top of page

Q2 '24 Data Breaches 

V2verify Is The Key To Preventing Data Breaches

V2verify is the answer for preventing data breaches like these, but until they are no longer an issue, we want to provide you with tools and information to minimize your risk and exposure.   

Second Quarter ~ 2024

June 2024

JUNE 13

TRUIST BANK

Truist Bank, a leading U.S. commercial bank, confirmed this week that its systems were breached in an October 2023 cyberattack after a threat actor posted some of the company's data for sale on a hacking forum.
Headquartered in Charlotte, North Carolina, Truist Bank was formed after SunTrust Banks and BB&T (Branch Banking and Trust Company) merged in December 2019.
Now a top-10 commercial bank with total assets of $535 billion, Truist offers a wide range of services, including consumer and small business banking, commercial banking, corporate and investment banking, insurance, wealth management, and payments.

JUNE 12

US HEALTH

U.S. healthcare providers can ask UnitedHealth Group (UNH.N),  to notify people whose data was exposed during a hack on the company's Change Healthcare unit in February, according to an update on the health department's website.
The news comes as a relief for U.S. hospitals and healthcare providers that had urged, the Department of Health and Human Services (HHS) to shift the notification responsibility to UnitedHealth and its unit.

JUNE 11

ADVENTIST HEALTH WEST
Adventist Health recently announced it had identified a significant data breach, exposing the information of over 70,000 people in the Tulare County region who were patients of the Adventist Health West hospital in Tulare.
The breach was discovered when Signature Performance, a third-party company that processes payments, identified unusual activity on its servers. An investigation revealed that a cyberattack had compromised information; however, Adventist Health West said in a statement that the data was not used for illegal activity. 

JUNE 11

PURE STORAGE

Pure Storage, a leading provider of cloud storage systems and services, confirmed on Monday that attackers breached its Snowflake workspace and gained access to what the company describes as telemetry information.
While the exposed information also included customer names, usernames, and email addresses, it did not contain credentials for array access or any other data stored on customer systems.

JUNE 10

MANDIANT

Mandiant attributed the account hacks to UNC5537, an as-yet-unclassified cybercriminal gang that the security firm says is motivated by making money. The gang, which Mandiant says includes members in North America and at least one member in Turkey, attempts to extort its victims into paying to get their files back or to prevent the public release of their customers’ data.
Mandiant confirmed the attacks — which rely on the use of “stolen credentials to access the customer’s Snowflake instance and ultimately exfiltrate valuable data” — date back to at least April 14, when its researchers first identified evidence of improper access to an unnamed Snowflake customer’s environment. Mandiant said it notified Snowflake to its customer account intrusions on May 22.

JUNE 6

SNOWFLAKE

Snowflake Inc is facing scrutiny after reports of data breaches affecting some of its major clients, including Santander Bank and Ticketmaster.
Hackers claimed to have stolen hundreds of millions of customer records. Australian authorities confirmed successful compromises of several companies using Snowflake, TechCrunch reports.

Snowflake acknowledged unauthorized access to a limited number of customer accounts but found no evidence of a direct system breach.
The breaches occurred due to single-factor authentication vulnerabilities. Snowflake advised customers to enable multi-factor authentication (MFA) to enhance security.
TechCrunch reported seeing hundreds of Snowflake customer credentials available online due to infostealing malware.

May 2024

April 2024

APR 25

KAISER

Kaiser Permanente, the Oakland-based health care conglomerate, is warning millions of customers that one of its divisions may have exposed their names, symptom searches and other data to major tech companies.

Kaiser Foundation Health Plan Inc. disclosed the data breach to the U.S. Department of Health and Human Services on April 12. TechCrunch first reported the news. 

Kaiser told SFGATE in a statement on Thursday, “certain online technologies, previously installed on its websites and mobile applications, may have transmitted personal information to third-party vendors Google, Microsoft Bing, and X (Twitter).”

APR 25

PIPING ROCK 

Piping Rock, a US-based producer of vitamins and dietary supplements, has allegedly been breached, with attackers accessing over 2.1 million emails.

