder Pavel Durov reportedly arrested in France

The changing dynamics of ransomware as law enforcement strikes

The hacker blame game isn't working anymore

The Silent Cyber War: How Threat Libraries Are Fighting Back

Threat Actor Claimed to Breach Database for Italian Delivery Service Yummy

Threat Actor Claims to Leak 700,000 User Records from Ecuador’s Concentración Deportiva de Pichincha

Top 5 ransomware groups and malware delivering ransomware in 2024

Toyota data breach: 240GB of customer data leaked online

US oil giant Halliburton confirms cyberattack behind systems shutdown

USDoD Hacker Behind $3 Billion SSN Leak Reveals Himself as Brazilian Citizen

Vulnerability prioritization is only the beginning

‘Was my Social Security number stolen?’ Answers to common questions on the National Public Data breach

WazirX claims multi-sig wallet manager Liminal compromised security resulting in cyber attack

WazirX Users to Access 66% of INR Balances Amid $230M Cyber Attack Aftermath

YouTube Launches AI Tool to Recover Hacked Accounts

22nd August

3 Cybersecurity Trends for 2025

8 vulnerabilities found in macOS operating system Microsoft apps

12GB Customer Data From toyyibPay is Allegedly For Sale

45% of tech leaders have experienced a SaaS cybersecurity incident

$55.47 Million In DAI Stolen After A Complex Phishing Attack: Who’s Safe In These Streets?

₦555m fine: Fidelity bank faults Nigerian Data Protection Commission’s data breach allegations

A survival guide for data privacy in the age of federal inaction

A Threat Actor Alleged Access Sale of Exchange Support Panel

Android malware used to steal ATM info from customers at three European banks

Android malware uses NFC to steal money at ATMs

Another multimillion-dollar crypto whale falls victim to phishing attack

As data breach costs reach their highest ever in 2024, what lies ahead?

Atlantic General Hospital Settles Data Breach Lawsuit for $2.25 Million

Backdoor in Mifare Smart Cards Could Open Doors Around the World

Bangladeshi Hackers Deface India’s Zee Media Website for Mocking Floods

Barracuda study shows healthcare sector most targeted by ransomware

BlackMeta Continues Claims of Targeting Saudi Arabia

British Library issues £400,000 tender as rebuild continues after 2023 cyber attack

Bromley GP blood tests cancelled after Synnovis attack

BVI Electricity Corporation (BVIEC) estimating bills after ransomware hack

CannonDesign reports data breach; over 13,000 clients affected

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

CISCO Requests Reconsideration of UN Convention Against Cybercrime

Company Fined $1m for Fake Joe Biden AI Calls

Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access

Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)

Crooks use progressive web apps for new phishing scam

Crypto Hacker Claims to Have Netted $700,000 by Hijacking McDonald’s Instagram Account

Cthulhu Stealer Malware Targets macOS With Deceptive Tactics

Cybersecurity Researchers Identify Common Misconfiguration with Oracle NetSuite SuiteCommerce Platform That May Result in Data Breaches

Cyberthreat report from Critical Start shows significant uptick in ransomware and data leaks

Dad hacks his way into jail by faking his own death to avoid paying child support

Digital rights NGO files complaints against European Parliament for data breach

Ecovacs says it will fix bugs that can be abused to spy on robot owners

Equiniti Trust Company Settles with SEC Over $6.6 Million Cybersecurity Failures

European Parliament aware of flaws that lead to massive data breach, says NOYB

European Parliament Faces Data Breach: NOYB Files Complaints with European Data Protection Supervisor (EDPS) Over GDPR Violations

European Parliament under scrutiny after data breach complaints

Evasive Memory-Only Malware PEAKLIGHT Uses Pirated Movies To Deliver Payloads

Examining the National Public Data Breach and Risks for Data Brokers

FBI Dismantles Radar/Dispossessor Ransomware Group’s Cybercrime Infrastructure

Federal Aviation Administration (FAA) Admits Gaps in Aircraft Cybersecurity Rules: New Regulation Proposed

Feds charge alleged negotiator for Russian ransomware group

Fidelity Bank Data Breach: Nigerian Bank Denies Allegations, Contests ₦555.8 Million Fine

Fidelity Bank denies data breach allegations, rejects ₦555.8 million fine

Fidelity Bank denies NDPC's data breach allegation after ₦555.8m fine

FlightAware Confirmed Data Breach Happened Due To Configuration Error

Florida's health department offering credit monitoring after data breach

Fur Affinity Website Hacked in DNS Hijacking Attack

GenAI models are easily compromised

GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges

Global Ransomware Attacks, Demands and Payments Rose in Second Quarter According to Corvus Insurance Cyber Threat Report

Google Cloud leak linked to Shark Tank contestant exposes 83,000

Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild

Hacker dad who faked death to avoid child support sentenced to prison

Hacker faces 81-month prison sentence for faking his death to avoid child support payments

