.jpg#keepProtocol)
date
victim
Summary
Terrible player
business impact
Source link
March 2, 2023
British retail chain WH Smith says it suffered a data breach in which information was stolen.
Unknown
The data breach exposed information belonging to current and former employees.
March 2, 2023
Hatch Bank Discloses Data Breach After Cl0p Ransomware Attack on GoAnywhere MFT.
Cl0p ransomware (probably)
Hackers stole the personal information of nearly 140,000 customers from the company’s secure file sharing platform, Fortra GoAnywhere MFT.
March 2, 2023
Check-up
Check Check confirms that accounts were hacked in a months-long “automated” attack.
Unknown
Chick-fil-A has confirmed that it suffered a credential stuffing attack in which its customers’ accounts were compromised between December 18, 2022 and February 12, 2023.
March 2, 2023
Hackers steal gun owner data from firearms auction site.
Unknown
The breach exposed large amounts of sensitive personal data for more than 550,000 users. Also, the stolen data, apparently, allows a connection between a certain person and the sale or purchase of a specific weapon.
March 2, 2023
Unknown credit and debit card users
The BidenCash marketplace leaks over 2 million stolen credit, debit and debit card information for free.
The dark web market BidenCash
A card marketplace known as BidenCash has leaked a free database of 2,165,700 debit and credit cards online in celebration of its first anniversary.
March 2, 2023
Sandbox blockchain game hacked to send emails linking to malware.
Unknown
An attacker hacked an employee of The Sandbox in February 2023 to gain access to several email addresses belonging to the company and used that access to send emails to users that appeared to come from The Sandbox, containing links to malware hosted on another site.
March 6, 2023
DrayTek Vigor
New malware infects business routers for data theft, surveillance.
Unknown
An ongoing hacking campaign called ‘Hiatus’ targets DrayTek Vigor router models 2960 and 3900 to steal data from victims and build a hidden proxy network.
March 6, 2023
The FBI is investigating the DC Health Link data breach affecting US House members and staff.
A hacker who calls himself IntelBroker on the breach forums
The breach affected approximately 170,000 people, with the account information and PII of hundreds of Friends and Home staff members stolen.
March 6, 2023
Acer confirms breach after threat actors attacked a server hosting private documents used by repair technicians.
A hacker who calls himself IntelBroker on the breach forums
The threat actor breached servers and claimed 160 GB of stolen data containing technical manuals, software tools, back-end infrastructure details, product model documentation for phones, tablets and laptops, BIOS images, ROM files, ISO files and replacement digital product keys (RDPK).
March 6, 2023
HDFC Bank
HDFC Bank denies data breach even as 7.5 GB of customer information was allegedly leaked for free on a hacker forum.
A threat actor using the title Kernelware in the infringement forums
The threat actor posted 7.5 GB of stolen data belonging to HDFC Bank for free download.
March 7, 2023
AT&T warns 9 million customers of data breach after carrier hack.
Unknown
In a January breach, a carrier that AT&T uses for marketing experienced a security incident in which hackers exposed information on 9 million customers when they accessed proprietary customer network information from some wireless accounts, such as the number of lines on the account or wireless rate plan, etc.
March 9, 2023
The Swiss technology and cyber company, Acronis, was hit by a data breach where the hacker apparently leaked 21 GB of data.
A hacker who calls himself Kernelware on the breach forums
The hacker stole and leaked about 21 GB of data including various credentials files, command logs, system configurations, system info logs, their file system archives and python scripts for their maria.db database, backup configuration stuff, and tons of screenshots Screen their backup operations.
March 10, 2023
Mental health service provider Cerebral alerts 3.1 million people to data breach.
human mistake
The company revealed that they have been using invisible pixel trackers from Google, Meta (Facebook), TikTok and other third parties in its online services since October 12, 2019. Cerebral said that the sensitive medical information of people who used the provider’s platform was exposed to third parties without the patient’s permission.
March 12, 2023
Hackers steal $197 million in crypto in Euler Finance attack.
Unknown
The cryptocurrency theft included several tokens, including $8.75 million worth of DAI, $18.5 million in WBTC, $33.85 million in USDC, and $135.8 million in stETH.
March 12, 2023
The game developer STALKER 2 was hacked by the Russian activists, data was stolen.
Hacker community from a Russian social network
The hackers posted a message on the Russian social media platform VK, claiming to have stolen “a huge amount of STALKER 2 material,” including the entire plot, scene descriptions, concept art, global maps, and more.
March 13, 2023
Los Angeles Housing Authority HACLA
Los Angeles Housing Authority HACLA Reveals Data Breach After Ransomware Attack.