An ad for the company’s data recently appeared on a well-known data leak forum. The culprit claims that the personal details of nearly a million customers lie within 2.1 million stolen emails.

The Cybernews research team has looked into the data sample that the attacker provided and concluded that the information appears to be legitimate.

 

We’ve reached out to Piping Rock for comment but did not receive a response before publishing.

The attacker claims to have obtained the personal details of 957,384 of the company’s customers, including:

Email addresses, Names, Phone numbers, Home addresses & Purchases

The attacker’s post reads, “The management suddenly just stopped in the middle of negotiations,” implying that the hacker has been discussing the data theft with the company.

APR 24

US COAST GUARD  

The Coast Guard Reserve alerted thousands of its personnel to a data breach last week, nearly three months after someone improperly sent their personally identifiable information to unapproved recipients, the service confirmed Tuesday.

An April 18 notification from the Coast Guard Reserve warned that a data exposure discovered Jan. 24 distributed the private material to “individuals with no authority to view the information,” a retired Coast Guardsman, who received the notification and spoke on the condition of anonymity, told Military Times.

 

The incident, which affected 10,700 Coast Guard Reserve members, occurred amid a push from the White House to have the maritime service bolster cybersecurity at American ports.

The Coast Guard said that the home addresses of 7,554 individuals, and the names and employee identification numbers of another 3,146, inadvertently were released. A review by the service of the incident revealed that a document used for internal processes had a separate tab that contained the info, which went to the personal email addresses of 85 Coast Guard Reserve members, it said.

APR 23

UNITED HEALTH GROUP   

The cyberattack on Change Healthcare in February targeted the data of “a substantial proportion of people in America,” UnitedHealth Group (UHG) said this week, with the company confirming it paid a ransom in an effort to protect patient information.

“Based on initial targeted data sampling to date, the company has found files containing protected health information (PHI) or personally identifiable information (PII), which could cover a substantial proportion of people in America,” UHG said in an update on Monday regarding the attack on its subsidiary.

APR 20

MINISTRY OF EDUCATION  

A data breach at one of its vendors has resulted in the "unauthorised access" of names and email addresses of parents and staff from five primary schools and 122 secondary schools, the Ministry of Education (MOE) said on Friday (Apr 19). 

MOE said it was notified by Mobile Guardian that its user management portal had been breached on Wednesday, with the incident occurring at the company's headquarters in Surrey, United Kingdom. 

 

Mobile Guardian is a device management app (DMA) installed on personal learning devices used by students, like iPads and Google Chromebooks. The app enables parents to manage students’ device usage by restricting applications or websites and screen time. 

APR 16

THE REHABILITATION HOSPITAL OF SOUTHERN MEXICO  
A Las Cruces rehabilitation center said a cyber attack gave hackers access to sensitive personal and medical information of thousands of people.

The Rehabilitation Hospital of Southern New Mexico's IT network was breached between Jan. 16 and Feb. 4. The hospital is located on Lohman Ave. and offers in-patient and out-patient rehabilitation services.

Patient information ― names, addresses, dates of birth, medical record numbers, health insurance plan member IDs, and healthcare data ― were accessed, the company said. Data from the U.S. Department of Health and Human Services showed 5,466 people were affected by the hacking of the network server.

APR 12

ROKU 
The streaming video platform Roku says that it has uncovered a new data breach impacting 576,000 accounts.

Rather than a hacker breaking into Roku’s system, the attack utilized a technique called “credential stuffing,” with the accounts compromised by hackers that obtained log-in data from other sources.

APR 11

SISENSE 
A federal cybersecurity agency is investigating the hacking of Sisense, a business intelligence company. Organizations that had a relationship with the firm are being advised to quickly take safety precautions.

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is investigating a data breach that may have enabled hackers to gain access to a trove of sensitive information from organizations in industries including financial services, telecommunications, healthcare and higher education.