Hacker leaks upcoming episodes of Netflix shows online following security breach

Hacker Phishes off $55 Million In DAI from Crypto Whale

Hacker Uses McDonald’s Instagram to Steal $700K in Memecoin Rugpull

Hackers are exploiting critical bug in LiteSpeed Cache plugin

Hackers target online shoppers in new Adobe e-commerce malware campaign

Halliburton hit by cyberattack disrupting operations

Halliburton probes 'an issue' disrupting business operations

Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk

Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide

Healthcare Ransomware Incidents Increase in 2024

Hong Kong Monetary Authority (HKMA) Issues Warning on Fraudulent Websites and Phishing Messages Related to Hang Seng Bank

Hong Kong Monetary Authority (HKMA) Issues Warning on Phishing Instant Messages Related to HSBC

Hong Kong Monetary Authority (HKMA) Warns Public About Phishing Scams Targeting Bank Customers in Hong Kong

How to find out if your Social Security number was exposed in the massive data breach

Industrial Sector Prime Target of Ransomware Attacks in Q2

Innovative Phishing Campaign Targets Mobile Users with PWAs

Iran-Israel Cyber Attack Intensifies Amid Regional Conflict

Kremlin blames widespread website disruptions on DDoS attack; digital experts disagree

Local experts offer advice in wake of massive National Public Data (NPD) data breach

Low Media Literacy: A Risk to Australia’s Cybersecurity Landscape

Malvertising Campaign Targets Slack in Google Search Engine

Manufacturing is the most targeted sector by cyber criminals

Manufacturing Remains Atop Cyberattack Leader Board

Massive Data Breach Exposes Personal Information of Billions

McDonald's hack unveiled as $700M Grimace meme coin crypto stunt

McDonald’s Hacker Boasts $700k Solana Profit from Memecoin Shilling

Medibank's data breach costs anticipated to reach $126m by mid-2025

Missouri Attorney General launches probe over widespread data breach

Most ransomware attacks occur between 1 a.m. and 5 a.m.

National Public Data Breach May Be Packed With Incorrect and Duplicate Information

New 'ALBeast' Vulnerability Exposes Weakness in AWS Application Load Balancer

New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)

New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining

New method for phishing discovered for Android and IPhone users

New NGate Android malware uses NFC chip to steal credit card data

New phishing scheme has appeared on Android and iOS

New York class action claims firm says data breach impacted about 140,000 individuals

NGate Android malware relays NFC traffic to steal cash

Nigeria: Fidelity Bank Opens Discussions With Federal Government After ₦555m Data Breach Fine

No honour among ransomware thieves: affiliates' trust craters after takedown

Novel Android Malware Steals Card NFC Data For ATM Withdrawals

NOYB files complaints against EU Parliament over data breach impacting employee privacy

Oil industry giant Halliburton confirms 'issue' following reported cyberattack

Oil Services Giant Halliburton Disrupted by Hack Attack

Oregon Zoo says hackers stole payment card information of approximately 118k visitors

Over 3400 High and Critical Cyber Alerts Recorded in First Half of 2024

Patelco Credit Union ransomware attack jeopardized sensitive information

Phishing Attack Stole $55 Million From Whale

Phishing Attacks: Google Drawings And WhatsApp Scam Alert

Phishing Campaign Imitates Banking Apps

Privacy group fights European Parliament over ‘massive’ HR data breach

Q2’24 marks second highest quarter for ransomware attacks, says Corvus

Qilin ransomware now steals credentials from Chrome browsers

Quarter of manufacturers only have basic cybersecurity plans

Ransomware attacks declining, but evolving in government, survey shows

Ransomware attacks jump 16% in Q2

Ransomware batters critical industries, but takedowns hint at relief

Ransomware demands: to pay or not to pay?

Ransomware Demands Averaged $1.6 Million in Second Quarter, a New Report Says

Ransomware down in June, July Year-on-Year

Ransomware productivity shows signs of leveling off

Securities and Exchange Commission (SEC) fines financial services firm for losing client money in two unrelated cyberattacks

Security flaws in Dahua cameras being actively exploited, CISA warns

Security Flaws in UK Political Party Donation Platforms Exposed

Services at oil giant Halliburton disrupted by suspected ransomware attack

Solana-Based Memecoin Rug Pulled By McDonald’s Hacker, Market Cap Plummets 98%

SolarWinds fixes hardcoded credentials flaw in Web Help Desk

South Africa: All operations restored at National Health Laboratory Service (NHLS), following cyber attack

South Africa: National health lab now fully operational after cyber attack

Strengthening Cybersecurity in India’s Power Sector: New Regulations Proposed by the Central Electricity Authority

Telecom company hit with $1 million penalty over AI-generated fake Biden robocalls

Telecom fined $1 million for transmitting Biden deepfake with spoofed Caller ID

The Facts About Continuous Penetration Testing and Why It's Important

The Golden Age of Impersonation: The Dual Role of AI in Cyber Attacks & Cyber Defense

