Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 16th December and 29th December 2024.
29th December
16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft
AT&T and Verizon Hacked – Salt Typhoon Compromised The Network For High Profiles
AT&T and Verizon targeted by Salt Typhoon cyber attack
Canada: Privacy commissioner miffed at Sault Police over ransomware attack
China-Linked Salt Typhoon Hackers Launched Cyber Attack on AT&T and Verizon
Critical Gmail Warning - Don’t Click Yes To These Google Security Alerts
Cyber attack on Italy's Foreign Ministry, airports claimed by pro-Russian hacker group
Farnesina website back up and running after hacker attack
Google Chrome 2FA Bypass Attack Confirmed - What You Need To Know
It's only a matter of time before LLMs jump start supply-chain attacks
Malware botnets exploit outdated D-Link routers in recent attacks
Massive Data Breach Exposes Millions of Credit and Debit Cards - Is Your Account Safe?
Massive VW Data Leak Exposes EV Owners’ Sensitive Information Across Europe
Phishing Attacks Decoded: Train Your Team, Protect Your Network
Pro-Russia cyberattacks hit websites of Italian ministry, airports
US Healthcare Providers May Be Hit With New Cybersecurity Rules
What is phishing? Meaning explored as scammers target FasTrak lane users
Why Hackers Prefer iPhones Over Android Devices
28th December
15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials
Customer data from 800,000 electric cars and owners exposed online
Cyber attack on Italy's Foreign Ministry, airports claimed by pro-Russian hacker group
FICORA, CAPSAICIN Botnets Exploit Old D-Link Router Flaws for DDoS Attacks
Gold Coast couple lose $250,000 house deposit in 'spear phishing' scam
Hackers steal ZAGG customer’s credit cards in third-party breach
Hackers take over Google Chrome extensions in cyberattack
How cops taking down LockBit, ALPHV led to RansomHub's meteoric rise
Investors Beware: Hackers Target Crypto Users With New Zoom Meeting Scam
Kaizen Pharmaceuticals CRM Database Breach Sparks Security Concerns
Kaspersky Exposes New Phishing Scam Targeting Businesses on Facebook
Massive Data Breach in Italy Exposes 35 Million Phone Numbers and Names
Pro-Russian Hacker Group Claims Cyber Attack On Italy's Foreign Ministry
Pro-Russian Hacker Group Claims Italy Cyberattack
Pro-Russian hackers attack website of Italian Foreign Ministry and number of airports
Pro-Russian hackers target Italian airport websites
The top 10 data breaches of 2024
Volkswagen Group data breach exposes personal data of 800,000 EV owners in Europe
Xtream.cloud Data Breach Raises Cloud Security Concerns
27th December
5 cybersecurity habits to take into 2025
2024 Cybersecurity Wrap-Up: Top Attacks, Impacts & Key Takeaways
2024’s Data Breach Catastrophes: A Year of Lessons Unlearned
422,000+ Impacted in American Addiction Centers Cybersecurity Incident
A new hack in town – Crypto users warned of phishing attacks disguised as Zoom meeting links
Access TeleCare Sends Data Breach Letters Following Compromised Employee Email Accounts
American Addiction Centers Data Breach Affects an Estimated 422,424 People
Anniversary Holding Company Files Notice of Data Breach Affecting Certain Employees of Dynasty Healthcare Company
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization
Ascension healthcare hit by ransomware; patient data stolen
Austrian police bust $1.3M ‘crypto’ fraud; phishing scam targets Ledger
B2B Email Database Leak Raises Concerns Over Business Data Security
