A data breach. Headlines scream, investors and customers panic, fingers get pointed, and goodwill gets affected.
Do you know how much a data breach can affect a company?
Data breaches have become a constant threat in our ever-connected world, and 2024 has been no different. From tech giants to government agencies, cyberattacks have targeted a vast array of organizations and individuals. This blog delves into the major data breaches that have dominated headlines so far this year, providing insights into the evolving threat landscape and highlighting key security vulnerabilities.
To navigate the specifics of each incident, we’ve compiled a month-by-month breakdown. Want to jump straight to a particular month’s breaches? Click the link below to explore them in detail.
- Top Data Breaches in January 2024
- Top Data Breaches in February 2024
- Top Data Breaches in March 2024
- Top Data Breaches in April 2024
- Top Data Breaches in May 2024
- Top Data Breaches in June 2024
- Top Data Breaches in July 2024
- Top Data Breaches in August 2024
- Top Data Breaches in September 2024
- Top Data Breaches in October 2024
- Top Data Breaches In November 2024
1. Data Breaches in January 2024
Company Name: Hathway
Source: Hack read
Date: 01/08/2024
Indian internet service provider Hathway experienced a data breach that impacted approximately 4 million users. The breach occurred when a hacker exploited a security vulnerability in the hathway content management system, exposing sensitive KYC details such as names, addresses, phone numbers, and email IDs. This incident significantly increases the risk of phishing attacks, identity theft, and financial fraud for those affected. While Hathway is currently investigating the breach, users were advised to change their passwords immediately and closely monitor their accounts for any suspicious activity.
Company Name: Trello
Source: Bleeping Computer
Date: 01/23/2024
A vulnerability in Trello’s API allowed a hacker to match email addresses with public Trello profiles, exposing the email addresses of 15 million users. This exposure potentially puts them at risk of phishing attacks, spam, and identity theft. The exploit originated from a legitimate API function intended for inviting users to boards, but malicious actors were able to manipulate it for their purposes. Although only email addresses were directly leaked, there is potential for these addresses to be combined with other publicly available information, further increasing the risks for affected users.
Company Name: Fortra
Source: The Hacker News
Date: 01/24/2024
A critical vulnerability (CVE-2024-0204) was discovered in Fortra’s GOAnywhere MFT software, a program designed for secure file transfer. This flaw allowed unauthorized users to create administrator accounts, potentially granting them complete control over the system. All versions of GOAnywhere MFT before 7.4.1 were susceptible, leaving organizations vulnerable if they relied on the software for secure data exchange.
Attackers could exploit this vulnerability to access, manipulate, or even delete sensitive information stored or transferred through the system, including financial records, employee data, and confidential documents. The severity of this path traversal vulnerability is reflected in its high score of 9.8 on the CVSS scale, highlighting the urgent need to patch affected systems. Upgrading to GOAnywhere MFT version 7.4.1 is essential to maintain security.
Company Name: Mercedes Benz
Source: Tech Crunch
Date: 01/26/2024
A security lapse at Mercedes-Benz led to the unintentional exposure of a significant amount of internal data. Cybersecurity firm RedHunt Labs discovered a misplaced employee authentication token. This token acted like a master key, granting unrestricted access to the company’s private GitHub repository. This repository housed sensitive information, including the company’s source code, cloud access keys, design documents, and potentially even passwords for accessing various systems.
Fortunately, Mercedes-Benz reacted quickly upon notification. They revoked the token and removed the public repository, effectively plugging the security hole.
Company Name: CoronaLab
Source: Bank Info Security
Date: 01/23/2024
A major data leak exposed the personal information of 1.3 million people in the Netherlands who underwent COVID-1 теста (testa – Russian for “testing”). A medical lab database, believed to be from CoronaLab, was accidentally left unsecured online for two weeks. This exposed sensitive details like names, dates of birth, passport numbers, email addresses, and even test results.
The severity of the leak is amplified by the fact that it remained accessible for an extended period despite attempts by a security researcher to contact CoronaLab. This raises serious concerns about the lab’s data security practices and the potential consequences for those affected. The exposed information could be misused for phishing attacks, identity theft, or even selling personal data on the black market.
Company Name: EquiLend
Source: Bleeping Computer
Date:01/22/2024
EquiLend, a leading fintech company headquartered in New York, fell victim to a cyberattack that breached their systems. The full extent of the breach remains unclear, but EquiLend is working diligently with cybersecurity experts to investigate the attack and restore affected services. This incident raises concerns, particularly following EquiLend’s recent announcement of a private equity firm acquisition. The attack’s timing raises questions about potential disruption to the deal and underscores the escalating threat of cyberattacks on financial institutions. This emphasizes the critical need for robust cybersecurity measures within the financial sector.
Company Name: HP
Source: The Hackers News
Date: 01/25/2024
Hackers believed to be affiliated with the Russian government infiltrated Hewlett Packard Enterprise’s (HPE) cloud email system for a troubling six-month period, potentially stealing data from targeted employees. This intrusion, linked to the APT29 group notorious for the DNC hack, specifically focused on individuals in cybersecurity, sales, and other departments within HPE. While HPE only discovered the breach in December 2023, they suspect it began in May, revealing a concerning gap in their security protocols. This incident is particularly worrisome because it comes just months after another attack by APT29 on HPE’s SharePoint files, highlighting the group’s persistent targeting of the tech giant. The exact nature and potential consequences of the stolen data remain unclear, but this episode underscores the ever-present threat posed by cyberattacks from state-sponsored actors.