The massive Social Security number breach is actually a good thing

Thousands of Oregon Zoo visitors at risk after data breach

Threat Actor Claims to Have 80TB of Sensitive Data From Israel and Selling Access

Top US oilfield firm Halliburton hit by cyber attack

Toyota Confirms Exposure of Customer and Employee Data in Data Breach

U.S. charges Karakurt extortion gang’s “cold case” negotiator

Understanding the ‘Morphology’ of Ransomware: A Deeper Dive

US charges alleged member of Russian Karakurt ransomware group

US Microchip Giant Hit by Cyberattack, Disrupting Operations

US oil giant Halliburton suffers network cyber attack

US Oilfield Firm Halliburton Hit By Cyberattack

Whale Loses $55.47M DAI In Phishing Attack: A Cautionary Tale

What is grimace memecoin and how did it hack McDonald's?

Why C-suite leaders are prime cyber targets

World’s largest Oilfield Services Firm Halliburton Allegedly Hit by Cyberattack

21st August

7 Vital Steps to Defend Backups from Ransomware Vulnerabilities

$55 million DAI gone in a click, crypto whale loses fortune to phishing scam

$55 Million in DAI Stolen From This Crypto Whale via Phishing Attack

A Threat Actor Claims Breach of Indonesian Ministry of Transportation Database

A Threat Actor Claims Breach of LAPOR Database

AI usage heightens risk of cyber event aggregation

ALBeast: Misconfiguration Flaw Exposes 15,000 AWS Load Balancers to Risk

Almost a quarter of internet users may experience cyberstalking by 2025

Android and iOS users targeted with novel banking app phishing campaign

Arete Releases H1 2024 Crimeware Report with Ransomware and Extortion Trends and Shifts in the Cyber Threat Landscape

As Ransomware Attacks Rise, Malwarebytes Urges MSSP, MSP Action

Australia: Melbourne-based Regent Caravans confirms RansomHub attack

Australia Calls Off Clearview AI Investigation Despite Lack of Compliance

Authentication bypass discovered in Microsoft Entra ID

Average DDoS attack costs $6,000 per minute

AvosLocker ransomware attack against CannonDesign confirmed

Backdoor in RFID Cards for Offices, Hotels Can Lead to Instant Cloning

Barracuda exposes advanced phishing attacks using infostealer malware

Black Basta Ransomware Attack Cost Printed Circuit Board Assembly (PCBA) Manufacturer Keytronic Over $17 Million

BlackMeta Allegedly Targeted Arab National Bank

Blind Eagle attacks target Latin America with RATs

British Library reveals £400,000 plan to rebuild after "catastrophic" ransomware attack

CannonDesign Hit by Data Breach: Client and Employee Information Compromised

CERT-UA Warns of New Vermin-Linked Phishing Attacks with Prisoners of War (PoW) Bait

Change Healthcare Data Breach: What to Know for Your Social Security Number and More

Chipmaker Microchip Hit by Cyber Attack, Operations Impacted

Chipmaker Microchip reveals cyber attack whacked manufacturing capacity

Chipmaker Microchip Technology confirms cyberattack which hit operations

City of Columbus yet to recover from ransomware attack that disrupted IT systems

Critical LiteSpeed Cache Plugin Flaw Exposes WordPress Sites

Crypto phishing attack drains $55M from whale’s wallet

Crypto whale loses $55 million in DAI stablecoin to phishing attack

Crypto Whale Loses $55 Million in Shocking Phishing Attack - Find Out How It Happened

Crypto trader loses $55M in DAI to phishing attack using Inferno Drainer kit

Cyber attack stunts US chipmaker’s manufacturing capabilities

Cyberattack cripples operations of chip manufacturer Microchip Technology

Cybercriminals Unleash Styx Stealer Malware Which Threatens to Steal Data from Millions

Cybercriminals use sensitive data to extort money from wealthy companies

DAI whale loses $55 million in a phishing attack

Dental Specialists Data Breach Affects an Estimated 38,442 People

Doubleface Allegedly Targeted Telecommunications Infrastructure in Berlin

Education Firm Toaping Database Allegedly Breached

Federal Aviation Administration (FAA) proposes new cybersecurity rules for airplanes

Fidelity Bank Fined N555.8m By National Data Protection Commission (NDPC) For Data Breach

Financial firm fined $850k for violating Securities and Exchange Commission (SEC) cyber rules

Five ways to avoid a ransomware attack

FlightAware says misconfigured server exposed customers' sensitive personal data

FlightAware Suffers Possible Exposure Of Social Security Numbers After Data Breach

Florida Department of Health confirms medical history leaked in breach

Florida Department Of Health Notifies Individuals Affected By Data Breach

Florida-based National Public Data confirms massive data breach. What to do if your info was stolen