Biden administration finalizes rule to block sale of Americans’ bulk data to adversaries
Blue Yonder says November ransomware attack not connected to Cleo vulnerability
CISA's 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration
Cl0p ransomware hits over 60 companies using Cleo platform
Cl0p Ransomware Intends to Reveal Over 60 Victims of Cleo Cyberattack
Clop ransomware lists Cleo cyberattack victims
Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia
Collezione.com.tr Data Breach Exposes 200,000 Records
Community Health Northwest Florida targeted in cyber attack
Cyber attack on Japan Airlines: A wake-up call for aviation security
Cyber startup employee hacked to distribute malicious Chrome extension
Cyber-attack: Patricia Technologies begins customer compensation over 2022 breaches
Cybercriminals Send Fake Legal Notices to Scam Indians: Here’s What to Know
Cyberhaven says it was hacked to publish a malicious update to its Chrome extension
Cybersecurity firm's Chrome extension hijacked to steal users' data
Data protection advancements expected to shape 2025 security
Effortless Office Files Official Notice of Recent Data Breach
Ekonika.ru Data Breach Raises Privacy Concerns
EPS-MTOSB.gov.kh Data Breach Raises Concerns Over Government Data Security
FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks
General Dynamics reports data breach following phishing campaign
Gmail Users Targeted in Sophisticated Phishing and Hack Attacks
Go phish! Scammers target FasTrak system users with threatening texts
Hackers exploit DoS flaw to disable Palo Alto Networks firewalls
Hackers Release Second Batch of Stolen Cisco Data
Health Insurance Portability and Accountability Act (HIPAA) to be updated with cybersecurity regulations, White House says
Healthcare Providers Lose Nearly $2M Per Day Due to Cyberattack-Induced Downtime
Human error to blame in Ascension data breach that impacted 5.6 million patients
Increase in cyber incidents in the UK
iOS Devices More Vulnerable to Phishing Than Android, Says Lookout Report
Is your Facebook Business page at risk? New Phishing scam exposed
Japan Airlines hit by cyber attack, causing delays to domestic, international flights
Kaspersky Finds New Phishing Scheme Targeting Business Accounts On Facebook
Kaspersky reports 135% rise in crypto-drainer discussions
Law enforcement agencies see AI as a key tool for reducing crime
LegalNurse.com Experiences Data Security Incident, Leading to Data Breach
Massive Data Breach Hits DAP Health: Sensitive Info Exposed
Massive VW Data Leak Exposed 800,000 EV Owners’ Movements, From Homes To Private Spaces
Mysterious NotLockBit Ransomware Attacks Windows & Mac
New phishing scam targeting businesses on Facebook uncovered
North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign
One Airline Experienced a Cyber Attack This Week
Over 4,600 Randolph Brooks Federal Credit Union (RBFCU) customers’ data may be leaked in data breach, Texas Attorney General’s office says
Overwhelmed by fraud? Here’s how financial pros fight back
Palo Alto Releases Patch for PAN-OS DoS Flaw — Update Immediately
Pharmanewsonline.com Data Breach Raises Concerns in Healthcare Sector
Phishing attack compromises General Dynamics employees
Phishing Attack Hits General Dynamics, Exposing Employee Data
Phishing Attack Targets Defense Giant ‘General Dynamics’, Employees Data Breached
Phishing scam targets Web3 users through Google Ads
Pudgy Penguins Phishing Scam: A New Threat to Crypto Security?
