Data Breaches

Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.

The London transport authority removes a claim that said there was no evidence that customer data was compromised during a recent hack.

Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in a cyberattack.

Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals.

American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information.

Planned Parenthood has confirmed it suffered a cyberattack affecting its IT systems, forcing it to take parts of its infrastructure offline to contain the damage.

​American semiconductor supplier Microchip Technology Incorporated has confirmed that employee information was stolen from systems compromised in an August cyberattack, which was later claimed by the Play ransomware gang.

The oil and fracking giant says it is "working to identify effects" of the ongoing cyberattack on its oil and fracking operations.

Hacker ‘HikkI-Chan’ leaks personal data of over 390 million VK users on Breach Forums, including city, country, full names, and profile image URLs. Hackread.com investigates this massive privacy breach.

Transport for London (TfL), the city's transport authority, is investigating an ongoing cyberattack that has yet to impact its services.

The Federal Trade Commission (FTC) proposes a $2.95 million penalty on security camera vendor Verkada for multiple security failures that enabled hackers to access live video feeds from 150,000 internet-connected cameras.

CBIZ Benefits & Insurance Services (CBIZ) has disclosed a data breach that involves unauthorized access of client information stored in specific databases.

Customer conversation platform Exotel has suffered a data breach that may have compromised details of its clients, sources familiar with the matter told Entrackr.

cross-posted from: https://infosec.pub/post/16863645

This relatively new ransomware-as-a-service (RaaS) operation extorts victims in exchange for not leaking stolen files and sells the documents to the highest bidder if negotiations fail. The ransomware group focuses on data-theft-based extortion rather than encrypting victims' files, although they were also identified as potential buyers of Knight ransomware source code.

Since the start of the year, RansomHub has claimed responsibility for breaching American not-for-profit credit union Patelco, the Rite Aid drugstore chain, the Christie's auction house, and U.S. telecom provider Frontier Communications. Frontier Communications later warned over 750,000 customers their personal information was exposed in a data breach.

Durex India has exposed customers' personal information, including full names, email and postal addresses, and order details.

DICK'S Sporting Goods, the largest chain of sporting goods retail stores in the United States, disclosed that confidential information was exposed in a cyberattack detected last Wednesday.

Young Consulting is sending data breach notifications to 954,177 people who had their information exposed in a BlackSuit ransomware attack on April 10, 2024.

The U.S. Marshals Service (USMS) denies its systems were breached by the Hunters International ransomware gang after being listed as a new victim on the cybercrime group's leak site on Monday.

Park'N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network.

Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year.

The American Radio Relay League (ARRL) confirmed it paid a $1 million ransom to obtain a decryptor to restore systems encrypted in a May ransomware attack.

The Cannon Corporation dba CannonDesign is sending notices of a data breach to more than 13,000 of its clients, informing that hackers breached and stole data from its network in an attack in early 2023.

American chipmaker Microchip Technology Incorporated has disclosed that a cyberattack impacted its systems over the weekend, disrupting operations across multiple manufacturing facilities.

Oregon Zoo is informing that visitors who purchased tickets online between December and June had their payment card information compromised.

Toyota confirmed that its network was breached after a threat actor leaked an archive of 240GB of data stolen from the company's systems on a hacking forum.