From Offices to Hotels: Backdoor in Contactless Key Cards Enables Mass Cloning

GitHub Enterprise Server vulnerable to critical auth bypass flaw

GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk

Google fixes ninth Chrome zero-day exploited in attacks this year

Hacker Steals $55 Million In DAI Tokens Via Phishing Attack

Hacker tried to dodge child support by breaking into registry to fake his death, prosecutors say

Hacker who faked his death to avoid child support sentenced to prison

Hackers May Have Stolen Your Social Security Number

Hackers steal banking credentials from iOS, Android users via PWA apps

Healthcare Hit by a Fifth of Ransomware Incidents

HHS alerts health sector to cyberthreat from Everest ransomware group

Hong Kong Monetary Authority (HKMA) Warns Public About Fraudulent Websites and Phishing Messages Linked to Bank of China (Hong Kong)

Hong Kong Monetary Authority (HKMA) Warns Public About Fraudulent Websites and Phishing Messages Targeting Bank Customers

How to freeze your credit after a data breach

How to see if your Social Security number was included in latest data breach

Huge Social Security data breach: find out if your SSN was afected

Iranian cyberespionage group deploys new BlackSmith malware in sophisticated spear-phishing campaign

Kentucky Man Sentenced for Faking His Own Death By Hacking Into Government Sites

Litespeed Cache bug exposes millions of WordPress sites to takeover attacks

Malicious actors are imitating tech companies

Man sentenced for hacking state registry to fake his own death

Manual techniques are fuelling ransomware attacks

Massive $55M Loss: How a Simple Click Cost a Crypto Whale Everything!

Massive $55.47M DAI Hacked: Crypto Whale Falls Victim to Phishing Attack

Massive data breach: a wake-up call for enhanced cybersecurity measures

McDonald’s Instagram Compromised, Hacker Promotes Solana Meme Coin

McLaren Health Care Anticipates September Recovery From Ransomware Attack

Microchip suffers cyberattack, impacting manufacturing operations

Microchip Technology discloses cyber attack, business delays

Microchip Technology Faces Major Cyberattack, Impacting Production

Microchip Technology manufacturing facilities impacted by cyberattack

Microchip Technology Says IT Incident Impacted Operations

Microchip Technology says operations disrupted by cyberattack

Microchip Technology’s production affected by ransomware attack

Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data

More than 3 in 4 Tech Leaders Worry About SaaS Security Threats, New Survey Reveals

Moscow detains scientist suspected of carrying out DDoS attacks on Russia

Most Ransomware Attacks Now Happen at Night

National Public Data Breach Lawsuit Filed After Hackers Claim To Have Social Security Numbers of Nearly Every American

National Public Data breach update: Lawsuits pile up against Florida-based background check company after ‘security incident’

National Public Data Cyber Attack: Massive Data Breach Exposed Countless Social Security Numbers and Personal Info

National Public Data Confirms Massive Data Breach

National Public Data cyber attack impacted over 1.3 million individuals

New Banking Phishing Campaign Targets Mobile Users in Czechia, Hungary, and Georgia

New banking-targeted phishing scheme involves progressive web apps

New macOS Malware TodoSwift Linked to North Korean Hacking Groups

New MoonPeak RAT Linked to North Korean Threat Group UAT-5394

New PG_MEM Malware Targets PostgreSQL Databases to Mine Cryptocurrency

Nigeria: Data breach - Federal Government heaps fines on Fidelity bank

Nigeria: Data Breach - National Data Protection Commission (NDPC) Slams ₦555.8m Fine on Fidelity Bank

Nigeria: Federal Government Fines Fidelity Bank ₦555.8m For Data Breach

Nigeria: National Data Protection Commission (NDPC) Fines Fidelity Bank ₦555.8m for Customer Data Breach

Nigeria: National Data Protection Commission (NDPC) Fines Fidelity Bank ₦555.8 Million For Data Breach

Nigeria: National Data Protection Commission (NDPC) imposes ₦555.8m fine on Fidelity Bank for data breach

Nigeria ranks 19th in global cyber-attack index

Nigerian bank slammed with ₦555.8m fine for data breach

Nigerian Government Fines Fidelity Bank ₦555.8m for data breach

North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign

North Korean Hackers Observed Deploying New ‘MoonPeak’ Malware Infrastructure

NUMOZYLOD Malware Distributed Through Popular Searches

Oil giant Halliburton reportedly hit by cloud-based cyberattack

One of the Millions Impacted in the USDoD Social Security Data Breach? Here’s What to Do Next

Oregon Zoo data breach impacts nearly 118K visitors from multiple states

Oregon Zoo warns online ticket purchasers after data breach

Oregon Zoo Warns Over 100,000 Customers of Payment Card Compromise

Patelco Credit Union admits personal information of customers and employees was exposed in ransomware attack in June

Patelco Credit Union says personal information of customers, employees exposed in June data breach