Ransomware Group Hits Substance Abuse Treatment Service
Record-breaking ransoms and breaches: A timeline of ransomware in 2024
River Region Cardiology Files Notice of Data Breach Affecting an Estimated 500k
Russian Hackers Behind Trending Zoom Link Phishing Attack
Scotland’s rail network ‘wholly unequipped’ for Nightsleeper-style cyber attack, warns expert
Scottish rail network 'wholly unequipped' for digital world amid 'Nightsleeper' cyber attack fears
Shocking Data Breach Exposed! Your Trusted Car May Be Spying on You
Solana Investors Lose $500K in X Phishing Attack
Sophisticated Phishing Scam Exploits Google Ads to Target Web3 Users
STIIIZY Files Official Notice of Data Breach
Suno India Data Breach Sparks Privacy and Security Concerns
Supply Chain Resilience and Physical Security: Lessons for 2025
Tayfa Denizcilik Data Breach Raises Maritime Industry Privacy Concerns
Texas hits data brokers for not registering, underscoring a larger privacy problem
Texas Tech Health Sciences Center El Paso data breach impacted 1.4 million people
The 5 Dumbest Things in Cybersecurity This Year
The Top 5 Cybersecurity Threats and How to Defend Against Them
The Top 10 Most Active Ransomware Groups of 2024
The Top Cybersecurity Threats of 2024: How AI, Ransomware, and VPN Vulnerabilities Are Shaping the Threat Landscape
The US Government Charges China-Based Hacker for Exploiting Zero-Day Vulnerability
US adds 9th telecom company to list of known Salt Typhoon targets
US charges Brazilian hacker over extortion activities
Volkswagen Data Breach: 800,000 Electric Car Owners’ Data Leaked
Wexford County works to restore deeds office after cyber-attack stalls services
White House links ninth telecom breach to Chinese hackers
WiFi hackers can bypass WPA3 security by exploiting its weakest link: the user
26th December
AEP Texas Data Breach Exposes Millions of Customer Records
Aosense.com Database Breach Raises Concerns Over NASA-Related Data Security
Apache warns of critical flaws in MINA, HugeGraph, Traffic Control
Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts
Cairo Governorate Education Portal Data Breach Raises Privacy Concerns
Central Securities Depository Data Breach Raises Financial Security Concerns
Cyberattack Disrupts Japan Airlines Operations, Delays Over 40 Flights
Cyberattack on Ukraine’s state registers disrupts marriage registration, real estate deals
Cybersecurity spending trends and their impact on businesses
EPA.gov Data Breach Raises Concerns Over Government Data Security
Hospital billing vendor settles $2 Million data breach lawsuit
Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%
iOS devices more exposed to phishing than Android
iOS gets more phishing attacks than Android, study reveals
Japan Airlines (JAL) cyberattack disrupts operations causing flight delays and cancellations
Japan Airlines resumes operations after cyberattack delays flights
Japan Airlines System Hit by Cyber Attack, Flight Operations Affected
Nara.ae Data Breach Raises Concerns Over User Privacy
Nearly half a million people had data stolen after cyberattack on American Addiction Centers
New 'OtterCookie' malware used to backdoor devs in fake job offers
Pick n Pay Data Breach Sparks Concerns Over Customer Privacy
Psychogen Database Breach Raises Concerns Over User Privacy
Researchers Uncover Dark Web Operation Entirely Focused on KYC Bypass
These were the badly handled data breaches of 2024
Two Californians charged in the largest NFT fraud case to date
UN General Assembly approves cybercrime treaty despite industry backlash
25th December
$500K Phishing Scam Targeting Solana Memecoin Investors Revealed
A phishing site of the popular NFT collection Pudgy Penguins appeared among Google ads
Clop ransomware hits 66 companies: Check if you’re on their radar
Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS - Patch Now
Crypto Phishing Scams 2024: How Hackers Stole $500K in a Month
DeFi Phishing Attack : How a Fake Zoom App Stole $1M
DMM Bitcoin $308M Bitcoin heist linked to North Korea
FBI attributes largest crypto hack of 2024 to North Korea’s TraderTraitor
FunFun688.com Casino Database Breach Exposes Sensitive User Information