2. Data Breaches in February 2024
Company: Resume Looters
Source: Group IB
Date: 02/09/2024
In a large-scale data breach targeting job seekers across Asia-Pacific, a cybercriminal group called “ResumeLooters” infiltrated at least 65 job recruitment and retail websites in late 2023. Their methods involved exploiting vulnerabilities through SQL injection and cross-site scripting techniques. This granted them access to steal a significant amount of personal information, exceeding two million unique email addresses. The stolen data reportedly included names, phone numbers, and potentially even employment histories, making it a treasure trove for malicious actors. Individuals in India, Taiwan, Thailand, and Vietnam were particularly impacted by this breach. With the stolen data reportedly finding its way to Telegram channels, job seekers now face an increased risk of phishing attacks, spam emails, and even identity theft.
Company Name: Atlassian
Source: Cyberscoop
Date: 02/13/2024
A data breach affecting roughly 6,600 individuals connected to the Government Accountability Office (GAO) stemmed from a vulnerability in the popular collaboration tool Atlassian Confluence. The breach originated through GAO’s contractor, CGI Federal, who alerted the agency and identified the compromised software.
Company Name: PlayDapp
Source: Bleeping Computer
Date: 02/13/2024
Popular blockchain gaming platform PlayDapp was rocked by a major security breach in February 2024. Hackers exploited vulnerabilities within the platform, seizing the opportunity to mint a massive 1.79 billion PLA tokens, PlayDapp’s native cryptocurrency. This amounted to over $290 million stolen at the time.
The attack unfolded in two waves. Initially, hackers gained access to a compromised private key, allowing them to create 200 million unauthorized PLA tokens. PlayDapp reacted quickly, alerting their community and taking measures to secure their assets. However, their efforts were thwarted as the attackers returned for a second strike, minting a further 1.59 billion tokens, significantly amplifying the losses.
Company Name: Prudential Financial
Source: SC Media
Date: 02/14/2024
Prudential Financial, a leading insurance and financial services company, revealed a data breach impacting its employees and contractors. Hackers infiltrated their systems and managed to steal employee and contractor data. This information included names, various administrative and user data, and potentially even some user account information. While the exact number of affected individuals remains undisclosed, Prudential assures customers that their data was not compromised in the breach. Furthermore, they emphasize that no financial information was accessed by the hackers.
Company Name: US State Govt.
Source: The Hackers News
Date: 02/16/2024
A U.S. state government agency recently fell victim to a cyberattack that exploited a former employee’s compromised account. The Cybersecurity and Infrastructure Security Agency (CISA) revealed a worrying chain of events. Likely obtained through a prior data breach, hackers gained access to an administrator account belonging to a former employee. These stolen credentials became the key for the attackers.
Using the administrator account, they breached a virtual private network (VPN) and infiltrated the agency’s internal network. Once inside, they didn’t stop there. They used additional stolen credentials found within the network to further escalate their privileges, granting them access to sensitive data like host and user information. This stolen information was then posted on a dark web marketplace, a hub for cybercriminals to trade stolen data.
Company Name: Motilal Oswal
Source: Business Standard
Date: 02/18/2024
Motilal Oswal Financial Services (MOFSL), a prominent Indian brokerage firm, fell victim to a cyberattack orchestrated by the notorious LockBit ransomware gang. The group asserted on the dark web that they had successfully infiltrated MOFSL’s systems, compromising what they referred to as “confidential data” belonging to more than 6 million clients. This breach had the potential to expose a wealth of sensitive information, encompassing names, addresses, contact details, and potentially financial data, thereby posing a substantial risk to the affected individuals’ personal information.
Company Name: LoanDepot
Source: HackRead
Date: 02/26/2024
A major data breach struck LoanDepot, a prominent mortgage lender, exposing the personal information of nearly 17 million customers. Hackers breached their systems and stole a significant amount of sensitive data, including names, birth dates, addresses, phone numbers, email addresses, and even financial account numbers. The most critical detail compromised, however, was Social Security numbers. This breach leaves millions of individuals vulnerable to potential identity theft and financial fraud. The attack’s impact extended beyond stolen data, disrupting LoanDepot’s operations for weeks. Customers were left unable to access their online accounts or make payments during this time.
Company Name: Lurie Children’s Hospital
Source: The Record
Date: 02/27/2024
Lurie Children’s Hospital in Chicago fell victim to a devastating cyberattack, where a ransomware gang launched an assault, encrypting the hospital’s data and demanding a substantial ransom of $3.4 million in Bitcoin. The attack inflicted severe damage on the hospital’s IT infrastructure and phone systems, compelling them to resort to manual procedures to maintain essential patient care services. Amidst the chaos, the attackers threatened to auction off stolen data, believed to contain sensitive patient information, on the dark web, exacerbating concerns about privacy and security breaches.
Company Name: U-Haul
Source: Security Week
Date: 02/27/2024
U-Haul, a trusted name in moving rentals across the US and Canada, recently identified a data breach affecting approximately 67,000 customers. An unauthorized party infiltrated a system used by U-Haul employees to manage customer reservations, gaining access to customer records. This breach highlights the importance of robust cybersecurity measures to protect sensitive customer information. While the breach exposed names, dates of birth, and driver’s license numbers, U-Haul assures customers that no financial data was compromised. They have already notified those affected and are taking steps to strengthen their security measures to prevent similar incidents in the future.
Company Name: Github
Source: ars technica
Date: 02/29/2024
A large-scale attack targeting GitHub, a popular platform for software developers, came to light. Millions of malicious code repositories were snuck onto the platform, disguised to look legitimate. These repositories contained malware designed to steal passwords and cryptocurrency from unsuspecting developers who might download them.
Researchers suspect the attackers used a technique called “typosquatting.” This involves creating repository names with slightly altered spellings of legitimate projects, hoping to trick developers into downloading the malicious code by mistake. While the exact number of compromised repositories remains unknown, estimates suggest the attackers may have impacted over 100,000 repositories.
3. Data Breaches in March 2024
Company Name: American Express
Source: CBS News
Date: 03/06/2024
American Express issued a warning to its cardholders regarding a potential data breach stemming from a security incident at a third-party payment processor widely utilized by numerous merchants. The breach, although not affecting American Express’ internal systems, may have compromised certain cardholders’ details, such as card numbers, names, and expiration dates. American Express promptly initiated notifications to inform affected customers and reassured them that they would not be held accountable for unauthorized transactions arising from the breach.
As an additional safeguard, the company advised cardholders to vigilantly monitor their account statements for any signs of suspicious activity.
Company Name: Fidelity
Source: Security Week
Date: 03/07/2024
A data breach at Fidelity Investments exposed the personal information of over 28,000 customers. The source of the problem was a cyberattack in late October 2023 that targeted Infosys McCamish Systems, a third-party vendor used by Fidelity. This unauthorized access may have compromised sensitive customer data, including names, Social Security numbers, and even financial account details. While Fidelity is working with Infosys to investigate the attack, they are offering two years of free credit monitoring to affected customers to help mitigate any potential risks.
Company Name: IMF
Source: Reuters
Date: 03/16/2024
In February 2024, the International Monetary Fund (IMF) identified a cyberattack that compromised eleven of their email accounts. The attackers and their motives are still under investigation. Fortunately, the IMF was able to secure the compromised accounts quickly and hasn’t found any evidence of a wider breach.
This incident serves as a reminder of how vulnerable email systems can be to cyberattacks, particularly phishing scams where hackers try to trick employees into revealing login credentials. To prevent similar incidents in the future, organizations like the IMF can implement multi-factor authentication and provide regular training to employees on cybersecurity best practices.
Company Name: Fujitsu
Source: Bleeping Computer
Date: 03/17/2024
Tech giant Fujitsu was hit by a data breach after malware was discovered lurking within their internal systems. This malware raised concerns of unauthorized access to customer information. Fujitsu is currently investigating the incident to determine the extent of the breach and assess if any customer data was compromised.While they haven’t identified any misuse of data yet, the company has taken precautionary measures. They disconnected the affected systems and are notifying potentially impacted customers to stay ahead of any potential issues.
Company Name: Mintlify
Source: Tech Crunch
Date: 03/19/2024
A Data breach hit documentation startup Mintlify in early March. A vulnerability in their system was exploited, granting unauthorized access and exposing a critical piece of information for 91 customers: their private GitHub tokens. These tokens function like digital keys, allowing Mintlify to access customer code repositories for documentation purposes. However, in the wrong hands, these tokens could be disastrous. If stolen by attackers, they could potentially be used to access the very same code repositories themselves. Mintlify has taken swift action, revoking all compromised tokens. They are also collaborating with GitHub to determine if any of the exposed tokens were misused by unauthorized parties.
Company Name: Apple
Source: The Register
Date: 03/27/2024
Apple device owners were targeted by a sophisticated phishing campaign, where attackers inundated users with a relentless stream of counterfeit password reset requests. This strategy, known as a “multi-factor fatigue attack,” aimed to exploit user exhaustion, coercing them into unwittingly granting access. The attackers sought to circumvent Apple’s robust security measures by bombarding users with persistent notifications, strategically timing their prompts to exploit moments of frustration when users might hastily tap “allow.”
The campaign’s intricacy was underscored by additional tactics, such as fraudulent calls impersonating Apple support staff, intensifying pressure on victims to disclose sensitive information.
Company Name: Harvard Pilgrim Health Network
Source: The Record
Date: 03/28/2024
Harvard Pilgrim Health Network revealed an alarming update to a data breach they first announced last spring. The number of people impacted has grown by 12%, reaching nearly 2.9 million individuals. Hackers infiltrated Harvard Pilgrim’s systems for over two weeks, potentially exposing personal data and protected health information of members, dependents, and providers. The investigation into the breach is ongoing, but Harvard Pilgrim is already offering credit monitoring and identity protection services to those affected.
4. Data Breaches in April 2024
Company Name: OWASP
Source: Bleeping Computer
Date: 04/02/2024
The Open Web Application Security Project (OWASP) discovered a misconfiguration issue on an old wiki server. This resulted in the unintended exposure of member resumes from the 2006-2014 era. While OWASP clarifies this wasn’t a traditional security breach, it acknowledges the sensitive nature of the information. Resumes likely contained names, email addresses, and phone numbers, potentially putting those members at risk.
Recognizing the seriousness of the situation, OWASP is taking steps to strengthen security measures and remove any exposed information from the server. They are also contacting affected members to inform them about the incident.
Company Name: PandaBuy
Source: Cyber News
Date: 04/02/2024
A security breach at PandaBuy jeopardized the personal data of over 1.3 million users. Hackers exploited vulnerabilities within the platform, enabling them to illicitly access sensitive information including names, email addresses, phone numbers, and even purchase histories. Despite widespread concerns, PandaBuy has yet to issue an official statement addressing the breach, prompting speculation that they may be minimizing the gravity of the situation.
Company Name: Prudential Insurance
Source: CPO
Date: 04/02/2024
In February 2024, Prudential Insurance suffered a data breach compromising the personal information of over 36,000 individuals. Hackers infiltrated the system, potentially exposing details like names, addresses, and even driver’s license numbers. While the full scope of the breach is still under investigation, this incident highlights the vital importance of strong cybersecurity practices within the financial industry.
Company Name: Fortinet
Source: The Hacker News
Date: 04/18/2024
A critical vulnerability (CVE-2023-48788) in Fortinet’s FortiClient EMS devices exploited by attackers. This security breach allows them to remotely infiltrate systems and install malicious tools. Hackers can leverage tools like ScreenConnect for direct access to user desktops and even Metasploit to launch further attacks within the network. Organizations using Fortinet devices are urged to patch their systems immediately to mitigate this risk.
Company Name: WordPress
Source: Bleeping Computer
Date: 04/23/2024
Beware of crypto-stealing scams! Thousands of WordPress sites are infected with “crypto drainers,” malicious code that lurks within seemingly normal pop-ups. Initially spread through malvertising (fake ads containing malware), these scams have evolved. Now, compromised websites display fake offers like NFT deals or discounts. Clicking to connect your crypto wallet is the trap – your funds vanish instantly. To stay safe, update WordPress and plugins regularly to minimize the risk of infection.
Company Name: Discord
Source: Hack Read
Date: 04/09/2024
A privacy Data breach for Discord users! Millions of messages, potentially containing personal information, are reportedly leaked and now for sale on a website called Spy.pet. This data breach exposes public messages from hundreds of millions of users, raising concerns about the security of supposedly “public” information on Discord. While the legality of this website is unclear, Discord is investigating the matter. This incident serves as a reminder for users to be cautious about what they share online, even on public platforms.
5. Data Breaches in May 2024
Company Name: Cencore
Source: Fierce Pharma
Date: 05/28/2024
A significant data breach at Cencora, a leading pharmaceutical company, has compromised sensitive patient information. This breach affects patients participating in assistance programs offered by more than a dozen drug companies, raising serious concerns about the security of personal health data. Leaked data reportedly includes names, addresses, birthdates, diagnoses, and medication details, raising concerns about potential identity theft and misuse of private medical information. While Cencora assures there’s no evidence of data exploitation yet, they are offering credit monitoring and fraud detection services to potentially impacted individuals. This incident underscores the critical need for robust data security measures within the pharmaceutical industry to safeguard patient privacy.
Company Name: BBC
Source: The Guardian
Date: 05/29/2024
A data breach at BBC compromised the personal information of over 25,000 current and former employees. Hackers successfully breached a cloud storage service, gaining unauthorized access to data related to the employee pension scheme. This exposed sensitive information such as names, dates of birth, home addresses, and national insurance numbers. The BBC assures those affected that financial information, passwords, and health data were not leaked. They are currently investigating the cause of the breach and taking steps to strengthen their security measures.
Company Name: Shell
Source: The Cyber Express
Date: 05/29/2024
A hacker group called “888” claimed responsibility for a data breach impacting Shell customers. This breach potentially affects around 80,000 individuals across various countries, including India. The hackers have leaked sample data on a forum, which includes names, emails, phone numbers, and transaction history, possibly linked to Shell’s partnership with Reddy Express gas stations in Australia. Shell has not yet confirmed the breach. If true, this incident could compromise customer privacy, necessitating increased caution about potential scams.
Company Name: Ticketmaster
Source: Washington Times
Date: 05/29/2024
Ticketmaster, a major player in ticketing services, encountered a significant data breach that potentially affected millions of customers. A hacker group claimed responsibility for stealing a vast trove of personal information, encompassing names, addresses, phone numbers, and potentially some payment details, impacting up to 560 million users. If validated, this breach poses serious risks, exposing user data to various threats such as phishing schemes, identity theft, or illicit sale on the dark web. While Ticketmaster has not yet verified the breach, authorities have initiated investigations into the matter.
This incident serves as a stark reminder of the critical need for vigilance, urging customers to exercise caution regarding any suspicious communications pertaining to their Ticketmaster accounts.
6. Data Breaches in June 2024
Company: Evolve
Source: The Print
Date: 06/27/2024
Evolve Bank in Arkansas faced a serious situation after cybercriminals infiltrated their systems. Hackers accessed a significant amount of customer data, including sensitive information like names, Social Security numbers, dates of birth, and even account details. This stolen data may now be circulating on the dark web, a shadowy corner of the internet used for illegal activities. While Evolve claims to have contained the attack and secured their systems, the compromised data puts customers at a heightened risk of identity theft and financial fraud.
Company Name: BSNL
Source: Business Standard
Date: 06/26/2024
Indian telecom giant BSNL suffered another data breach, marking its second in just six months. This latest breach resulted in the exposure of a massive 278GB of user information, sparking profound worries regarding customer privacy. The compromised data reportedly included sensitive details such as phone numbers and internal server information. This trove of information presented significant risks, potentially enabling malicious actors to engage in activities like SIM cloning. Such exploits could facilitate impersonation of legitimate users and potentially grant unauthorized access to accounts or financial data.
The recurrence of these breaches highlights the critical imperative for BSNL to enhance its cybersecurity protocols and prioritize robust measures for safeguarding user data.
Company Name: Snowflake
Source: CRN
Date: 06/25/2024
Luxury retailer Neiman Marcus recently confirmed a data breach affecting over 64,000 customers. This incident is part of a wider trend targeting Snowflake, a popular cloud data storage platform. Hackers infiltrated the system, gaining access to customer details like names, contact information, birthdays, and gift card numbers. Thankfully, PINs seem secure. However, this breach underscores the growing problem of cyberattacks on cloud-based systems and the critical need for companies to prioritize robust data security measures to protect their customers’ information.
Company Name: FBCS
Source: Fox News
Date: 06/25/2024
A significant data breach compromised the personal information of millions of Americans, affecting over 3 million individuals. The exposed data included highly sensitive details such as names, Social Security numbers, birth dates, and even driver’s licenses or IDs. This breach posed a severe threat, exposing victims to heightened risks of identity theft and financial fraud.
Criticism was directed at the company responsible, FBCS, for their delayed notification of the breach, which raised substantial concerns regarding their data security protocols. This incident underscored the pressing necessity for more stringent regulations to safeguard consumer information effectively.
Company Name: TeamViewer
Source: The Hacker News
Date: 06/28/2024
TeamViewer, a popular remote access software provider, experienced a security incident in June 2024. Here’s the key takeaway: while their core product and customer data remain secure, an internal system breach occurred. Hackers infiltrated a compromised employee account, potentially accessing internal information like employee names, contact details, and even encrypted passwords. TeamViewer has taken steps to contain the breach and is working on improving their security measures to prevent similar incidents in the future.
Company Name: Levis
Source: Cyber Security News
Date: 06/24/2024
A data breach in Levi’s exposed the information of over 72,000 customers at Levi Strauss & Co. Hackers infiltrated the system, exploiting a security weakness. While the exact details of the exposed data are unclear, it likely included names and some personal identifiers. Levi Strauss & Co. notified affected customers, but many are questioning the lack of identity theft protection services offered. This incident highlights the importance of companies having robust cybersecurity measures in place to prevent breaches and offering comprehensive support to customers whose information is compromised.
7. Data Breaches in July 2024
Company Name: Sharp Corp
Source: Nippon
Date: 07/30/2024
Sharp Corp. confirmed a data breach affecting over 100,000 customers. Unauthorized access to its Cocoro Store and Healsio Deli platforms exposed personal information, including potential credit card details. Approximately 203 customers who placed orders between June 23-30 had their data compromised. Additionally, around 26,000 users may have been infected with malware between July 19-22, risking credit card theft. The incident also impacted 75,000 visitors to the Cocoro Store during the same period. Sharp suspended both websites on July 22 and is advising users to scan for malware and change passwords.
Data Leaked: XDSpy Targets Russia
Source: The Record
Date: 07/30/2024
The cyberespionage group XDSpy has launched a new attack campaign targeting entities in Russia and Moldova. Suspected to be state-sponsored, the group employed phishing emails containing malicious attachments to infiltrate a Russian tech company and an organization in Transnistria. These emails delivered a seemingly legitimate executable file, enabling covert malware execution.
Russian cybersecurity firm F.A.C.C.T. uncovered the attacks, identifying a previously unknown malware tool dubbed XDSpy.DSDownloader. The extent of data exfiltration remains under investigation.
Data Leaked: ServiceNow
Source: CSO
Date: 07/30/2024
Multiple critical vulnerabilities (CVE-2024-4879, CVE-2024-5217, CVE-2024-5178) within the ServiceNow IT service management platform have been actively exploited by threat actors. Over 105 organizations, including government entities and critical infrastructure providers, have fallen victim to these attacks, suffering significant data breaches.
The vulnerabilities enable unauthenticated attackers to execute malicious code, resulting in data exfiltration. Stolen data, including credentials and sensitive information, is being trafficked on the dark web. This incident underscores the critical importance of robust patch management and comprehensive security measures to protect against such cyberattacks.
Company Name: Wazirx
Source: The Register
Date: 07/19/2024
Indian cryptocurrency exchange WazirX has reported a substantial security breach leading to the loss of over $230 million in digital assets. The theft involved the exploitation of a vulnerability in the exchange’s multi-signature wallet system, circumventing multiple security protocols.
Investigations point to a North Korean cybercrime group as the likely perpetrator. Known for targeting cryptocurrency exchanges to finance illicit operations, the group has been identified by blockchain analysis firms tracking the movement of stolen funds and subsequent money laundering attempts.
This incident underscores the persistent security challenges within the cryptocurrency ecosystem. Robust security measures, including sophisticated wallet protection and stringent Anti-Money Laundering (AML) compliance, are imperative to safeguard digital assets from such attacks.
Data Leaked: S-400 Secrets Leaked in Cyberattack
Source: Indian Sentinels
Date: 07/31/2024
A significant data breach compromising sensitive details of India’s S-400 missile defense system has triggered national security concerns. The leaked data, originating from hacked emails of Russian military officials, exposes the specific configuration of the advanced weapon system procured from Russia.
The Ukrainian cyber group CyberResistance, in conjunction with the intelligence collective InformNapalm, has publicly released the compromised information under the moniker “BaumankaLeaks.” Indian defense and intelligence agencies are actively evaluating the potential ramifications of this breach and implementing countermeasures to mitigate risks.
8. Data Breaches in August 2024
Company Name: Park N Fly
Source: Global News
Date: 08/6/2024
A significant data breach has impacted Park ‘N Fly, a popular parking service provider. The incident compromised the personal information of approximately one million customers. Sensitive data such as names, addresses, credit card details, and reservation information may have been exposed.
Park ‘N Fly is currently investigating the matter and taking steps to mitigate any potential harm to affected customers. They have advised customers to monitor their accounts for any suspicious activity and report any unusual transactions immediately.
Company Name: Oracle NetSuite
Source: Dark Reading
Date: 08/16/2024
Thousands of online stores powered by Oracle NetSuite’s e-commerce platform have been identified as potentially vulnerable to a security flaw that could expose sensitive customer data. The vulnerability allows attackers to access and steal information such as names, addresses, credit card details, and order history.
Oracle has acknowledged the issue and is working on a patch to address the vulnerability. Businesses using NetSuite are advised to apply the patch as soon as it becomes available to protect their customers’ data. In the meantime, they should take temporary measures to mitigate the risk, such as limiting access to sensitive data and monitoring for any suspicious activity.
Company Name: AMD
Source: The Register
Date: 08/26/2024
Reports suggest that sensitive internal data from Advanced Micro Devices (AMD) has been made available on the dark web. The leaked information is believed to include confidential documents, employee details, and possibly proprietary business information.
AMD is currently investigating the matter and has not confirmed the authenticity of the leaked data. Security experts warn that the exposure of such sensitive information could pose significant risks to the company, including intellectual property theft and potential financial losses.
Data Leaked: National Public Data (NPD)
Source: CNET
Date: 08/21/2024
A massive cyberattack has targeted the National Public Data (NPD) system, resulting in a massive data breach that has compromised the personal information of millions of individuals. Sensitive data, including Social Security numbers, addresses, birth dates, and financial details, may have been exposed.
The NPD is currently investigating the incident and working to assess the full extent of the breach. Authorities are urging affected individuals to be vigilant for signs of identity theft and take steps to protect their personal information.
Data Leaked: Toyota
Source: Digit.in
Date: 08/21/2024
Toyota has acknowledged a significant data breach that resulted in the exposure of approximately 240GB of customer information. The leaked data may include personal details such as names, addresses, contact information, and potentially sensitive financial data.
The automaker is currently investigating the incident and taking steps to mitigate any potential harm to affected customers. Toyota has advised customers to be vigilant for any suspicious activity and report any unusual transactions immediately.
Data Leaked: USAA
Source: JDSUPRA
Date: 08/21/2024
A recent data breach at USAA has affected the personal information of over 32,000 consumers. The incident involved the unauthorized access of customer data, including names, addresses, Social Security numbers, and account information.
USAA is currently investigating the matter and has notified affected individuals. They are advising customers to monitor their accounts for any suspicious activity and report any unusual transactions immediately.
Data Leaked: Alabama Cardiovascular Group
Source: Tech Target
Date: 08/20/2024
A healthcare data breach has occurred at the Alabama Cardiovascular Group, potentially exposing sensitive patient information. The incident may have compromised data such as names, addresses, Social Security numbers, medical records, and financial details.
The healthcare provider is currently investigating the matter and taking steps to mitigate any potential harm to affected patients. They have advised patients to monitor their accounts for any suspicious activity and report any unusual transactions immediately.
Data Leaked: Durex
Source: The 420
Date: 08/20/2024
A significant data breach has impacted Durex India, leading to the exposure of thousands of customers’ personal and intimate details. The leaked information may include names, addresses, contact details, and purchase history, potentially revealing sensitive preferences and habits.
Durex India is currently investigating the incident and taking steps to mitigate any potential harm to affected customers. They have advised customers to be vigilant for signs of identity theft and report any suspicious activity immediately.
9. Data Breaches in September 2024
Company Name: Microchip Technology
Source: Security Week
Date: 09/05/2024
Microchip Technology, a leading semiconductor company, has confirmed a ransomware attack that resulted in the theft of personal information belonging to some of its employees and customers. The company has disclosed that sensitive information, such as names, addresses, Social Security numbers, and financial data, may have been compromised. While the full extent of the data breach is still under investigation, Microchip is working diligently to assess the situation and notify affected individuals.
Company Name: Avis
Source: Bleeping Computer
Date: 09/06/2024
The news about a data breach at Avis Budget Group, a car rental giant, has revealed that the personal information of over 299,000 customers was compromised. The breach involved unauthorized access to a third-party cloud-based application used by Avis Budget Group. The exposed data included names, addresses, email addresses, phone numbers, dates of birth, driver’s license numbers, and partial credit card numbers.
Company Name: MC2
Source: IT Pro
Date: 09/24/2024
The MC2 Data breach exposed the personal information of approximately 100 million Americans. This massive data leak compromised sensitive data such as names, addresses, Social Security numbers, dates of birth, and financial information. The breach is believed to have occurred through a compromised third-party vendor, highlighting the vulnerabilities in supply chains and the potential for widespread data exposure even when security measures are in place.
Data Breach: Transportation Industry
Source: Security Company
Date: 09/25/2024
The transportation industry has been facing a wave of cyberattacks in recent times. These attacks have specifically targeted transportation companies, exploiting vulnerabilities in their systems to gain unauthorized access and steal sensitive data. Two malicious tools, Lumma Stealer and NetSupport malware, have been employed in these attacks. Lumma Stealer is designed to steal credentials and other sensitive information, while NetSupport malware is used to remotely control compromised systems.
Company Name: Elite Care
Source: Tech Target
Date: 09/24/2024
A healthcare data breach has compromised the security of patient data at Elitecare Emergency Hospital. This incident involves the unauthorized access and potential exposure of sensitive patient information. While the exact details of the breach are still under investigation, it is likely that sensitive patient data, such as medical records, insurance information, and personal contact details, may have been compromised.
The hospital is currently conducting a thorough investigation to determine the extent of the breach and the specific data that may have been affected. Patients who believe they may be impacted by the breach are advised to monitor their accounts for any suspicious activity and to contact the hospital directly for more information.
Company Name: Disney
Source: CNBC
Date: 09/19/2024
Disney’s Slack data breach involves the unauthorized access and potential exposure of sensitive information through a compromised Slack workspace. Slack is a popular communication and collaboration platform used by businesses, including Disney. While the specific details of the breach are still under investigation, it is likely that the compromised data may include internal company documents, employee information, customer data, and other sensitive materials.
10. Data Breaches in October 2024
Company Name: Fidelity’s
Date: October 10/11/2024
Source: Dark Reading
In a recent security incident, Fidelity Investments, a major financial services firm, disclosed a data breach affecting approximately 77,000 customers. The breach resulted from unauthorized access to a limited set of customer information, including names, addresses, Social Security numbers, and account numbers.
Fidelity detected the breach in August 2023 and promptly initiated an investigation to determine the extent of the compromise. The company has taken steps to secure its systems and is working closely with law enforcement to identify the perpetrators.
Affected customers have been notified individually and are being offered identity theft protection services. Fidelity encourages customers to remain vigilant and monitor their accounts for any unusual activity.
Company Name: Cisco
Date: October 10/15/2024
Source: CSO
In a recent cyberattack, Cisco, a major technology company, reportedly suffered a data breach that may have compromised sensitive information belonging to several high-profile organizations. The incident is believed to have exposed developer data from Microsoft, Barclays, and SAP.
While Cisco has yet to officially confirm the breach, reports suggest that hackers may have gained access to a repository containing private keys, tokens, and other confidential credentials. If verified, this breach could have far-reaching consequences, potentially leading to unauthorized access and data theft for the affected companies.
As investigations continue, it is crucial for organizations to remain vigilant and implement robust security measures to protect their sensitive data.
Company: The Internet Archive
Date: 10/21/2024
Source: Hack Read
The Internet Archive, a non-profit digital library, suffered a rough October with not one, but two security breaches.
The first attack, on October 9th, exposed usernames, email addresses, and password hashes of 31 million users. This coincided with a DDoS attack that took down the website.
Adding insult to injury, a second breach occurred on October 20th. Hackers exploited outdated access tokens to gain access to the Archive’s Zendesk support platform. This potentially exposed thousands of support tickets containing user data, dating back to 2018.
These incidents raise concerns about the Archive’s security practices and the potential impact on user privacy.
Company Name: Opera
Date: October 10/30/2024
Source: Dark Reading
A recent CrossBarking attack has exposed vulnerabilities in the Opera browser, specifically targeting its secret APIs. This attack allows malicious extensions to access sensitive user data, including browsing history and personal information. The exploit takes advantage of the way Opera handles API requests, enabling attackers to bypass security measures by injecting harmful code through seemingly legitimate extensions.
Opera has acknowledged the issue and is working on patches to enhance security measures against such attacks.
Company: HeptaX
Date: October 10/28/2024
Source: The Cyber Express
The HeptaX cyberespionage campaign, exposed through unauthorized Remote Desktop Protocol (RDP) connections, highlights a sophisticated threat actor leveraging compromised systems to gain unauthorized access to sensitive networks. The campaign involved the exploitation of vulnerable systems, often with weak or default credentials, to establish persistent backdoors. Once inside, the attackers deployed a range of tools and techniques, including custom malware, to steal sensitive information, conduct reconnaissance, and maintain persistent access. The widespread impact of this campaign underscores the critical importance of robust security measures, such as strong password policies, regular security updates, and network segmentation, to protect against such advanced threats.
Company Name: EigenLayer
Date: October 10/07/2024
Source: The Cyber Express
In late October 2024, EigenLayer, an Ethereum-based protocol, experienced a significant security breach resulting in the theft of approximately $5.7 million worth of EIGEN tokens.
The incident stemmed from a phishing attack targeting one of Eigen Labs’ investors. The attacker, posing as a custodian, tricked an employee into approving a transaction that drained a wallet containing the stolen funds. The stolen EIGEN tokens were subsequently swapped for stablecoins and transferred to centralized exchanges.
EigenLayer, along with law enforcement and blockchain security firms, took swift action to investigate the incident and freeze a portion of the stolen funds. While the exact vulnerabilities exploited by the attacker remain undisclosed, the incident highlights the ongoing challenges in securing decentralized finance (DeFi) protocols and underscores the importance of robust security measures.
11. Data Breaches in November 2024
Company Name: Ford
Date: 11/21/2024
Source: izoologic
Ford is actively investigating an alleged security breach involving the leak of sensitive data reportedly affecting up to 44,000 customer records. Cybercriminals associated with the forum BreachForums—specifically a group called IntelBroker and EnergyWeaponUser—claimed responsibility for releasing the data, which includes customer names, addresses, and purchase details. The data was made available for free, potentially as an effort to damage Ford’s reputation, rather than for financial gain.
While Ford has yet to confirm the breach’s scope, they emphasize that no direct compromise of their systems or customer data has been verified. The company is examining whether a third-party supplier might be involved in the incident. This leak raises significant concerns, as the exposed information could be used for identity theft or social engineering attacks, prompting security experts to advise vigilance among potentially affected customers.
Company Name: Starbucks
Date: 11/26/2024
Source: Cyber Security News
Starbucks experienced significant operational disruptions due to a ransomware attack targeting its third-party software supplier, Blue Yonder. This Arizona-based provider, crucial for Starbucks’ employee scheduling and payment systems, faced a cyber intrusion, causing widespread service outages. As a result, Starbucks had to shift to manual processes for managing barista schedules and ensuring payroll continuity. The attack also impacted other retailers relying on Blue Yonder’s supply chain software. Starbucks is collaborating with cybersecurity firm CrowdStrike to mitigate the situation and enhance future defenses.
Company Name: Finastra
Date: 11/19/2024
Source: Krebs on Security
Finastra, a global leader in fintech solutions, is currently investigating a significant data breach that has affected its internal systems. The breach is believed to have impacted their secure file transfer platform (SFTP), which is used for handling sensitive data transfers across their network. The incident, reported on November 19, 2024, prompted the company to launch an internal investigation, though further details about the scope of the breach remain unclear.
The hacker responsible for the attack has claimed responsibility, adding a layer of complexity to the situation. This breach could have serious implications for Finastra’s clients, as the platform in question handles a variety of financial and transactional data. However, the company has assured that they are working closely with cybersecurity experts and law enforcement to understand the breach’s full impact and implement measures to prevent further unauthorized access.
While the investigation continues, Finastra has yet to disclose specific details regarding the number of affected individuals or organizations, or whether any financial data has been exposed. As of now, they are focusing on securing their infrastructure and ensuring that such an incident does not recur in the future.
Company Name: Amazon
Date: 11/12/2024
Source: The Register
Amazon has confirmed that employee data was exposed as part of a larger data breach linked to the MOVEit vulnerability from May 2023. The breach involved a third-party vendor providing property management services to Amazon, not Amazon’s internal systems or AWS infrastructure. While Amazon’s systems remained secure, data compromised in this breach included employee work contact information, such as email addresses, desk phone numbers, and building locations.
The incident is connected to a broader breach of the MOVEit Transfer software, which was targeted by the Cl0p hacking group exploiting a zero-day SQL injection vulnerability. This breach impacted multiple organizations, with the hacker, operating under the alias ‘Nam3L3ss,’ claiming to have leaked millions of records, including data from Amazon and other major tech companies like HP and Lenovo.
Although the exact number of Amazon employees affected has not been disclosed, the breach highlights the risks posed by third-party vendors and their associated supply chains. Amazon has emphasized that the exposed data was limited and did not affect its core systems.
Company Name: Star Health
Date: 11/3/2024
Source: The 420
The data breach involving Star Health Insurance has raised significant concerns, with claims pointing to a breach that compromised the personal and sensitive data of over 31 million customers. The breach was allegedly executed by a hacker named xenZen, who has put the stolen data up for sale online, claiming to have purchased it from Star Health’s Chief Information Security Officer (CISO), Amarjeet Khanuja.
According to the hacker, the transaction involved the sale of the data for $43,000, which was allegedly arranged via encrypted communication. The hacker even released details about the transaction, including alleged screenshots of interactions between them and Khanuja. The stolen data includes sensitive information such as PAN and Aadhaar numbers, medical records, and insurance claim details, which are now being sold in bulk or in smaller packages.
Star Health, on its part, has denied these allegations, asserting that the breach was a malicious cyberattack and not an insider leak. The company has filed a lawsuit against the hacker and platforms like Telegram, which were used to facilitate the leak. The firm is also conducting an internal investigation with the help of cybersecurity experts and collaborating with authorities.
The breach not only impacted individual policyholders but also raised concerns over the integrity of data protection measures at major institutions. While Star Health maintains that its services are unaffected, the incident highlights the growing risks associated with cybersecurity vulnerabilities within the health insurance sector.
Final words
Companies of all sizes were affected by this incident, underscoring the urgent need for robust cybersecurity measures. Don’t become tomorrow’s headline! Strobes offers expert VAPT, red teaming, and other offensive security services to uncover vulnerabilities before malicious actors can exploit them. Take control of your cybersecurity posture and empower your business with Strobes. Contact us today!
Source