Pocahontas Medical Clinic announces data breach following cyberattack

PostgreSQL databases under attack

‘Pro-Palestine’ hacking group banned on X as US criticizes Iran over cyberattacks

Pro-Russia group Vermin targets Ukraine with a new malware family

Q2 2024 Threat Landscape Report: Threat Actors Do Their Homework, Ransomware and Cloud Risks Accelerate

QBE highlights growing cyber risks in financial services sector

Ransomware Again on Track to Achieve Record-Breaking Profits

Ransomware gangs are rolling in cash, with hackers taking home $459.8 million in the first half of 2024 alone

Researchers Uncover Backdoor in Millions of Chinese RFID Smart Cards

SEBI’s Cybersecurity Shield: A New Line of Defense for Indian Finance

Security leaders discuss the National Public Data breach

Shocking Phishing Attack Drains $55M from Web3 User

Social security numbers exposed in National Public Data breach

South Africa: National Health Laboratory Services restored after cyber attack

Steps you need to take during a data breach

Styx Stealer Creator's OPSEC Fail Leaks Client List and Profit Details

TA453 Hackers Using Fake podcast To Deliver New BlackSmith Malware Toolkit

Top architectural firm reveals it was hit by major ransomware attack

Top US oilfield firm Halliburton hit by cyberattack, source says

Toyota Confirms Data Breach; 240GB Of Sensitive Information Stolen By Hacker Group

Toyota confirms data breach as threat actor leaks 240GB of sensitive information

Toyota Data Breach: Hacker Group Steals 240GB of Sensitive Information From US Branch of Japanese Car Maker

Toyota’s Sensitive 240 GB Data Exposed by Third-Party Breach

Tycoon 2FA Phishing Kit: What You Need to Know about the Highly Active Threat

USA accuses Iran of hacker attacks

Whale Duped for $55M DAI in Phishing Attack

Whale loses over $55m in DAI stablecoin to phishing attack

What Is Access Control and Why Do Cyber Essentials and ISO 27001 Require It?

What New Yorkers should do after the recent Social Security number data breach

20th August

0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193)

2.7 billion records leaked in massive US data breach

2.9 Billion Records Exposed in National Public Data (NPD) Breach: How to Stay Safe

7 Crucial Actions Consumers Should Take After A Data Breach

36% of global internet traffic originated from bots

47% of US firms suffered data breach resulting in severe financial loss

A significant data breach that occurred last week at National Public Data

Abnormal Security sees 350% uptick in phishing via file-sharing sites

Advanced infostealer malware featured on a new phishing campaign

Al-Anon member details and chats exposed in data breach

Alabama Cardiovascular Group suffers healthcare data breach

Alleged Data Breach Exposes Over 5 Million Records from Lookiero

Almost 77K compromised in Carespring breach

Ambulnz Holdings reports data breach impacting patients from major health systems

Android & iOS Users Targeted with New Phishing Attack Using PWAs & WebAPKs

Another lawsuit piles on Columbus over ransomware attack and leak

Be careful what you pwish for – Phishing in Progressive Web Application (PWA) applications

Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America

‘BlindEagle’ Sends Phishing Emails Impersonating Government and Banks in Latin America

Breaking Free from Ransomware: Securing Your CI/CD Against Ransomware-as-a-service (RaaS)

BVI Electricity Corporation (BVIEC) suffers cyber attack

CannonDesign confirms Avos Locker ransomware data breach

Check If You Were Affected By The Massive Data Breach, And What To Do About It

CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks

Columbus Ransomware Fallout, Over 500,000 Residents' Data Exposed as City Grapples with Cybersecurity Crisis

Consilium Staffing Files Official Notice of Data Breach Affecting an Unknown Number of Consumers

Cost of a data breach: The industrial sector

Critical Jenkins Flaw Exploited in Ransomware Attacks

Critical Remote Code Execution Vulnerability Addressed in GiveWP Plugin

Cyber attack hits three councils in Greater Manchester

Cybercrime analytics company releases update regarding massive PII data breach

Cybercrime Goes Corporate As Ransomware Gangs Seek Bigger Payouts

Cybercriminals exploit file sharing services to advance phishing attacks

Czech Mobile Users Targeted in New Banking Credential Theft Scheme

Data for sale: 75% of US House members exposed by people search sites

Enroll Confidently Notifies Consumers of February 2024 Data Breach

Extensive National Public Data (NPD) Data Breach Could Be Worse Than Expected After Passwords Published

FBI seizes the Dispossessor ransomware operation

Flight Aware admits to leaking sensitive user data for years

FlightAware data breach exposed sensitive user information, including social security numbers

FOG Ransomware Targets Higher Education

GreenCharlie Infrastructure Targeting US Political Entities with Advanced Phishing and Malware

Hacker locks Unicoin staff out of Google accounts for 4 days

Hackers are flocking to a new SMS spam tool – ‘Xeon Sender’ exploits cloud APIs and exposed credentials to supercharge phishing campaigns

