A threat actor is claiming to sell sensitive data of active-duty personnel from the United States Armed Forces. The data allegedly includes information from members of the Army, Navy, and Air Force.
Category: Cyber Attack
A threat actor known as “w888” has claimed responsibility for a data breach involving L’Oréal, the multinational cosmetics and beauty company. According to the claim, in July 2024, a third-party breach led to the exposure of personal information of 5,110 L’Oréal employees. The compromised data reportedly includes first names, last names,…
A threat actor has announced the sale of three separate leaks containing data of active duty personnel from three branches of the US Military: the Air Force, Navy, and Army. Details of the Alleged Leaks: Branches Affected: Air Force: 9,450 personnel Navy: 8,681 personnel Army: 5,571 personnel Data Headers: ID Name…
Personal and health information of 12.9 million individuals was exposed in a ransomware attack on Australian digital prescription services provider MediSecure. MediSecure is a company that provides digital health solutions, particularly focusing on secure electronic prescription delivery services in Australia. In May, the company was forced to shut down its website…
Due to CrowdStrike’s most recent update, numerous vital infrastructures and organizations encountered unexpected and serious challenges on Friday. Many devices saw the Blue Screen of Death (BSOD) after the upgrade, making them unusable. The faulty update has been fixed by CrowdStrike, but the potential risks don’t end there. Following the CrowdStrike…
Les Transports Publics du Chablais (TPC) ont été victimes d’une cyberattaque débutée mardi matin, qui a rendu indisponibles l’application TPC et certains automates à billets. Les systèmes impactés ont été rétablis en fin de journée, mais les TPC ne peuvent pas exclure un vol de données clients, même si celles-ci ne sont pas sensibles. Une plainte pénale a été déposée contre inconnus auprès des autorités.
A threat actor using the handle “UnicornLover67” claims to have dumped all KYC (Know Your Customer) data from the crypto bank visa card provider, Embily.com. The hacker has provided five sample PDFs to illustrate the scope of the data, which includes: Personal information: First name, last name, gender, birthdate, country, nationality,…
A significant data breach claim has been made regarding the French social network Rencontre-Ados. According to the threat actor, in July 2024, over 346,000 users‘ personal information was exposed. The alleged compromised data includes names, dates of birth, GPS coordinates, genders, sexual orientations, marital statuses, jobs, heights & sizes, hair colors,…
A threat actor published a database on a dark web forum claiming that it belongs to Hirelocker. HireLocker provides a cloud solution for managing recruitment processes. The headquarters of the company is in Ireland but they operate worldwide. According to the post, the alleged leak contains 239,000 records of user job…
A threat actor published a database on a dark web forum claiming that it is from the Hajj and Pilgrimage Organization of Iran between the years 1984 – 2024. The Organization works on the registrations for pilgrimage trips. The forum post states that the significance of the organization comes from the…
According to a post from a dark web forum, a threat actor is selling access for a South American company operating in 3 different sectors. The organization operates in banking, they have a delivery app and a payment app. No organization name is mentioned in the post and the the threat…
A threat actor claims to have breached the Pick n Pay Group, a prominent South African retailer, in July 2024. The group operates three major brands: Pick n Pay, Boxer, and TM Supermarkets. Recently, Pick n Pay launched a vehicle registration disc renewal service available at over 500 stores nationwide. The…
A threat actor has claimed responsibility for a data breach at the Universitas Indonesia, which reportedly occurred in July 2024. The Universitas Indonesia, a prestigious institution located in Jakarta, is said to have had the personal information of 10,936 users compromised. The leaked data allegedly includes: Personal identification numbers (pencaker_id, no_regis,…
A threat actor is selling an authentication bypass vulnerability for a phone stalkerware website. It is claimed that with this vulnerability one will be able to log into any account and access sensitive information such as pictures, messages, calls, contacts and so on. The threat actor also shared a sample in…
According to a threat actor from a dark web forum, Directional Aviation, an American aviation company that owns and operates several private aviation brands, was allegedly breached. According to the forum post, private jet fleets for all of their subsidiaries and corresponding pilot data were breached, and there are 4,100,000 records…