LockBit Ransomware gang
The server logs examined showed that the hackers may have accessed the personal and financial information including passports belonging to HACLA members.
March 15, 2023
American cyber security company Rubrik confirms data breach due to “unauthorized access”.
Cl0p Ransomware
The company said there was “no lateral movement,” meaning cybercriminals were unable to infect other parts of the company’s IT infrastructure. She insists that no sensitive data was accessed, such as social security numbers and financial accounts or payment details.
March 16, 2023 (updated March 27, 2023)
A subsidiary of Deutsche Bank, Latitude Financial Services (Latitude)
The Latitude Financial data breach now affects 14 million customers.
Unknown
Latitude confirmed that it was affected by a cyber attack on March 16, which affected 330,000 customers, but after further investigating the incident, on March 27, 2023, Latitude revealed that the impact of the incident was much more significant, and is now estimated to have affected 14 million customers or loan applicants from Australia and New Zealand.
March 17, 2023
Hitachi Energy confirms data breach after Cl0p GoAnywhere attacks.
Cl0p Ransomware
The ransomware group stole employee data in several countries.
March 17, 2023
The NBA is alerting fans to a data breach exposing personal information held by a third-party newsletter service provider.
Unknown
The NBA said it recently became aware that an unauthorized third party had gained access and obtained a copy of its fan names and email addresses, which was held by a third-party service provider that helps the NBA communicate via email with fans. It said there was no indication that the NBA’s own systems, username, password or any other information had been affected.
March 19, 2023
Donut Leaks – (Data Extortion Group)
MONTI ransomware gang leaks cpanel login credentials of Donut Leaks (data extortion group).
MONTI ransomware
The extracted registry provided the login credentials to what appears to be the Donut Leaks administrative cpanel.
March 20, 2023
Saks Fifth Avenue falls victim to a GoAnywhere Zero Day attack.
Cl0p Ransomware
The company stated that no real customer data was affected. It did not address whether organizational or employee data was stolen.
March 21, 2023
Auckland city
The LockBit ransomware gang is now also claiming a breach by the City of Auckland.
LockBit ransomware
After the Play Play Group claimed a data breach in February, the City of Oakland received a second threatening call from the Lockbit Group warning that it had stolen City employee information, etc. and would release it on April 10, 2023.
March 23, 2023
the city of toronto
City of Toronto confirms data theft, Cl0p takes responsibility.
Cl0p Ransomware
A spokesperson for the municipality noted that the hacker’s access was limited to files that could not be processed using the third-party secure file transfer system.
March 23, 2023
The Pension Protection Fund approves employee data exposed in the GoAnywhere breach.
Cl0p Ransomware
A spokesman for the fund said hackers obtained data on some employees of the UK Pension Protection Fund after using a third-party data transfer service.
March 23, 2023
Procter & Gamble approves data theft via GoAnywhere zero-day.
Cl0p Ransomware
Consumer products giant Procter & Gamble has confirmed a data breach that affected an unknown number of employees.
March 23, 2023
Virgin Group has been added to Cl0p’s Victim Leaks site.
Cl0p Ransomware
A Virgin representative said the attack only involved Virgin Red, not the group itself, and the exposed files did not pose any risks to customers or employees.
March 23, 2023
Rio Tinto becomes a victim of the GoAnywhere breach.
Cl0p Ransomware
Rio Tinto said personal data of some of its Australian employees may have been stolen.
March 23, 2023
Tech camp for children iD Tech
Kids tech camp iD Tech still shut down weeks after data breach.
Unknown
The hacker claims to have stolen close to a million user records, including names, dates of birth, passwords stored in plain text and approximately 415,000 unique email addresses.
March 24, 2023
OpenAI reveals that the Redis bug was behind the ChatGPT user data exposure incident.
Open source library bug behind data leak
The company said that due to the bug, some subscription confirmation emails generated during that window were sent to the wrong users. It explained that in the hours before service disruptions on Monday (March 20), some users were able to see the first and last name of another active user, Email address, payment address, last four digits of credit card number, and credit card expiration date.
March 27, 2023
Crown Resorts
Crown Resorts is investigating a potential data breach (GoAnywhere) after being contacted by the hacking group.
Cl0p Ransomware (probably)
The gaming and entertainment group said it was recently contacted by a ransomware group claiming to have illegally obtained a limited number of Crown files through a breach of third-party file transfer service GoAnywhere, but the company said no customer data was compromised and business operations were unaffected.
.jpg#keepProtocol&description=Recent+Cyber+Attacks%2C+Data+Breaches+%26+Ransomware+Attacks+March+2023){kind=link}