Whether or not promotional products industry firms are affected wasn’t immediately clear, but Krebs on Security said that Sisense – the business intelligence company victimized by the hacking – works with over 1,000 clients across a range of verticals. A source told ASI Media it’s likely that some promo firms are impacted. Even if a company didn't directly work with Sisense, there's at least the potential for exposure if one of their subprocessors/vendors did. 

APR 8

BoAt LIFESTYLE 
In a disturbing turn of events, personal data belonging to over 7.5 million customers of boAt Lifestyle, a prominent manufacturer of audio products and smartwatches, has reportedly surfaced on the dark web, reported Forbes. 

As per the report from the publication, this breach has been unveiled by a hacker known as ShopifyGUY and he has shocked the cybersecurity landscape. This breach has accessed sensitive data including names, addresses, contact numbers, email IDs, and customer IDs of the customers. The leaked dataset, weighing in at around 2GB, presents a substantial threat to those impacted, leaving them vulnerable to potential financial fraud, phishing attempts, and identity theft.

APR 8

GREYLOCK MCKINNON ASSOC.  
U.S. consulting firm Greylock McKinnon Associates (GMA) disclosed a data breach in which hackers stole as many as 341,650 Social Security numbers.

 

GMA provides economic and litigation support to companies and U.S. government agencies, including the U.S. Department of Justice, bringing civil litigation. According to its data breach notice, GMA told affected individuals that their personal information “was obtained by the U.S. Department of Justice (“DOJ”) as part of a civil litigation matter” supported by GMA.

APR 4

CITY OF HOPE 
City of Hope, a cancer hospital operator and clinical research organization, disclosed a data breach that potentially compromised the personal and health information of nearly 1 million patients.

In a notice posted to its website April 2, City of Hope said almost six months ago, on Oct. 13, 2023, it became aware of suspicious activity on its systems. The organization immediately instituted mitigation measures to minimize any disruption to its operations, it said in the online notice.

 

The hackers stole files that may have contained patient names, contact information such as email address and phone numbers, dates of birth, Social Security numbers, driver’s license or other government identification, financial details (such as bank account numbers and/or credit card details), health insurance information, medical records and information about medical history and/or associated conditions, and/or unique identifiers to associate individuals with City of Hope, like a medical record number, the organization disclosed.

APR 1

AT&T 
AT&T announced it is investigating a data breach involving the personal information of over 70 million current and former customers leaked on the dark web.
According to information about the breach on the company's website, 7.6 million current account holders and 65.4 million former account holders have been impacted. An AT&T press release said the breach occurred about two weeks ago and has not yet had a "material impact" on its operations.
AT&T said the information included in the compromised data set varies from person to person. It could consist of social security numbers, full names, email and mailing addresses, phone numbers, dates of birth, AT&T account numbers, and passcodes.

Q1 2024

Q1 2024 Breach List
Our historical list of data breaches.

MAY 30

TICKET MASTER

A notorious hacking group claims it has breached Ticketmaster's systems and is offering the stolen data of 560 million customers for sale, according to multiple reports.
The group ShinyHunters listed 1.3 terabytes' worth of Live Nation-owned Ticketmaster customer data for a one-time price of $500,000 on its cybercrime-linked platform Breach Forums, Hackread.com first reported Tuesday.

MAY 16

MEDISECURE

Federal police are investigating after Australian healthcare business MediSecure was targeted in a large-scale ransomware data breach.
MediSecure’s website and phone hotline were offline on Thursday, and the company confirmed in a statement it had fallen victim to a cyberattack. The Melbourne-based firm was founded in 2009 and provides electronic prescription services to healthcare professionals.
“MediSecure has identified a cybersecurity incident impacting the personal and health information of individuals. We have taken immediate steps to mitigate any potential impact on our systems,” the company said in a statement.
“While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors.”