Hackers Could Exploit Microsoft Teams on macOS to Steal Data

Hackers deployed new malware against university in Taiwan

Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor

Hackers target bank clients in Czechia, Hungary and Georgia in novel phishing campaign

Hackers use PHP exploit to backdoor Windows systems with new malware

Hong Kong Monetary Authority (HKMA) Issues Alert on Fraudulent HSBC Websites and Phishing Messages

Hong Kong Monetary Authority (HKMA) Issues Alert on Fraudulent Social Media Account and Phishing Messages

Iran behind cyber attack on Trump campaign

Iran behind cyber-attack on Trump’s campaign emails, attempted accessing Harris’ electioneering: U.S Intelligence

Iran Behind Trump Campaign Hack, US Government Confirms

Iran behind Trump campaign hack, US intelligence says

Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware

Iranian Group TA453 Launches Phishing Attacks with BlackSmith

Iranian hackers targeted Jewish figure with malware attached to podcast invite, researchers say

Jewish Home Lifecare cyber attack compromised more than 100,000 patients' data

Jewish Home Lifecare Notifies 100,000 Victims of Ransomware Breach

July 2024 Healthcare Data Breach Report

Kaspersky outlines major cybersecurity challenges for 2024

Kursk offensive’s Prisoners of War (POW) images used in cyberattack

Macs in danger due to vulnerabilities in Microsoft Office apps

Major Flaw in Microsoft Mac Apps Could Let Hackers Spy Through Mic and Camera

Malwarebytes Releases "ThreatDown 2024 State of Ransomware" Report Highlighting Surge in Malicious Activity Across the USA (63% increase) and UK (67% increase)

Man who hacked Hawaii state registry to forge his own death certificate sentenced to 81 months

Massive data breach exposes millions of social security numbers

Massive Unicoin Cyberattack: A Four-Day Lockout and Its Aftermath

McLaren Health Care confirms ransomware attack disrupting services across Michigan

Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds

National Public Data Breach: Only 134 Million Unique Emails Leaked and Company Acknowledges Incident

National Public Data (NPD) Confirms Data Breach Of 1.3 Million People

National Public Data cyber attack impacted over 1.3 million individuals

New APT Group BlindEagle Attacking Multiple Organizations Via Weaponized Emails

New DNS-Based Backdoor Threat Discovered at Taiwanese University

New Phishing Attacks Target Eastern European Bank Users on iOS and Android

New phishing method targets Android and iPhone users

Novel Phishing Method Used in Android/iOS Financial Fraud Campaigns

Oregon Zoo warns visitors their credit card details were stolen

Organizations turn to biometrics to counter deepfakes

Over 100,000 Oregon Zoo visitors’ credit card information compromised in data breach

Palomar Health group data breach stopped; investigation ongoing

Phishing links becoming bigger threat than email attachments

Police, firefighter union members file suit against Columbus following data breach

Post-Compromise Security: What to do When the Hackers Get in

Prominent Jewish rabbi targeted by Iranian phishers masquerading as podcasters

RansomHub threat actors observed using EDR-killing tool

Ransomware attacks rise over 60 percent

Ransomware attacks surge over 60% in UK and US

Ransomware on track for record profits, even as fewer victims pay

Ransomware Payments Rake in £353.24 Million in H1 2024

Ransomware payments rose from $449.1 million to $459.8 million

Ransomware Victims Paid $460 Million in First Half of 2024

Ransomware’s Record Year: 2024 Earnings Soar Amid Overall Cybercrime Dip

Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters

SpaceX and New Jersey Government Allegedly Breached by Moroccan Threat Actors

Strategies for security leaders: Building a positive cybersecurity culture

‘Styx Stealer’ malware developer accidentally exposes personal info to researchers in ‘critical opsec error’

Supply Chain Attacks Becoming a Near-Daily Occurrence

Survey Surfaces Widespread Mishandling of Sensitive Data

Swiss engineering firm Schlatter says IT systems back up after cyberattack

Swiss manufacturer Schlatter Industries recovered from cyber attack after 10 days

Thales 2024 Critical Infrastructure report reveals a rise in ransomware and a lack of readiness

The Steep Cost of Neglecting Cybersecurity Training

Thirty-nine state Attorney Generals (AGs) now support Live Nation-Ticketmaster lawsuit

Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information

Threat Actor Allegedly Breaches UK Company Bar2, Offers Data for Sale

Threat Actor Claims Breach of Siam Cement Group Database

Three-Quarters of Companies Retain An Increasing Amount of Sensitive Data, Report Finds

TodoSwift Malware Targets macOS, Disguised as Bitcoin PDF App

Toyota admits 240GB data breach

Toyota confirms breach after hacker exposes 240GB data; read the company’s message

