Data Breach

Pierluigi Paganini February 20, 2023
Lockbit ransomware gang hit the Portuguese municipal water utility Aguas do Porto

The LockBit ransomware gang claims to have hacked Aguas do Porto, a Portuguese municipal water utility company. The LockBit ransomware gang claims to have hacked Aguas do Porto, a Portuguese municipal water utility company, and is threatening to leak the stolen data. Aguas do Porto is a municipal water utility company that manages the full […]

Pierluigi Paganini February 19, 2023
Hackers disclose Atlassian data after the theft of an employee’s credentials

Atlassian discloses a data leak that was caused by the theft of employee credentials which was used to steal data from a third-party vendor. A group of hackers called SiegedSec recently published on its Telegram channel a JSON file containing data belonging to thousands of Atlassian employees and floor plans for two of the company’s […]

Pierluigi Paganini February 18, 2023
GoDaddy discloses a new data breach

GoDaddy discloses a security breach, threat actors have stolen source code and installed malware on its servers in a long-runing attack. Web hosting company GoDaddy announced that attackers have stolen source code and installed malware on its servers. The threat actors have breached its cPanel shared hosting environment, the company states that it is not […]

Pierluigi Paganini February 15, 2023
Community Health Systems data breach caused by GoAnywhere MFT hack

Community Health Systems (CHS) disclosed a data breach, attackers exploited the zero-day vulnerability in Fortra’s GoAnywhere MFT platform. Community Health Systems (CHS) is one of the nation’s leading healthcare providers. CHS operates 79 acute-care hospitals and more than 1,000 other sites of care, including physician practices, urgent care centers, freestanding emergency departments, occupational medicine clinics, […]

Pierluigi Paganini February 10, 2023
Reddit discloses security breach that exposed source code and internal docs

Social news aggregation platform Reddit suffered a security breach, attackers gained unauthorized access to internal documents, code, and some business systems. Reddit announced it was hit by a sophisticated and highly-targeted attack that took place on February 5, 2023. A highly-targeted phishing attack hit the employees of the company. The company pointed out that Reddit […]

Pierluigi Paganini February 08, 2023
Russian e-commerce giant Elevel exposed buyers’ delivery addresses

A leading electrical engineering company in Russia, Elevel, has exposed its customers’ personally identifiable information (PII,) including full names and addresses. Original post at https://cybernews.com/privacy/russian-e-commerce-giant-data-leak/ Founded in 1991, Elevel (previously Eleko) positions itself as the leading Russian electrical engineering company that runs both an e-commerce business and wholesale stores. On January 24, the Cybernews research […]

Pierluigi Paganini January 31, 2023
IT Army of Ukraine gained access to a 1.5GB archive from Gazprom

IT Army of Ukraine claims to have breached the infrastructure of the Russian energy giant Gazprom and had access to a 1.5 GB archive. The collective IT Army of Ukraine announced it has gained access to a 1.5 GB archive belonging to the Russian energy giant Gazprom. The group of hacktivists announced the hack on […]

Pierluigi Paganini January 31, 2023
GitHub to revoke stolen code signing certificates for GitHub Desktop and Atom

GitHub confirmed that threat actors exfiltrated encrypted code signing certificates for some versions of GitHub Desktop for Mac and Atom apps. GitHub this week disclosed a security breach, threat actors exfiltrated encrypted code signing certificates for some versions of GitHub Desktop for Mac and Atom apps. In response to the incident, the Microsoft-owned company is started […]

Pierluigi Paganini January 30, 2023
JD Sports discloses a data breach impacting 10 million customers

Sports fashion retail JD Sports discloses a data breach that explosed data of about 10M customers who placed orders between 2018 and 2020. UK sports fashion chain JD Sports disclosed a data breach that exposed customer data from orders placed between November 2018 and October 2020. The company discovered unauthorized access to a server that contained […]

Pierluigi Paganini January 27, 2023
BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” The BlackCat Ransomware gang added SOLAR INDUSTRIES INDIA to the list of victims published on its Tor leak site. The company is a globally recognised industrial explosives manufacturer, it provides complete blasting solutions, including packaged, […]