Hackers are stealing Gmail and Microsoft 365 accounts with this new phishing technique
Hackers are using Russian domains to launch complex document-based phishing attacks
Home for the holidays? Share this top cybersecurity advice with friends and family
India: Journalist faces Crime Branch action for exposing data breach, Kerala's press fights back
India: Journalists protest Crime Branch's move to seize reporter's phone over data breach report
Indonesia Government Data Breach – Hackers Leaked 82 GB of Sensitive Data Online
Interlock ransomware attacks highlight need for greater security standards on critical infrastructure
Iran's Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware
Iranian Hackers Breach Israeli Company: Data Leaked, Infrastructure Wiped Out
North Korea-Backed Hacker Poses as LinkedIn Recruiter, Steals Rs 2,560 Crore from Japanese Crypto Firm
North Korean hacker group identified in theft of DMM Bitcoin assets
NRJ Mobile Database Breach Raises Privacy Concerns
Phishing Alert: Crypto Event Attendee Data For Sale
Pittsburgh Regional Transit attributes recent service disruptions to ransomware attack
Ruijie Networks' Cloud Platform Flaws Could've Exposed 50,000 Devices to Remote Attacks
SEO Poisoning: How Cybercriminals Are Turning Search Engines into Traps
Stanford University Servers Allegedly Compromised with SSH Access for Sale
The 2024 cyberwar playbook: Tricks used by nation-state actors
The Fintech Wild West: Why Preventive Cybersecurity Is Essential for Survival
Top 10 Cyber Law Enforcement Operations of 2024
Top Phishing Tricks Attackers Use to Target Employees & The Recent ‘You’re Fired’ Campaign
Trifecta.com Database Breach Sparks Privacy Concerns
U.S. indicts Chinese hacker for firewall breach
Urgent New Gmail Security Warning For Billions As Attacks Continue
US healthcare sector faces new data breach
USA Launched Cyber Attack on Chinese Technology Firms
WhatsApp Wins Lawsuit Against Israeli Spyware Maker NSO Group
Wood County recovering from ransomware attack
WY88 Casino Database Breach Raises Privacy Concerns
Yaaka.fr Database Breach Raises User Privacy Concerns
24th December
7 biggest cybersecurity stories of 2024
Adobe ColdFusion Vulnerability: Critical Bug (CVE-2024-53961) with Proof-of-Concept (PoC) Exploit Code Discovered
AI-driven scams are about to get a lot more convincing
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks
API security blind spots put businesses at risk
As Ransomware Groups Evolve, How Do Police and Defenders Keep Up?
Ascension Data Breach Affects 5.6 Million Individuals
Ascension Healthcare Cyberattack Hits 5.6 Million: A Peek into the Massive Data Breach
Brazilian Hacker Charged for Selling Data Stolen From Hacked Computers
CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
CISA Flags CVE-2021-44207 in Exploited Vulnerabilities Catalog: High Impact Alert
Clop ransomware gang takes credit for latest mass hack that breached dozens of companies
Clop ransomware is now extorting 66 Cleo data-theft victims
Digital battlefield: Navigating the cyber threats of 2025
Don’t take the phishing bait
European Space Agency's official store hacked to steal payment cards
FBI links North Korean hackers to $308 million crypto heist
FBI, DC3, and NPA Track $308 Million Cryptocurrency Theft to North Korean Hackers
HubSpot phishing campaign eyes thousands of MS Azure accounts
Hyperliquid Faces $250M Outflow After North Korea Hacker Claim
Hyperliquid Faces $256M Outflow Amid North Korean Hacker Allegations
Hyperliquid Faces Record Outflow Amid Allegations of North Korean Hacker Activity
Japan, US blame North Koreans for US$300 million crypto theft
Kaspersky Alerts Users on Telegram Premium Phishing Scams
Kaspersky Shares Tips For Minimizing Ransomware Attacks For Companies In Indonesia
Kingpin of Deadly Ransomware Gang Arrested: Extorted Thousands of Crores in Global Cyber Attacks
LockBit developer snared in latest blow for infamous hacker group
Major Biometric Data Farming Operation Uncovered
Medical info of 5.6M compromised in Ascension ransomware attack
New botnet exploits vulnerabilities in NVRs, TP-Link routers
North Korean hacker group behind DMM Bitcoin’s cryptocurrency leak
North Korean hacker group identified in theft of DMM Bitcoin assets
North Korean hacker group identified in theft of Tokyo-based DMM Bitcoin assets
North Korean Hacker Group Stole Assets from DMM Bitcoin
North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin
North Korean hackers steal $308M in crypto posing as LinkedIn recruiters
Over 400K patients exposed in addiction treatment hack
Patient and Employee Data Exposed in June Ascension Cyberattack: New Details Released
Phishing fears as trade in crypto event attendees’ details revealed
Pittsburgh Regional Transit dealing with ransomware attack that slowed light rail system last week
Pittsburgh transit agency victim of ransomware attack
Postman Workspaces Leak 30000 API Keys and Sensitive Tokens
Python Malware in Zebo-0.1.0 and Cometlogger-0.1 Found Stealing User Data
Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts
Singapore: Scam website masquerades as government support scheme portal
Spyware Maker NSO Group Liable for WhatsApp User Hacks
SRP Federal Credit Union reports data breach affecting more than 240,000 people
Texas university suffers breach, thousands affected
U.S. Department of State offering $10M reward for information on Fulton ransomware attack suspect
Urgent New Gmail Security Warning For Billions As Attacks Continue
US and Japan Blame North Korea for $308m Crypto Heist
US charges Russian-Israeli citizen over Lockbit ransomware
Your Business is Exposed on the Dark Web: What to do About it
23rd December
5.6 Million Impacted by Ransomware Attack on Healthcare Giant Ascension
5.6 million patients affected by Ascension Health cyberattack
5.6 Million Patients’ Data Stolen During Ascension’s Ransomware Attack Earlier This Year
10 Phishing Awareness Tips to Keep the Grinches Away
17 Million Patient Records Stolen in Ransomware Attack on Three California Hospitals
$60 Million withdrawn from HyperLiquid on North Korea Hacker Fears
2024: A year of data leaks, espionage, and DDoS attacks
650,000 impacted by RIBridges cyber attack
A new Microsoft 365 phishing service has emerged, so be on your guard
A notorious ransomware group demanded millions from Fulton County. The official in charge refused to pay
About 650,000 people believed impacted by RIBridges data breach
Adobe warns of critical ColdFusion bug with PoC exploit code
AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case
AI-fueled phishing, shadow AI, jailbreaks kept security pros busy in 2024
Alleged LockBit Mastermind Rostislav Panev Nabbed in Israel
Apache fixes remote code execution bypass in Tomcat web server
Be Careful, Cyber Attack Misinformation Is More Dangerous Than Ransomware Attacks
Beverly.org Data Breach Exposes Sensitive User Information
Black Basta group claims ransomware attack on U.S. vegetables producer Furmano’s
BrownPacking.com Data Breach Exposes Sensitive Information
Can a smartwatch be the target of a cyber attack?
Court finds Pegasus spyware maker NSO Group liable for hacking 1,400 WhatsApp users
Criminal duo charged for $22M rug-pulled NFT schemes like ‘Vault of Gems’
Critical Vulnerabilities Found in WordPress Plugins WPLMS and VibeBP
Crypto investors losing millions to Google impersonators
Cryptomining Malware Found in Popular Open Source Packages
Data breach exposes personal health info at Halton Long Term Care home
Demystifying the CISO: A Guide to Cybersecurity Leadership
Emerging Threats in Healthcare Cybersecurity: Patient Data at Risk
Enterprise Security Architecture: A Quality Management and Resilience Enhancer
Estate agents warned against festive cyber attacks
Evilginx: Open-source man-in-the-middle attack framework
Federal Trade Commission (FTC) orders Marriott and Starwood to implement strict data security
Health Care Data of Almost 1 Million ConnectOnCall User Exposed
Healthcare giant admits over 5 million patients affected by ransomware attack
Healthcare management firm Regional Care said hackers stole the data of 225,000 individuals
How Hackers Are Using Physical Mail for Phishing Scams
How to avoid phishing attempts that spoof shipping companies during holiday season