Toyota confirms data breach after info leaked on cybercrime forum

Toyota confirms data breach as threat actors claim 240GB exfiltrated and published

Toyota Confirms Recent Data Breach; Investigation Ongoing

Toyota Customer, Employee Data Leaks in Confirmed Data Breach

Toyota data breach confirmed following ZeroSevenGroup leak

Toyota data breach leaks 240GB of sensitive data

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

Toyota Suffers Data Breach, Stolen Information Leaks on Dark Web for Free

Tracing the destructive path of ransomware's evolution

Trump lawyer revealed as Iran hacking target after feds warn of phishing

U.S. says Iran cyber operations targeted Trump, Harris campaigns

US agencies attribute presidential campaign cyberattacks to Iran

US government accuses Iran of Trump campaign hack; Iran scoffs

US intelligence exposes Iran's role in Trump campaign cyber attack

US warns of Iranian hackers escalating influence operations

Verifying the National Public Data Breach: The Largest Social Security Number Exposure in History

Vermin Cyber-Attacks Target Ukraine, Exploiting Kursk Battle

Vulnerabilities in Microsoft macOS apps may give attackers access to microphone, camera

Your personal info, Social Security number may be stolen. Here's what to know and what to do

19th August

0.0.0.0 Day: 18-Year-Old Browser Flaw Affects Linux and macOS

1LINK Dispels Rumors of Cyber Attack on ATMs & Online Banking Services in Pakistan

1.3 Million Client Data From Carehands Allegedly Leaked

3AM ransomware group leaks 22GB of data stolen from Kootenai Health

72% of cybersecurity leaders faced a cyberattack in last 18 months

83% of Companies Hit by Ransomware, Many Paying Multiple Ransoms

Akeela Under Investigation for Data Breach of 280,000 Patient Records

Another Data Breach, More Credit Monitoring. There’s A Better Solution

ANZ warns ‘we don’t use links’ as another text message phishing scam spreads

AT&T wireless’ data breach: A wake-up call for strengthening cloud security and trust

ATM Cyber Attack in Pakistan: Latest Updates

Attackers Use Xeon Sender Tool to Launch SMS Phishing, Spam Campaigns

Australian regulator takes down more than 7,300 phishing and investment scam websites

AutoCanada investigating attempted cyber attack that disrupted some systems

Beng Kuang Marine reports ‘cybersecurity incident’ after external vendor suffers ransomware attack

Carespring Healthcare Management Data Breach

Chainalysis Reports a 20% Decline in Illicit Crypto Activity, But Stolen Funds and Ransomware Surge

CISA warns of Jenkins RCE bug exploited in ransomware attacks

City of Flint Scrambling to Restore Services Following Ransomware Attack

Clearwater firm KnowBe4 accidentally hires North Korean hacker

Columbus officials warn victims, witnesses after ransomware leak of prosecutor files

Columbus ransomware attack: What’s still unknown one month after the data breach

Common API security issues: From exposed secrets to unauthorized access

Companies aren’t as resilient against cyber risks as they think

Computer engineer hacks own employer, demands $750K ransom

Crypto Crime Trends in 2024: Surging Theft, Ransomware, and Bitcoin’s Growing Role

Cyber-attack on Monobank is still ongoing - Ukrainian intelligence services offered to help

Cyber insurance claims are declining as firms take ransomware recovery into their own hands

Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware

Cybercriminals siphon credit card numbers from Oregon Zoo website

Cybersecurity expert urges consumers to take precautions after massive data breach

Data Breach Exposes Personal Information For Millions

Database misconfiguration exposes over half of Chilean population’s data

Dodging the Cyber Bullet: Early Signs of a Ransomware Attack

Enzo Biochem fined $4.5 million for data breach that affected over 2.4 million patients

Extortion Group Exploits Cloud Misconfigurations, Targets 110,000 Domains

FBI and CISA Assure Public on Election Ransomware Security

Five novel email phishing attacks – and what to do about them

FlightAware configuration error leaked user data for years

FlightAware warns that some customers’ info has been ‘exposed,’ including Social Security numbers

Flint city services disrupted by ransomware attack

Government Sector Hit Hard By Ransomware Attacks According to New Report

GTBank’s cyber attack: A wake-up call for Nigerian banks amid recapitalisation efforts

Hackers are targeting Tory leadership hopefuls with ‘phishing’ scams warning they have been compromised by Russia

Hackers Exploit Email URL Rewriting to Insert Phishing Links

Hackers linked to $14M Holograph crypto heist arrested in Italy

Here’s how to find out if your Social Security number was included in last week’s massive data breach

Hong Kong Monetary Authority (HKMA) Issues Alert on Fraudulent Website and Phishing Emails Targeting Dah Sing Bank

How to Freeze Your Credit After Massive Data Breach

If your Social Security Number (SSN) was leaked online, you should freeze your credit: Here's how to do that

