Editor's Message

Welcome to DBD. 2024 was a tough year for me personally, and I'd like to thank every one of you who has supported me - you have been my light in times of darkness. 2024 saw the highest number of ransomware attacks on record, and there's no sign of these attacks slowing down as we head into the new year. Ransomware is a BIG problem that is NOT going away anytime soon, and this year could be just as catastrophic, if not worse, as cyber criminals continue to extort their victims with very little chance of being brought to justice. Wishing you all the very best for 2025. Stay safe. :)


“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC



Monday, 16 December 2024

Data Breaches Digest - Week 51 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 16th December and 22nd December 2024.


22nd December

Alleged Data Breach at Alexandria University Exposes Sensitive Information

Alleged Data Breach at Nirjai.com Exposes 13,000 Records

Alleged Data Breach Exposes 19,950 Student Records

Alleged Data Breach Exposes Russian Pensioners’ Information from 2021

Alleged Data Breach Exposes Worldwide Domain Database

Bangladesh: Those involved in National Identity Card (NID) data breach can’t escape, says director general

Data breach may impact thousands of Monument Health patients

Duke Energy Reports Data Breach Potentially Impacting Over 8 Million Customers

New PaaS Platform “FlowerStorm” Attacking Microsoft 365 Users

North Korean hackers stole $1.3 billion worth of crypto this year

Patricia reportedly begins customer repayment plan after 2023 cyber attack

Santee offering few details about cyber attack or contract to recover data

Synology patches critical vulnerabilities, urges users to update devices against zero-click attacks

Two arrested for posing as Delhi Jal Board officials, running phishing scam

U.S. Charges Developer Of LockBit For Billions In Ransomware Damages

US charged Dual Russian and Israeli National as LockBit Ransomware developer

US charges developer of LockBit ransomware group

US charges person tied to Lockbit ransomware group

21st December

Alleged Compromise of Managed Service Provider (MSP) Access in the U.S.

Alleged Dark Engine Leak Exposes Sensitive Phone Data in the U.S.

Alleged Data Breach at Japanese Mining Company Raises Industrial Security Concerns

Alleged Data Breach at Moneytor.in Exposes 1.4 Million Records

Alleged Data Breach at Randys-Transmissions.com Exposes Customer Information

Ascension Health Hacked – Ransomware Attack Compromised 5.6 Million Patients Data

Authorities Arrested LockBit Ransomware Developer & Team Core Member

Bitfinex Hacker Speaks Out After Sentencing, Urges Public Not to Blame His Wife

Cyber attack costing six-figure sum, Hackney Council says

Digital Collapse: Expert Explains What a Large-Scale Cyber Attack on State Registers Will Mean for Ukraine

Douglas County Data Breach

Fake parcel delivery texts are the fastest-growing phishing scam this holiday season – here’s how to avoid them

Fraud or Fallacy? Is Meezan Bank Covering Up a Data Breach?

Global Pursuit: Unraveling the Lockbit Ransomware Network

India’s Rapido fixes data breach exposing user, driver info

Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices

LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages

New FlowerStorm Microsoft phishing service fills void left by Rockstar2FA

Ransomware Developer Behind LockBit Attacks Charged in U.S.

Ransomware gangs’ merciless attacks bleed small companies dry

Records of Nearly 1,000,000 Americans Exposed As Massive Data Breach Reveals Names, Phone Numbers, Medical Conditions, Social Security Numbers and More

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks

U.S. charges Russian-Israeli dual national tied to Lockbit ransomware group

Unmasking the Lockbit Cyber Menace: International Crackdown on Ransomware Architect

US hospital operator Ascension says 5.6 million affected in medical data breach in May

US waits for extradition of Russian-Israeli national as part of LockBit Ransomware arrests

20th December

5.6 Million people exposed in Ascension Health ransomware incident earlier this year

46% of financial institutions had a data breach in the past 24 months

120,000 Bitcoin Theft: Bitfinex Hacker Refutes Netflix Documentary’s Story

A Sysadmin’s Holiday Checklist: Keep Your Company Safe This Festive Season

AI is becoming the weapon of choice for cybercriminals

Alleged Dark Engine Leak Exposes Sensitive Phone Data in the U.S.

Alleged Data Breach at Codo.ma.gov Exposes Governmental Data

Alleged Data Breach at Modia’s Magento-Based Platform Exposes Sensitive Information

Alleged Data Breach at Xiaomi Exposes Sensitive User Information

Alleged Data Leak Exposes Information of Wealthy Businessmen in China

Alleged Data Leak Exposes WhatsApp Information of 11,346 Users in China

Alleged Personal Data Leak in Vietnam Exposes Sensitive Information

Alleged Personal Data Leak in Vietnam Raises Privacy Concerns

Amazon Data Breach Allegations: User Disputes Company’s Claims

Another NetWalker affiliate sentenced to 20 years in prison

Ascension: Health data of 5.6 million stolen in ransomware attack

Ascension cyberattack exposes data from 5.6 million people

Ascension Notifying 5.6 Million Affected by Ransomware Hack

Ascension Ransomware Attack Affects 5.6 Million Patients

Ascension ransomware attack exposes data on 5.6M patients, employees

Attackers Abuse HubSpot’s Free Form Builder to Craft Phishing Pages

Avoid holiday phishing traps: Fake invoices and shipping alerts flood inboxes

Battling Cyber Warfare: Securing Indonesia’s Digital Future

Bitfinex hacker addresses public from prison: “I hate myself”

BitLyft Predicts Cybersecurity Trends for 2025: AI, Ransomware & More

Builder.ai Database Misconfiguration Exposes 1.29 TB of Unsecured Records

CISA: Use Signal or other secure communications app

CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List

CISA Urges Encrypted Messaging After Salt Typhoon Hack

Cyber attack hits Valio, putting data of 5,000 at risk

Cyber attack on state registries: Security Service of Ukraine checks data leakage

Data Breach - 240,000 Credit Union Members Exposed

Data Security Best Practices to Safeguard Data Against Cyber Threats

Dragos claims cyber threat actors targeting manufacturing

Executives targeted in mobile spearphishing attacks

Fake DocuSign docs used to secure corporate credentials in mishing campaign

FBI warns against using two-factor text authentication

FBI Warns Gmail, Outlook, Apple Mail Users - Check 3 Things To Stop Attacks

Firm fined for scraping data on LinkedIn

Five under-the-radar phishing scams you may not know of

Google Calendar users, watch out for this phishing scam

Hacker attack on Ukraine's state registries is painful, but not catastrophic

Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools

Half of UK businesses hit by cyber breaches in 2024

How a ransomware attack caused a British company to go bust

Illinois data breach exposes 1M records, 4,700 Social Security numbers

Indonesia’s ransomware scare highlights need for proper implementation of privacy law

Interior Designer Arrested in HDFC Life Insurance Data Breach

Is that a data breach in your stocking? How to prevent holiday cyberattacks

Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe

Justice Department unveils charges against alleged LockBit developer

Kitchener hacking suspect will spend Christmas and New Year’s in jail

Krispy Kreme breach, data theft claimed by Play ransomware gang

Krispy Kreme Hack Claimed by Play Ransomware – Threatens to Release Data

Largest data breach of health information affects estimated third of U.S. population

Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

LockBit 4.0: Ransomware Kingpins Plot February Comeback

LockBit 4.0: Ransomware Titan Returns to Reignite the Cyber War

LockBit Admins Tease a New Ransomware Version

LockBit Developer Rostislav Panev, a Dual Russian-Israeli Citizen, Arrested

LockBit Ransomware Developer Arrested in Israel

LockBit Ransomware Group Returns, Launching 4.0 in February

Luxottica settles data breach class action lawsuit over 2020 hacking incident

Machine Identity: An Important Defense Against Rising Phishing Threats

Major data breach at SRP Federal Credit Union exposes sensitive information of 240,000 individuals

Major Russian cyber attack disrupts Ukrainian state registries. Recovery will take weeks

Malicious Rspack, Vant packages published using stolen NPM tokens

Mandatory ransomware reporting key to Australia's cyber resilience

Meezan Bank Compensates Victims of Alleged Third Party Data Breach

Meezan Bank denies claims of data breach

Meezan Bank dismisses ‘data breach’ after reports of unauthorised transactions in Pakistan

Meta fined $263 million for 6-year-old data breach that leaked 29 million Facebook accounts

Mobile Phishing Attacks Use New Tactic to Bypass Security Measures

Multiple Northern Kentucky counties hit with data breach impacting records of current, former students

Nearly 6 million people were impacted by ransomware attack on Ascension Health

'NetWalker' Ransomware Attacker Gets 20 Years in Prison

NetWalker Ransomware Operator Sentenced For Hacking Hundreds Of Organizations

NetWalker Ransomware Operator Sentenced to 20 Years in Prison

New Gmail Security Warning For 2.5 Billion - Second Attack Wave Incoming

New “NotLockBit” Ransomware Attack Windows and macOS

New Warning As Self-Deleting Cyberattack Targets Windows, Mac

North Korean Hackers Stole $1.34 Billion in Crypto in 2024

Notorious Ransomware Gang Warns New Attacks Incoming On February 3rd 2025

Online shoppers are at a higher risk of becoming data breach victims

Operational tech under attack, deepfake phishing and learning to use passkeys - cybersecurity predictions for 2025

Over 1,800 records exposed in Rapido data breach

Phishing Statistics Small Businesses Should Know

Play ransomware admits Krispy Kreme compromise

PS Logistics Announces Data Breach Stemming from February 2024 Cyberattack

Ransomware attack on health giant Ascension hits 5.6 million patients

Ransomware Attackers Target Industries with Low Downtime Tolerance

Ransomware Scares, Netflix Violations Highlight Global Data Privacy Failures

Ransomware Spotlight: RansomHub

Ransomware's 35th birthday: How a floppy disk evolved into a multi-billion dollar criminal business

Rapido Data Breach: User and Driver Information Exposed via Vulnerable Feedback Form

Rhode Island’s RIBridges system targeted in ransomware attack

RIBridges data breach: Answering questions about credit freezes, getting benefits and more

Richmond University Medical Center Notified Patients of May 2023 Data Breach

Rocky Mountain Gastroenterology Associates Data Breach Affects 366K Patients

Romanian NetWalker Hacker Jailed 20 Years for $21M Heist

Romanian Netwalker ransomware affiliate sentenced to 20 years in prison

Romanian Netwalker ransomware affiliate sentenced to 20 years in US prison

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

Russia conducted mass cyberattack on Ukraine's state registries, deputy PM says

Russia launches major cyber attack on Ukraine amid missile strikes

Russia Launches Major Cyber Attack on Ukraine's State Systems

Russian GRU-linked hackers responsible for attack on Ukrainian Justice Ministry registries

Some Illinois Department of Human Services (IDHS) Customer, Employee Data Compromised in Phishing Attack

Sophos Firewall vulnerable to critical remote code execution flaw

Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

State registers suffered from Russian hacker attack – recovery will take about 2 weeks

Student information accessed in school division cyber attack

The Coffee Bean & Tea Leaf Provides Notice of Recent Data Breach

The FBI Is Wrong - This Gmail Attack Advice Won’t Help You At All

Third member of LockBit ransomware gang has been arrested

Thousands of GPS tracking customers have info leaked following data breach

Threat Actors Selling Nunu Stealer On Hacker Forums

Three Months Too Late: AnnieMac and the Real Cost of Delayed Data Breach Notifications

U.S. Charges Dual Russian, Israeli National as Developer of LockBit Ransomware Group

Ukraine Hit By Massive Cyber Attack

Ukraine struck by “largest cyberattack” affecting critical infrastructure

Ukraine war briefing: Russia accused of large-scale cyber-attack on Ukrainian authorities

Ukraine's justice minister assures data recovery after Russian cyber attack on state registries

Ukraine's Security Service Probes GRU-Linked Cyber-Attack on State Registers

Ukraine’s state registers hit with one of Russia’s largest cyberattacks, officials say

Ukraine’s Unified and State Registries offline after Russian hackers attack

Ukrainian official reveals months-long preparation for Russian cyber attack

US Charges Dual Russian-Israeli National in Connection with LockBit Ransomware Group

US charges Israeli-Russian national with making software for LockBit ransomware gang

US charges Russian-Israeli as suspected LockBit ransomware coder

US charges Russian-Israeli dual national tied to Lockbit ransomware group

US gives NetWalker ransomware operator $14M bill and 20 years behind bars

US hospital operator Ascension says 5.6 million affected in medical data breach in May

US reveals charges against alleged LockBit ransomware developer

US unseals complaint against Russian-Israeli accused of working for LockBit

Washington County implements cybersecurity policy to combat potential ransomware attacks

Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns

Why Apple sends spyware victims to this nonprofit security lab

Why cybersecurity is critical to energy modernization

19th December

$2.2 billion stolen from crypto platforms in 2024 cyberattacks

5 Million unique credit and debit cards exposed in data breach

35 years of ransomware: Evolution and lessons

2024 roundup: Top data breach stories and industry trends

2025 Cybersecurity Predictions: A Strategic Roadmap for the C-Suite

A 2018 Facebook data breach just cost Meta €251 million

Agencies need to be prepared at the first sign of a cyber-attack

Alleged Data Breach at BASC.edu.ph Exposes Sensitive Information

Alleged Data Breach at SENATI Exposes 880,000 Records

Alleged Data Breach at University of Baghdad Exposes Sensitive Information

Alleged Data Breach Exposes WhatsApp User Database in Russia

Alleged Discord Database Leak Raises Significant Security Concerns

Alleged Leak of Lunar Scampage Raises Concerns About Phishing Schemes

Android malware found on Amazon Appstore disguised as health app

Are threat feeds masking your biggest security blind spot?

Arena Technical Resources Files Notice of Data Breach

Arete report reveals manufacturing and science as top ransomware targets in Q3 2024

BadBox malware botnet infects 192,000 Android devices despite disruption

Bank Rakyat Indonesia (BRI) assures customer safety amid claim of ransomware attack

BeyondTrust SaaS instances breached in cyberattack

BeyondTrust says hackers breached Remote Support SaaS instances

Billion-dollar airline faces $450M fine over alleged GDPR violations

Bipartisan bills to protect car owners’ privacy introduced in House and Senate

Bitfinex Hacker Admits Solo 120k BTC Heist, Disputes Netflix Documentary

Bitfinex hacker speaks out after sentencing

Bugs in a major McDonald’s India delivery system exposed sensitive customer data

CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01

CISA Mandates Federal Agencies Secure Their Cloud Environments

CISA orders federal agencies to secure their Microsoft cloud environments

Credential phishing attacks surge, report reveals

CSIS report reveals surge in sophisticated cyber threats

Cyble Research and Intelligence Labs (CRIL) Investigates: LNK Files, SSH Commands, and the Evolution of Cyberattack Techniques

Crypto scammers posing as real brands on X are easily hacking YouTubers

Crypto-Hackers Steal $2.2bn as North Koreans Dominate

Cryptocurrency hackers stole $2.2 billion from platforms in 2024

Data breach may impact thousands of Monument Health patients

Don't fall for a mail asking for rapid Docusign action – it may be an Azure account hijack phish

Duke Energy responds to customer data breach

Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency

EU Opens Door for AI Training Using Personal Data

European firms subjected to HubSpot-exploiting phishing

Experts reveal credit card breach that threatens to disrupt Christmas for millions of Americans

Facing TP-Link allegations, China blames the US for attacking its critical tech companies

Fake Discount Sites Exploit the Holidays to Hijack Shopper Information

Fake DocuSign and HubSpot phishing emails target 20,000 Microsoft Azure accounts

FBI seeking extradition of Israeli prisoner accused of $500M in ransomware attacks

Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits

Fortinet warns of FortiWLM bug giving hackers admin privileges

Google Calendar leveraged to facilitate stealthy phishing

Google Calendar Phishing Scam Targets Users with Malicious Invites

Google warns of holiday scam surge: how to protect yourself from fraud

Hacker behind Racoon Infostealer sentenced to 5 years in federal prison

Hacker group leaked Telecom Namibia's data after it refused to pay a ransom

Hackers stole the data of 1.4m individuals from Texas Tech University Health Sciences Centres

Healthcare staffing firm reports data breach in Maine filing

Holiday scams alert! Google warns Gmail users about Phishing, fake invoices, and celebrity hoaxes

How businesses can prepare for escalating cyber risks

HubPhish Abuses HubSpot Tools to Target 20,000 European Users for Credential Theft

India’s Rapido exposed user and driver data through leaky website feedback form

Interlock ransomware claims the breach at Texas Tech University

Internet-exposed HMIs are a risk to water facilities, CISA warns

Interpol: Replace pig butchering with romance baiting

Interpol Calls for an End to “Pig Butchering” Terminology

Israeli hacker faces extradition to U.S. for role in global ransomware network

Junipers warns of Mirai botnet targeting Session Smart routers

Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords

Krispy Kreme breach claimed by Play ransomware group

Largest data breach of health information affects estimated third of U.S. population

LockBit ransomware gang teases February 2025 return

LockBit Ransomware Group Plots Comeback With 4.0 Release

Luxottica Agrees $250,000 Settlement to Resolve Data Breach Litigation

Manufacturing sector most targeted by cyber threat actors during Q3

Massive data breach at federal credit union exposes 240,000 members

Massive data breach at federal credit union exposes 240K members

Meezan Bank dismisses ‘data breach’ after reports of unauthorised transactions

Meta slammed with €250 million fine for Facebook data breach

New Malware Can Kill Engineering Processes in ICS Environments

New Mobile Phishing Targets Executives with Fake DocuSign Links

New Phishing Attack Exploiting HubSpot Tools To Steal Microsoft Azure Logins

New phishing scam can bypass Google Calendar spam filters

New York Attorney General James Secures $500,000 from Auto Insurance Company Over Data Breach

New York Attorney General James secures $500,000 settlement with auto insurer Noblr over data breach affecting 80,000 New Yorkers

New York Attorney General secures $500K against insurance company for data breach

News of Ransomware Attack, Bank Rakyat Indonesia (BRI) Claims Customers Can Still Transact Safely

North Korea-linked hackers accounted for 61% of all crypto stolen in 2024

North Korean hackers steal $1.3 billion in crypto this year

North Korean hackers steal $1.34B in crypto in 2024

Personal information leaked in Pembina Trails School Division cyber attack

Phishing Campaign Compromises Microsoft Azure Cloud Infrastructures of European Entities

Phishing Enabled by Google Calendar Invitations

Phishing scam hits High River Chamber of Commerce

Play Ransomware Claims Krispy Kreme Breach, Threatens Data Leak

RansomHub emerges as dominant ransomware group as 2024 ends

Ransomware Attack on Rhode Island Highlights Risk to Government

Ransomware in 2024: New players, bigger payouts, and smarter tactics

Records show 1.4 million patients' data breached in Lubbock, El Paso ransomware attack

Resilience Is the Best Weapon Against Ransomware

Rhode Island braces for data-breach fallout

Routers with default passwords are attracting Mirai infections, Juniper says

Sandworm-linked hackers target users of Ukraine’s military app in new spying campaign

Sign of the times: How RIBridges data breach compares with other cyberattacks in Rhode Island

The year in ransomware: Security lessons to help you stay one step ahead

There Will Always Be New Ways for the Bad Guys To Do Bad Things

Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App

Ukrainian hacker gets prison for infostealer operations

United States Charges Dual Russian and Israeli National as Developer of LockBit Ransomware Group

Unraveling the Lainchain scam - A phishing scheme circulating at Paris networking events

US government urges high-ranking officials to lock down mobile devices following telecom breaches

US may ban Chinese TP-Link routers next year due to security risks

US sanctions Chinese hacker and cybersecurity outfit

US seeks extradition of alleged LockBit ransomware developer from Israel

VisionPoint Eye Center Announces Data Breach Stemming from October 2023 Cyberattack

Vulnerability Exploit Assessment Tool EPSS Exposed to Adversarial Attack

Why organizations should prioritize employee data protection to combat spear phishing

World(coin) must let Europeans comprehensively delete their data, under privacy order

18th December

A lightweight app comes with some heavy consequences, researchers say

A new ransomware regime is now targeting critical systems with weaker networks

Alleged Data Breach at Free Telecom Raises Privacy Concerns

Alleged Data Breach at French Tennis Federation (FFT) Exposes Sensitive Information

Alleged Data Breach at Try.gov.hk Exposes Sensitive Government Information

Alleged Data Breach Exposes Personal Information in Indonesia

Alleged Leak of 1.3 Billion URL Login Credentials Raises Security Concerns

Alleged Leak of 10 Billion URL Login Credentials Raises Critical Security Concerns

Alleged Leak of 1951 Stealer Logs Raises Data Privacy Concerns

Androxgh0st Botnet Targets IoT Devices, Exploiting 27 Vulnerabilities

APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP

Athens cyber theft was a textbook phishing scam, expert says

Attacker Distributes DarkGate Using MS Teams Vishing Technique

Auto parts maker LKQ Corporation says cyber attack impacted its Canadian operations

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356)

BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products

Biggest Crypto Scam Tactics in 2024 and How to Avoid Them

Brighton Jones Files Official Notice of Data Breach Following Email Phishing Attack

Brockton Neighborhood Health Center Provides Notice of Data Breach to an Unknown Number of Patients

Cellebrite shatters smartphone security illusion: everything can be unlocked, researchers warn

Chinese Hacker Charged for Launching Malware That Exploited 10K+ Firewalls Worldwide

CISA orders federal agencies to secure Microsoft cloud systems after ‘recent’ intrusions

CISA urges senior government officials to lock down mobile devices amid ongoing Salt Typhoon breach

CISA urges switch to Signal-like encrypted messaging apps after telecom hacks

Cisco Data Breach - IntelBroker Group Leaked 2.9GB of Data Online

Cisco Data Leaked By Hacker

CISO accountability: Navigating a landscape of responsibility

Conceptions Reproductive Associates of Colorado Reports Data Breach Affecting 80k Individuals

Consumers wrongly attribute all data breaches to cybercriminals

Credential phishing attacks rose by 703% in H2 of 2024

Credential Phishing Attacks Soar in Second Half of 2024

Data breach at chain of clinics impacts 450K patients

Data breach comes back to haunt Meta as tech giant fined $260M

Dragos reports ransomware shifts in Q3, with hackers picking operational sabotage over financial extortion

Dutch regulator fines Netflix $5 million for data privacy violations

European companies hit with effective DocuSign-themed phishing emails

Fake Ledger data breach emails used to trick victims into giving up recovery phrases

FBI Warns of HiatusRAT Malware Targeting Webcams and DVRs

Five years later...Netflix hit with Dutch data access fine

Hacker Leaks Cisco Data

Hacker sentenced to 69 months for stealing payment card info

Hackers Exploit Google Calendar & Drawings to Bypass Email Security

Hackers Exploit Linux eBPF Tech to Host Malware on GitHub and Blogs

Half a million patients' personal info stolen in massive health care data breach

Healthcare software provider ConnectOnCall says cyber incident impacted over 900,000 individuals

How the ransomware attack at Change Healthcare went down: A timeline

HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft

HubSpot phishing targets 20,000 Microsoft Azure accounts

Instant loan app leaks nearly 30 million files with user data

INTERPOL Pushes for "Romance Baiting" to Replace "Pig Butchering" in Scam Discourse

Interpol replaces dehumanizing "Pig Butchering" term with "Romance Baiting"

Ireland fines Meta €251 million for data breach impacting 29 million users

Losses from LastPass breach continue to grow with another $12M stolen

Major data breach leads to $264M fine for Meta

Malicious Microsoft VSCode extensions target developers, crypto community

Manufacturers Lose Azure Creds to HubSpot Phishing Attack

Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts

Meta fined $263.5 million for 2018 Facebook data breach impacting 29 million users

Meta Fined Over $295 Million for Data Breach Incidents

Meta hit with $263 million fine in Europe over 2018 data breach

Meta hit with $263m fine over 2018 Facebook data breach

Meta Hit with Massive $263m GDPR Fine

Meta Security Phishing Email Scam

Meta slapped with €251 million fine for mishandling 2018 data breach

Midnight Blizzard Taps Phishing Emails, Rogue RDP Nets

Nebraska sues Change Healthcare over security failings that led to medical data breach of over 100 million Americans

Nearly 400,000 WordPress credentials stolen

Netflix faces €4.75M blow for secretly tracking user data

New Attacks Exploit VSCode Extensions and npm Packages

New Google Gmail And Calendar Attack Warning For Millions Of Users

Nigeria Cracks Down on Cryptocurrency Investment Fraud and Romance Scams

Okta Warns of Phishing Attacks Mimic “Okta Support” to Steal MFA Tokens

Ongoing phishing attack abuses Google Calendar to bypass spam filters

Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected

Phishers cast wide net with spoofed Google Calendar invites

Phishing Attacks Double in 2024

Phishing Campaign Targets YouTube Creators

Phishing scammers spoof Ledger’s email to send bogus data breach notice

Protect Your Customers From Phishing This Holiday Season And Beyond

Raccoon Stealer malware operator gets 5 years in prison after guilty plea

Ransomware Attack on Texas Health Centers Exposes 1.4M+ People

Ransomware report reveals evolving threat landscape in 2024

Rhode Island officials warn residents as ransomware group threatens social services data leak

Russian hackers use RDP proxies to steal data in MiTM attacks

Russian hackers using red team tools for large-scale espionage campaign

Senior Dating data breach exposes info of 765,000 users

SlashNext report warns of eightfold rise in credential phishing as AI drives sophistication

Staying Ahead of Threat Actors: Flashpoint’s 2025 Ransomware Survival Guide

Texas Tech University confirms data breach impacting medical records of 1.4m patients

Thousands of users in Europe getting malicious emails with DocuSign-enabled PDFs

Top 10 Cyberattacks in 2024 that Stole the Spotlight

Top 10 Cybersecurity Predictions for 2025

Tracker firm Hapn spilled names of thousands of GPS tracking customers

UK military AI recruitment tool sparks data breach concerns

US Government Issues Cloud Security Requirements for Federal Agencies

Waverley Christian College confirms cyber incident after ransomware gang claims attack

Zimperium warns of growing threat of sophisticated mobile phishing attacks targeting executives

17th December

1.4 Million Affected in Texas Tech Data Breach, Ransomware Hits Hard

1.4 Million records stolen in Texas Tech University Health Sciences Center ransomware attack

10 Major Ransomware Attacks And Data Breaches In 2024

27 DDoS-for-hire operations shut down by law enforcement

2024 cyber threat landscape highlights key attack trends

58,000 individuals’ data exposed after Bitcoin ATM operator hack

All Major European Financial Firms Suffer Supplier Breaches

‘All student records accessed’ in Granite School District data breach

Alleged Cisco Source Code Leak Raises Security and IP Concerns

Alleged Data Breach at Platinum-Celebs.com Exposes 72,000 User Records

Alleged Data Breach at RM Group of Education Exposes Sensitive User Information

Alleged Data Breach at Talentely.com Exposes TMS-LMS Platform Data

Alleged Data Breach at Warid Telecom Exposes Sensitive User Information

Alleged Data Breach Exposes Information of 261,000 Insurance Agents in the U.S.

Alleged Leak of 1.3 Billion Fresh URL Login Credentials Raises Serious Security Concerns

Amazon-hosted AI tool for UK military recruitment ‘carries risk of data breach’

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware

Australian Facebook users score $50 million settlement with Meta over Cambridge Analytica data harvesting scandal

Balancing security and user experience to improve fraud prevention strategies

Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware

'Bitter' cyberspies target defense orgs with new MiyaRAT malware

CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign

CISA orders federal agencies to secure Microsoft 365 tenants

CISA releases first draft of updated National Cyber Incident Response Plan

CISA’s pre-ransomware alerts nearly doubled in 2024

Cleo data theft incident claimed by the Clop ransomware group

CLoP Ransomware Group Claims Responsibility for Cleo Attacks

Crimson Wine Group Files Official Notice of Data Breach Affecting 26k People

Critical Infrastructure Under Siege: 42% Spike in Ransomware Attacks on Utilities

Cyber-attacks on Indian infrastructure grew by 50% in 2024

Cybercriminals Exploit Google Calendar to Spread Malicious Links

Cybersecurity Incident at Deloitte May Be Responsible for RIBridges Data Breach

DarkGate Malware Distributed Via Microsoft Teams Voice Phishing

Data breach at Texas Tech University leaks personal data of 1.4 million patients

Dump user 'horrified' by Cornwall Council data breach

EU Sanctions Russian Cyber Actors for “Destabilizing Actions”

EU Slaps Meta with €251M Fine over Data Breach

EU Watchdog Fines Meta $263 Million for Data Breach

Facebook owner hit with 251 million euros in fines for 2018 data breach

Facebook owner Meta hit with £207m in EU fines for 2018 data breach

Fake Hacking: What It Is & How to Protect Yourself?

Guernsey: Revenue Service email data breach was one of several

Guernsey's Revenue Service reprimanded for data breach

Hackers actively exploiting Windows flaw to gain system privileges, CISA warns

Hackers Demand Ransom in Rhode Island Health System Data Breach

Hackers Exploit Microsoft Management Console to Drop Backdoor Payloads on Windows

Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection

Hackers Leak Partial Cisco Data from 4.5TB of Exposed Records

Hackers Leverage Red Team Tools in RDP Attacks Via TOR & VPN for Data Exfiltration

Hackers Use Fake PoCs on GitHub to Steal WordPress Credentials, AWS Keys

Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks

Healthcare Cybersecurity: 2024 Was Tough, 2025 May Be Better

Healthcare hacking spree continues as another 225K exposed

Helsinki City Board receives status update on Education Division data breach

Hong Kong: Rising scams involving phishing links swindled $36mn out of Carousell sellers

Ireland fines Meta $263 million for 2018 View As data breach

Ireland fines Meta $264 million over 2018 Facebook data breach

Ireland slaps Meta with $263 million fine for data breach that hacked 29 Million Facebook accounts

Irish watchdog fines Meta €251M for user data breach

Kitsap Mental Health Services Notifies Individuals of Recent Data Breach

Launceston dump user ‘horrified’ by council data breach

Lesson from latest SEC fine for not completely disclosing data breach details: ‘Be truthful’

Malvertising on steroids serves Lumma infostealer

Malware Attacks Hit YouTube Creators Via Phishing Emails

Meta Agrees To AU$50M Settlement For Facebook Data Breach: Who Can Claim Compensation?

Meta faces €251m fine over 2018 data breach affecting 29 million Facebook users

Meta Faces Heavy Fines as EU Watchdogs Clamp Down on 2018 Data Breach

Meta fined €251 million over data breach affecting Facebook

Meta fined €251 million over data breach that affected 29 million Facebook users globally

Meta Fined €251 Million Over Facebook Data Breach Affecting 29 Million Users

Meta fined €251m over Facebook data breach in Ireland

Meta fined $263 million for alleged GDPR violations that led to data breach

Meta fined $263M over 2018 security breach that affected ~3 Million EU users

Meta fined more than 250 million euro by Irish data commission following breach

Meta Hit with 251M Euro Fine for Facebook Data Breach

Meta hit with €251m fine for Facebook data breach, says Irish regulator

Meta Platforms' Irish unit hit with $264 million fine over data breach

Meta to set up $50M privacy payment scheme to settle Australian proceeding

Meta’s Irish Arm Fined €251 Million by Watchdog Over Data Breach

Namibia Telecom customer data exposed following ransomware attack

Nebraska Attorney General files suit over widespread healthcare data breach

Nebraska Attorney General Sues Change Healthcare Over Data Breach

Nebraska Attorney General sues Change Healthcare, UnitedHealth for data theft after ransomware attack

Nebraska attorney general sues healthcare company after 'historic' data breach

Nebraska Sues Change Healthcare Over February Ransomware Attack

Nebraska Sues Change Healthcare Over ‘Historic’ Data Breach

Nebraska sues Change Healthcare over ransomware attack

New Android Spyware Detected in Serbian Surveillance Investigation

New APIs Discovered by Attackers in Just 29 Seconds

New critical Apache Struts flaw exploited to find vulnerable servers

New fake Ledger data breach emails try to steal crypto wallets

New phishing scam lures YouTube creators with fake brand collaboration offers

Organizations Warned of Rise in Okta Support Phishing Attacks

Personal data shared in Cornwall Council's new online booking system

Positive Behavior Supports Corporation Reports Data Breach Affecting Sensitive Client Information

RATs can sniff out your Chinese-made web cameras: here’s how to defend yourself

Ransomware Defender Risk: 'Overconfidence' in Security Tools

Ransomware hackers post Telecom Namibia customer data on dark web

Ransomware, deepfakes, and scams: the digital landscape in 2024

Regional Care Announces Data Breach Affecting the Sensitive Information of 225k People

Researchers reveal Operational Technology (OT)-specific malware in use and in development

Rhode Island public benefits data breached in Brain Cipher ransomware attack

Rhode Island suffers major data breach

Rhode Island's RIBridges Data Breach Sparks Urgent Response

Securities and Exchange Commission Settles Charges Against Flagstar for Misleading Investors About Citrix Data Breach

Sensitive data leaked after Namibia ransomware hack

Sophisticated TA397 Malware Targets Turkish Defense Sector

Starbucks restores systems after Blue Yonder ransomware attack

Texas medical school says hackers stole sensitive health data of 1.4 million individuals

Texas Tech University Data Breach Impacts 1.4 Million

Texas Tech University Health Sciences Center (TTUHSC) Lubbock data breach affected 650,000 individuals

Texas Tech University Health Sciences Center Ransomware Attack Affects 1.46 Million Patients

The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal

The shifting security landscape: 2025 predictions and challenges

Thirty-Five Years of Ransomware - CISCO Official Reveals Lessons Learnt

TikTok’s Irish arm sets aside $1bn to cover cost of possible data breach fines

Unlock and load: officials caught using Israeli spyware to snoop on Android users

US Unveils New National Cyber Incident Response Plan

Windows Malware Phishing Attacks Target YouTubers

YouTube Warning - Hackers Target Creators In Password-Stealing Attack

16th December

390,000 WordPress credentials compromised via phishing, GitHub repos

AI deepfakes are targeting women in politics at alarming rates

Alleged Data Breach at ApolloGames.com Exposes Sensitive CRM Data

Alleged Data Breach at CREFSP Exposes Full Database in São Paulo

Alleged Data Breach at Delhi Public Primary School Itarsi Exposes Sensitive Records

Alleged Data Breach at HemenBahis Exposes Sensitive User Information

Alleged Data Breach at Rozavam.ru Exposes Sensitive Customer Information

Alleged Data Breach at SAIC in Brazil Exposes Sensitive Information

Alleged Data Breach at World Leadership Academy Exposes Sensitive Information

Alleged Data Breach Exposes Sensitive Legal Proceedings Data in Colombia

Alleged Leak of 1.5 Billion URL Login Credentials Raises Online Security Concerns

Alleged Leak of 200 Million URL Login Credentials Raises Privacy Concerns

Amnesty Accuses Serbia of Tracking Journalists and Activists with Spyware

Attorney General sues Change Healthcare, two other companies after data breach hits at least 575,000 Nebraskans

Authorities arrest 800 crypto romance scammers in Nigeria targeting Americans, Europeans

Blue Yonder helps restore operations for majority of impacted customers

Byte Federal Data Breach Exposes 58,000 Customer Records

Byte Federal Data Breach Exposes Images of 58K Bitcoin ATM Users and Transaction Activity

Called your doctor after-hours? ConnectOnCall hackers may have stolen your medical data

Cicada3301 Ransomware Claims Attack on French Peugeot Dealership

CISA and Environmental Protection Agency (EPA) Warn of Cyber Risks to Water System Interfaces

CISA and Environmental Protection Agency (EPA): Internet-Exposed Human Machine Interfaces (HMIs) Pose Serious Cybersecurity Risks to Water Systems

Cleo vulnerability attacks claimed by Clop ransomware gang

Cl0p Ransomware Exploits Cleo Vulnerability, Threatens Data Leaks

Clop ransomware gang claims responsibility for Cleo attacks

Clop ransomware gang claims responsibility for Cleo data-theft

Clop ransomware gang confirms it is actively exploiting Cleo MFT vulnerabilities

Clop ransomware gang confirms responsibility for Cleo data theft attack

Clop Ransomware Gang Tied to Zero-Day Attacks on Cleo File-Transfer Services

Clop ransomware group claims responsibility for exploiting Cleo file transfer vulnerabilities

Cl0p ransomware group says it was behind Cleo attacks

Clop ransomware just made your file transfers a security minefield

Clop Ransomware Takes Responsibility for Cleo Mass Exploits

Combating the rising threat of AI-powered phishing attacks

ConnectOnCall Announces 914K-Record Data Breach

ConnectOnCall breach exposes health data of over 910,000 patients

ConnectOnCall data breach impacted over 900,000 individuals

ConnectOnCall.com Files Notice of Data Breach Leaking Patients’ Sensitive Information

CVE Assigned to Cleo Vulnerability as Cl0p Ransomware Group Takes Credit for Exploitation

Cyber attack forced Watsonville Community Hospital staff to rely on pen and paper to attend to patients

Cyber attack on SRP Federal Credit Union compromised the data of 240,000 individuals

Cyberattack at Texas Tech University health centers exposed patient data

Cyberattack Targets Rhode Island’s RIBridges System, Compromising Sensitive Resident Information

Cybersecurity best practices toolkit: Power up your mid-market defenses

December 2024 Cyble Report: Malware, Phishing, and IoT Vulnerabilities on the Rise

DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages

Deloitte Alerts Rhode Island to Significant Data Breach in RIBridges System

EU issues first-ever sanctions over ‘Russian hybrid threats’

Evasive Node.js loader masquerading as game hack

Fake Captcha Campaign Highlights Risks of Malvertising Networks

Fake CAPTCHAs reaching millions: who’s responsible for malvertising mayhem?

FBI subdivision firewall access listed by potential Schneider Electric hacker

FBI spots HiatusRAT malware attacks targeting web cameras, DVRs

Federal money is helping states overhaul cybersecurity. What happens if it dries up?

Firmware Security: Identifying Risks to Implement Best Cybersecurity Practices

Forget The Drones, Rhode Island Attacked By Very Real Ransomware

Google, Amnesty International uncover new surveillance malware

Hacker Breaches Rhode Island State System, Swipes Personal Data

Hackers Attacking YouTube Creators with Weaponized Collaboration Requests

Hackers Claim to Have Stolen 17 Million Patient Records from PIH Health

Hackers Orchestrate Cyberattack Against PIH Health, Claiming Massive Data Breach

Hackers targeting thousands of YouTubers with fake collaboration offers and infostealers

How organizations can respond fast to data breaches and avoid investigations

How to Identify and Avoid Holiday Phishing Scams

Kadokawa reportedly gives in to ransomware demand

Kaiser Permanente Employees Targeted via Malicious Google Search Ads to Deploy SocGholish

Malicious ads push Lumma infostealer via fake CAPTCHA pages

Malware Hidden in Fake Business Proposals Hits YouTube Creators

Massive Data Breach at Texas Tech University Health Sciences Centers: What You Need to Know

Medical Payment Company Facing Lawsuit in Nebraska Over Data Breach

MUT-1244 targeting security researchers, red teamers, and threat actors

Namibia: Government launches investigation into Telecom Namibia data breach exposing over 619 000 clients’ personal information

Namibia: Telecom chief executive under fire as activist calls for immediate removal amid data breach

Namibia: Telecom Cyberattack - 5 Things You Should Know

Namibia: Telecom hit by massive cyberattack...over 400 000 files ‘leaked’

Namibia’s state telecom provider says hackers leaked data after it refused to pay ransom

Nebraska Attorney General files lawsuit against Change Healthcare after ‘historic’ data breach

Nebraska Attorney General files lawsuit against Change Healthcare following data breach

Nebraska becomes first state to sue Change Healthcare over data breach

Nebraska Sues Change Health Care After Data Breach

New Android NoviSpy spyware linked to Qualcomm zero-day bugs

New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP

New Investment Scam Leverages AI, Social Media Ads to Target Victims Worldwide

NoviSpy Spyware Installed on Journalist's Phone After Unlocking It With Cellebrite Tool

Over 900,000 Americans just had their personal and health info exposed in medical data breach - names, phone numbers, treatments and SSNs

Overlooking platform security weakens long-term cybersecurity posture

Phishing campaign targets Kaiser Permanente employees using Google Ads

RansomHub most active ransomware group in H2 2024

Ransomware attack investigation continuing in Wood County

Ransomware attack on Rhode Island health services exposed personal data of hundreds of thousands

Ransomware attack targets Rhode Island public benefits system

Ransomware group Brain Cipher behind Rhode Island cyberattack; claims 1 TB of data stolen

Ransomware Innovation: Fighting Back With New Strategies

Ransomware scum blow holes in Cleo software patches, Cl0p (sort of) claims responsibility

Ransomware targets Taiwan SMEs, Trend Micro reports

Ransomware to Cause ‘Bumpy’ Security Ride in 2025

Ransomware threat shows no sign of slowing down

Rhode Island Benefits and Services Systems Hit by Ransomware

Rhode Island confirms data breach after Brain Cipher ransomware attack

Rhode Island governor warns residents of cyberattack on state benefits system

Rhode Island hit by data breach as hackers demand ransom

Rhode Island Hit by Ransomware Attack Impacting Deloitte via RIBridges

Rhode Island left scrambling as Deloitte confirms breach likely impacting thousands

Rhode Island subjected to potentially widespread data breach

Rhode Island Urges Residents to Protect Personal Information Amid Data Breach

RIBridges attack linked to Brain Cipher ransomware gang

Security experts respond to Krispy Kreme cyber attack

Serbian government cracked phones with Cellebrite to install spyware, report says

Serbian government used Cellebrite to unlock phones, install spyware

Shielding Your Storefront: How SASE Protects Retailers in a Digital Age

Telecom Namibia Hit by Massive Cyberattack: Over 400,000 Files Leaked

Texas Tech University Health Sciences Center and Texas Tech Health El Paso Announce Massive Data Breach

Texas Tech University System data breach impacts 1.4 million patients

Ukraine: Espreso TV channel comes under hacker attack

Ukrainian Minors Recruited for Cyber Ops and Reconnaissance in Russian Airstrikes

US sanctions Chinese firm over potentially deadly ransomware attack

USAA reaches $3.25M settlement over data breach accusations

Waterstones' warehouse systems hit by Blue Yonder ransomware gang attack

Why You Need Cyber Resilience and Defence in Depth

Windows kernel bug now exploited in attacks to gain SYSTEM privileges

With Digital Operational Resilience Act (DORA) approaching, financial institutions must strengthen their cyber resilience

YouTube Channels Targeted With Windows Malware Phishing Attacks

YouTube Creators Targeted in Global Phishing Campaign