HyperLiquid faces $96 Million USDC withdrawals amid North Korean hacker concerns
HyperLiquid Experiences Unprecedented USDC Withdrawal Following Hacker Rumors
Information Commissioner’s Office (ICO) Warns of Mobile Phone Festive Privacy Snafu
Inside Operation Destabilise: How a ransomware investigation linked Russian money laundering and street-level drug dealing
Irish Data Protection Commission (DPC) fines Meta €251m over 2018 data breach that affected 3 million EU users
Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations
Justice Department Cracks Down on LockBit Ransomware: Key Developer Arrested in Israel
Kaspersky warns of rising Telegram Premium phishing scams and malware threats
Kiswire.com Data Breach Raises Corporate Security Concerns
Lazarus Group Targets Nuclear Industry with CookiePlus Malware
LockBit Developer Exposed: Ransomware Secrets Rock Cybercrime
LockBit ransomware developer arrested
LockBit Ransomware Developer Arrested in Israel at Request of US
Maximizing the impact of cybercrime intelligence on business resilience
McDonalds delivery customers put at risk by possible data breach
More than 910,000 patients at risk after ConnectOnCall health data breach
Navigating the Cyber Threat Landscape: Lessons Learned & What’s Ahead
New Study Reveals Widening Gap Between Cyber Attack Causes and Public Perception
NFT scammers charged for stealing $22 million through “rug pulls”
North Korean hackers spotted using new tools on employees of 'nuclear-related' organization
Phishing and social engineering account for 70-90% of malicious Data breaches
Phishing campaign targets YouTube creators with fake deals
Phishing fears as trade in crypto event attendees’ details revealed
Phishing Report Findings Call for a Fundamental Shift in Organizational Approaches to Defense
Pittsburgh Regional Transit discloses ransomware attack
Premium WPLMS WordPress plugins address seven critical flaws
Ransomware Attack Exposes Data of 5.6 Million Ascension Patients
Ransomware attack on Rhode Island health system exposes data of hundreds of thousands
Reflections on a Tumultuous 2024: How Cybersecurity and DevSecOps Took Center Stage
Rhode Island data breach impacts hundreds of thousands
Rockstar2FA Collapse Fuels Expansion of FlowerStorm Phishing-as-a-Service
Romanian man sentenced to 20 years in prison in US for ransomware attacks
Russia’s APT29 Launches Major Spear Phishing Campaign
Russia's biggest cyber attack on Ukraine: Justice Ministry starts recovering state registers
Russian-Israeli worked for ‘one of most prolific’ cybercrime groups, per unsealed US charges
Supply Chain Attack Hits Rspack, Vant npm Packages with Monero Miner
Texas hospital shared the healthcare data of over 40,000 patients with a third party vendor
The U.S. Government Charges China-Based Hacker for Exploiting Zero-Day Vulnerability
Top 10 Companies Helping Businesses Battle Evolving Ransomware Threats
Top 10 Cybersecurity Trends to Expect in 2025
Top LockBit developer arrested, awaiting extradition to US
Turmoil Besets Phishing-as-a-Service Toolkit Rockstar 2FA
U.S Intelligence Agencies Launched Cyber Attack on Chinese Tech Companies
U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case
Ukrainian MP made a statement regarding the cyber attack on state registers: The access was from a top-level account
Ukrainian MP suggests hackers used phishing or bribery in state registry cyber attack
UN delegate data allegedly exposed in claimed cyber attack
US charges suspected LockBit ransomware developer
US court finds spyware maker NSO liable for WhatsApp hacks
US cracks down on China for cyber attacks
US healthcare giant Ascension says ransomware attack affected nearly six million customers
US jails NetWalker ransomware affiliate
VESD.net Data Breach Exposes Thousands of Sensitive Records
What open source means for cybersecurity
WhatsApp scores historic victory against NSO Group in long-running spyware hacking case
WilsonSD.org Data Breach Exposes Social Security Numbers
Wood County Commissioners pay $1.5M in ransomware
Wood County pays out $1.5 million to resolve ransomware attack