Iran hacked Trump campaign, US intelligence confirms

Is your Social Security Number (SSN) in the National Public Data Breach? Here's How to Find Out

Kaspersky estimates 21% of phishing emails are generated by AI

Lawsuit Accuses CDK Global of Failing to Prevent Bitcoin Ransomware Attack

Los Angeles Courts Owe Public Full Accounting After July Ransomware Attack

Massive Cyber Attack On AWS Targets 230 Million Unique Cloud Environments

Massive Data Breach Compromises Personal Information For Billions

Massive Data Breach Exposes Millions Of Social Security Numbers

Massive infostealer campaign exploits legitimate brands

Massive National Public Data Breach Exposes 2.9 Billion Records, Risks SSNs

McLaren confirms it was hit with ransomware; disruptions to last until September

Microsoft Apps for macOS Exposed to Library Injection Attacks

Microsoft Patches Zero-Day Flaw Exploited by North Korea's Lazarus Group

Microsoft Zero-Day CVE-2024-38193 was exploited by North Korea-linked Lazarus APT

National Data Breach Exposes Millions of Social Security Numbers

National Public Data admits major data breach of personal information

National Public Data breach publishes private data of 2.9 Billion US citizens

National Public Data Breach Spotlights Need for Stronger Identification Methods

National Public Data (NPD) data breach leaks millions of SSNs

National Public Data finally confirms it was hit by data breach - and that millions of users are at risk

National Public Data Says Breach Impacts 1.3 Million People

National Public Data says data leak impacted millions of individuals

National Public Data starts notifying victims after billions impacted by data breach

New ‘Mad Liberator’ Ransomware Gang Targets AnyDesk Users via Fake Windows Updates

New Tool Xeon Sender Enables Large-Scale SMS Spam Attacks

New UULoader Malware Distributes Gh0st RAT and Mimikatz in East Asia

Overall Crypto Crime Declines, but Stolen Funds and Ransomware Surge

Pakistan: 1LINK denies reports of cyber attack on ATMs

Pakistan: Reports of cyberattack on ATMs untrue, says 1LINK

Plaintext passwords may have struck again

Pocahontas Medical Clinic Announces Data Breach Stemming from May 2024 Cyberattack

RansomHub-linked EDR-killing malware spotted in the wild

Ransomware attack disrupts City of Flint's phone lines and payment systems

Ransomware Attacks Drop as Global Law Enforcement Clamps Down

Ransomware Gangs Introduce New EDR-Killing Tool

Ransomware Hits 110,000 Domains with Exposed AWS Access Keys Due to Cloud Misconfigurations

Ransomware rakes in record-breaking $450 million in first half of 2024

Ransomware Resilience Drives Down Cyber Insurance Claims

Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group

Rödl Management reports data breach impacting Jamestown, LP, and JT Tax Services clients

Russia-linked Vermin hackers target Ukraine with new malware strain

Russian hackers under the spotlight: 4000 malicious domains, IPs revealed

siParadigm Files Official Notice of Data Breach with U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR)

Social Security data breach: Should you freeze your credit right now? What to expect after 2.7 billion records lost

Social Security number data breach: What you need to know

Stolen, locked payment cards can be used with digital wallet apps

Sweeping data breach admitted by National Public Data

Thales Report Reveals Critical Infrastructure Breaches in Australia

The Cost of a Data Breach in 2024

The evolving threat landscape: Staying ahead of phishing attack trends

The Mad Liberator ransomware group uses social-engineering techniques

The New Jewish Home Notifies 104k People of Data Breach

Threat Actor Allegedly Selling Network Access to an US Transportation and Logistics Company

Threat Actor Claims Ransomware Attack on Glaze Trading India, Allegedly Stealing 12TB of Data

To improve your cybersecurity posture, focus on the data

Toyota confirms breach after stolen data leaks on hacking forum

TOYOTA Data Breach – Hackers Group Leaked 240 GB of Data Online

UConn Health data breach exposes sensitive consumer information

Ukrainian bank's service for military donations targeted by ‘massive’ DDoS attack

Unicoin Staff Locked Out of G-Suite in Mystery Attack

Unmasking the Sophisticated: How AI-Powered Defenses Thwart Advanced Phishing Attacks

US E-Commerce Firm Strong Current Enterprises Allegedly Breached

Vulnerabilities in Microsoft’s macOS apps could help hackers access microphones and cameras

WazirX claims multi-sig wallet manager Liminal compromised security resulting in cyber attack

WazirX Data Breach Update: Liminal Custody Hits Back at Nischal Shetty-Run Crypto Exchange After It Claimed Cyberattack Originated There

Wayne Memorial Hospital Experiences Data Breach Following Apparent Cyberattack

What is QR Code Phishing? (Quishing) - Attack & Prevention Guide in 2024

Wichita airport still without Wi-Fi months after cyber attack. When will it be restored?

Windows driver zero-day exploited by Lazarus hackers to install rootkit

Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks