Category: The Week in Breach

Categories
The Week in Breach

The Week in Breach: 28/04/21 – 04/05/21

It’s a very public-sector-oriented Week in Breach.

Ransomware woes have made a home in five North American locales (complete with a new gang on the scene) and trouble rained on everyone’s parade at Swiss Cloud.
  United Kingdom – Merseyrail  Exploit: Ransomware
Merseyrail: Train Operator  >> Read full details on our blog  
  United States – Metropolitan Police Department of the District of Columbia  Exploit: Ransomware
Metropolitan Police Department of the District of Columbia: Law Enforcement Agency  >> Read full details on our blog  
  United States – Illinois Office of the Attorney General  Exploit: Ransomware
Illinois Office of the Attorney General: State Government Agency   >> Read full details on our blog  
  United States – Pennsylvania Department of Health  Exploit: Third-Party Data Breach
Pennsylvania Department of Health: State Government Agency  >> Read full details on our blog  
  United States – Wyoming Department of Health   Exploit: Unsecured Data
Wyoming Department of Health: State Government Agency  >> Read full details on our blog  
  Canada – The Resort Municipality of Whistler  Exploit: Ransomware
The Resort Municipality of Whistler: Municipal Government  >> Read full details on our blog  
  Switzerland – Swiss Cloud  Exploit: Ransomware
Swiss Cloud: Cloud Hosting Provider  >> Read full details on our blog  
  Australia – UnitingCare Queensland  Exploit: Hacking
UnitingCare Queensland: Healthcare Support Services  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 21/04/21 – 27/04/21

Ransomware is a rising tide, setting new records in the UK, hitting Apple supplier Quanta, raining on airlines’ parades by taking down Radixx and flooding businesses with risk worldwide.

  United Kingdom – University of Portsmouth Exploit: Ransomware
University of Portsmouth: Institution of Higher Learning  >> Read full details on our blog  
  United States – Manhunt Exploit: Hacking
Manhunt: Dating App  >> Read full details on our blog  
  United States – Eversource Energy Exploit: Unsecured Database
Eversource Energy: Power Company  >> Read full details on our blog  
  United States – Radixx Exploit: Malware
Radixx: Software Company  >> Read full details on our blog  
  United States – Gyrodata Exploit: Ransomware
Gyrodata: Mining Technology  >> Read full details on our blog  
  France – Laurent Perrier Exploit: Ransomware
Laurent Perrier: Champagne Maker  >> Read full details on our blog  
  Australia – ClickStudios Exploit: Hacking
ClickStudios: Password Security Software Company  >> Read full details on our blog  
  Taiwan – Quanta Exploit: Ransomware
Quanta: Technology Manufacturing  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 14/04/21 – 21/04/21

This week has it all! Codecov discloses a doozy of a breach & ransomware wins at casinos in Tazmania
  United Kingdom – Castle School Education Trust  Exploit: Ransomware
Castle School Education Trust: School System   >> Read full details on our blog  
  United States – LogicGate  Exploit: Hacking
LogicGate: Software Company  >> Read full details on our blog  
  United States – Codecov Exploit: Third Party Data Breach
Codecov: Software and Cloud Developer  >> Read full details on our blog  
  Canada – The Regional Municipality of Durham Exploit: Third-Party Breach (Ransomware)
The Regional Municipality of Durham: Regional Government Services Entity  >> Read full details on our blog  
  Ireland – Matthew Clark Bibendum (MCB) Exploit: Ransomware
Matthew Clark Bibendum (MCB): Beverage Distributor  >> Read full details on our blog  
  Australia – Federal Group Exploit: Ransomware
Federal Group: Casino Operator  >> Read full details on our blog  
  Australia – Spotless Exploit: Ransomware
Spotless: Hospitality Services  >> Read full details on our blog  
  India – Bizongo Exploit: Hacking
Bizongo: Packaging Manufacturer  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 07/04/21 – 13/04/21

Cybercriminals leak the PII of millions of professionals in a new LinkedIn breach & an unwelcome visit by nation-state hackers exposes data at BlueCross BlueShield DC.
  Ireland – National College of Ireland Exploit: Ransomware
National College of Ireland: Institution of Higher Learning  >> Read full details on our blog  
  United States – CareFirst BlueCross BlueShield Community Health Plan District of Columbia (CHPDC)  Exploit: Nation-State Hacking
CareFirst BlueCross BlueShield’s Community Health Plan District of Columbia (CHPDC): Insurer >> Read full details on our blog  
  United States – Office Depot  Exploit: Unsecured Database
Office Depot: Business Supply Retailer  >> Read full details on our blog  
  United States – LinkedIn Exploit: Hacking
LinkedIn: Social Media Network   >> Read full details on our blog  
  United States – Personal Touch Holding Corp. (PTHC) Exploit: Hacking
Personal Touch Holding Corp. (PTHC): Home Healthcare Provider  >> Read full details on our blog  
  France – Pierre Fabre Exploit: Ransomware
Pierre Fabre: Pharmaceutical & Cosmetics Maker  >> Read full details on our blog  
  India – Upstox Exploit: Hacking
Upstox: Stock Trading App  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 31/03/21 – 06/04/21

A massive Facebook leak exposes personal data for millions in the US and India, the Clop ransomware gang had a very good week (and US universities had a very bad week).
  United States – Facebook Exploit: Hacking
Facebook: Social Media Company  >> Read full details on our blog  
  United States – The New York Foundling Exploit: Unsecured Database
The New York Foundling: Children’s Charity  >> Read full details on our blog  
  United States – University of Maryland Baltimore (UMB)  Exploit: Ransomware
University of Maryland Baltimore: Institution of Higher Learning  >> Read full details on our blog  
  United States – 200 Networks LLC Exploit: Ransomware
200 Networks LLC: Call Center Operatr >> Read full details on our blog  
  The Netherlands – Royal Dutch Shell Exploit: Ransomware
Royal Dutch Shell: Oil Company  >> Read full details on our blog  
  France – Asteelflash Exploit: Ransomware
Asteelflash: Electronics Manufacturer  >> Read full details on our blog  
   Italy – Boggi Milano Menswear Exploit: Ransomware
Boggi Milano Menswear: Luxury Fashion Retailer  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 24/03/21 – 30/03/21

 Hobby Lobby’s mistakes pack a high cost, Australia’s Channel 9 News gets knocked off the air by a cyberattack and production at Sierra Wireless gets held up by ransomware.
  United Kingdom – University of Northampton Exploit: Hacking
University of Northampton: Institution of Higher Learning  >> Read full details on our blog  
  United Kingdom – Fat Face Exploit: Malware
Fat Face: Clothing Retailer  >> Read full details on our blog  
  United States – Hobby Lobby Exploit: Misconfiguration
Hobby Lobby: Craft Supply Retailer  >> Read full details on our blog  
  United States – CNA Financial Exploit: Ransomware
CNA Financial: Insurer  >> Read full details on our blog  
  United States – California State Controller Exploit: Phishing
California State Controller: State Government Agency  >> Read full details on our blog  
  United States – PDI Group Exploit: Ransomware
PDI Group: Defense Contractor  >> Read full details on our blog  
  Canada – Sierra Wireless Exploit: Ransomware Sierra Wireless: Electronics Manufacturing >> Read full details on our blog  
  The Netherlands – RDC Exploit: Hacking
RDC: Maintenance & Garage Services  >> Read full details on our blog  
  Australia – Channel Nine Exploit: Ransomware
Acer: Computer Manufacturer  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 17/03/21 – 23/03/21

Acer gets hit for a massive ransom, Chinese hackers meddle in Western Australia’s Parliament and school is out at two hacked colleges

    United Kingdom – South and City College Birmingham Exploit: Ransomware
South and City College Birmingham: Institution of Higher Learning  >> Read full details on our blog
      United Kingdom – The Defence Academy of the United Kingdom Exploit: Nation-State Hacking
The Defence Academy of the United Kingdom: Specialty Graduate School >> Read full details on our blog

    United States – Descartes Aljex Software  Exploit: Unsecured Database
Descartes Aljex Software: Shipping Software Developer  >> Read full details on our blog
  United States – Guns.com Exploit: Hacking
Guns.com: Online Gun Marketplace  >> Read full details on our blog       United States – Maricopa Community College Exploit: Ransomware
Maricopa Community College: Institution of Higher Learning   >> Read full details on our blog      
    Australia – Parliament of Western Australia  Exploit: Nation-State Hacking
Parliament of Western Australia: Regional Legislative Body  >> Read full details on our blog      
Taiwan – Acer  Exploit: Ransomware
Acer: Computer Manufacturer  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 10/03/21 – 16/03/21

  United Kingdom – West Ham Football Club  Exploit: Unsecured Database
West Ham Football Club: Professional Sports Team  >> Read full details on our blog  
  Scotland – University of the Highland and Islands (UHI) Exploit: Ransomware
University of the Highland and Islands (UHI): Institution of Higher Learning  >> Read full details on our blog  
  United States – Molson Coors Exploit: Hacking
Molson Coors: Brewing Conglomerate >> Read full details on our blog  
  United States – Premier Diagnostics  Exploit: Unsecured Server
Premier Diagnostics: Medical Testing   >> Read full details on our blog  
  United States – University of Texas at El Paso Exploit: Hacking
University of Texas at El Paso: Institution of Higher Learning  >> Read full details on our blog  
  United States – Cochise Eye and Laser Exploit: Ransomware
Cochise Eye and Laser: Optometry  >> Read full details on our blog  
  Canada – Canada Revenue Agency (CRA) Exploit: Unauthorized Information Access
Canada Revenue Agency: National Taxation Authority >> Read full details on our blog  
  Spain – State Public Employment Service (SEPE) Exploit: Ransomware
State Public Employment Service (SEPE): Government Agency  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 03/03/21 – 09/03/21

Nation-state actors slide in through a Microsoft flaw compromises many companies worldwide.
  United Kingdom – Nova Education Trust Exploit: Hacking
Nova Education Trust: School System  >> Read full details on our blog  
  United States – Microsoft Exploit: Nation-State Hacking
Microsoft: Software Developer  >> Read full details on our blog  
  United States – CallX Exploit: Unsecured Server
CallX: Telemarketing Firm  >> Read full details on our blog  
  United States – Qualys Exploit: Third-Party Breach (Ransomware)
Qualys: Cybersecurity & Cloud Development  >> Read full details on our blog  
  United States – PrismHR Exploit: Ransomware
PrismHR: Payroll Services  >> Read full details on our blog  
  France – European Banking Authority Exploit: Third-Party Breach
European Banking Authority: Regulatory Agency  >> Read full details on our blog  
  The Netherlands  – Ticketcounter Exploit: Hacking
Ticketcounter: Ticketing Platform    >> Read full details on our blog  
  Switzerland – Adecco Group Exploit: Unsecured Database
Adecco Group: Staffing Firm  >> Read full details on our blog  
  Switzerland – SITA Société Internationale de Télécommunications Aéronautiques (SITA)  Exploit: Hacking SITA: Aviation IT >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 24/02/21 – 02/03/21

Bombardier and Steris get caught up in a third-party data breach, troubled crypto exchange Cryptopia gets hacked again and the shockingly large percentage of data breaches that are email-based.   
  United Kingdom – Oxford University Division of Structural Biology Exploit: Hacking
Oxford University Division of Structural Biology: Research Laboratories  >> Read full details on our blog  
  United Kingdom – Npower Exploit: Credential Stuffing
Npower: Energy Utility   >> Read full details on our blog  
  United Kingdom – NurseryCam  Exploit: Hacking
NurseryCam: Childcare Monitoring App  >> Read full details on our blog  
  United States – Gab Exploit: Hacking
Gab: Social Media Platform   >> Read full details on our blog  
  United States – Steris Exploit: Third Party Data Breach
Steris: Medical Equipment Sales   >> Read full details on our blog  
  United States – Covenant Healthcare Exploit: Phishing
Covenant Healthcare: Medical System  >> Read full details on our blog  
  Canada – Bombardier Exploit:  Third Party Data Breach
Bombardier: Airplane Manufacturing  >> Read full details on our blog  
  Finland – tietoEVRY Exploit: Ransomware
TietoEVRY: IT Services    >> Read full details on our blog  
  New Zealand – Cryptopia Exploit: Hacking
Cryptopia: Cryptocurrency Exchange  >> Read full details on our blog