MAY 15

HYPERTENSION-NEPHROLOGY ASSOC PC

Hypertension-Nephrology Associates, P.C. ("the Practice") became aware it was the target of an extortion attack when an extortion note was found on its computer system. Upon discovery of the extortion note, the Practice took immediate action including engaging cybersecurity experts and launching an investigation to understand the nature and scope. In an extortion attack, cybercriminals gain unauthorized access to a victim's sensitive information, such as protected health information (PHI), and then threaten to disclose the PHI unless a ransom is paid.

The forensic investigation determined the cybercriminals accessed the Practice's systems containing information on both current and former patients between January 20, 2024, and February 6, 2024. During this time, they exfiltrated data containing PHI. A comprehensive review was conducted in an effort to determine the scope of affected PHI. The review concluded on March 15, 2024. Because the review was unable to determine the scope and full extent of the accessed and exfiltrated data, the Practice is treating all PHI as potentially compromised.

MAY 13

IRS

​The Internal Revenue Service (IRS) has begun the process of informing over 70,000 taxpayers that their confidential tax information was leaked in a widespread breach by a former IRS contractor. Those impacted should take steps to protect against identity-theft and related abuses, assess potential damages, and consider legal action.

MAY 10

USPTO 

USPTO confirms it has suffered a “data security incident” exposing the private domicile addresses of trademark users – the second such incident in less than a year.

MAY 9

ZSCALER

​Cybersecurity giant Zscaler rushed to conduct an investigation on Wednesday after a notorious hacker offered to sell access to the company’s systems. 
The hacker known as IntelBroker announced on a popular cybercrime forum that he was “selling access to one of the largest cyber security companies”. The hacker’s post does not name the company, but he did confirm in the forum’s shoutbox that it was Zscaler.

MAY 9

DELL
Dell is warning customers of a data breach after a threat actor claimed to have stolen information for approximately 49 million customers.
The computer maker began emailing data breach notifications to customers yesterday, stating that a Dell portal containing customer information related to purchases was breached.
"We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell," reads a Dell data breach notification shared with BleepingComputer.

MAY 8

ASCENSION 

Ascension, a health system with 140 hospitals and operations in 19 states and Washington, D.C., said that its clinical operations were disrupted after it discovered “unusual activity” on some of its network systems Wednesday.
The nonprofit and Catholic health system said that on May 8 “we detected unusual activity on select technology network systems, which we now believe is due to a cyber security event. At this time we continue to investigate the situation. We responded immediately, initiated our investigation and activated our remediation efforts.

MAY 8

UK MINISTRY OF DEFENSE
The Ministry of Defence has suffered a significant data breach and the personal information of UK military personnel has been hacked.
A third-party payroll system used by the MoD, which includes names and bank details of current and past members of the armed forces, was targeted in the attack. A very small number of addresses may also have been accessed.
The department took immediate action and took the external network, operated by a contractor, offline.

MAY 2

DROPBOX SIGN

The names and email addresses of those customers were also exposed who had never created an account with Dropbox Sign but had “received or signed a document through Dropbox Sign.”

In a major blow to user trust, Dropbox revealed a security breach in its e-signature platform, Dropbox Sign, formerly known as HelloSign.  Unauthorized and unknown entities accessed Dropbox Sign’s environment that contained customer data including usernames, email addresses, and other details, the company confirmed in a blog post.

MAY 2

OUTABOX

Police and federal agencies are responding to a massive breach of personal data linked to a facial recognition scheme that was implemented in bars and clubs across Australia. The incident highlights emerging privacy concerns as AI-powered facial recognition becomes more widely used everywhere from shopping malls to sporting events.The affected company is Australia-based Outabox, which also has offices in the United States and the Philippines. In response to the Covid-19 pandemic, Outabox debuted a facial recognition kiosk that scans visitors and checks their temperature. The kiosks can also be used to identify problem gamblers who enrolled in a self-exclusion initiative. This week, a website called “Have I Been Outaboxed” emerged, claiming to be set up by former Outabox developers in the Philippines. The website asks visitors to enter their name to check whether their information had been included in a database of Outabox data, which the site alleges had lax internal controls and was shared in an unsecured spreadsheet. It claims to have more than 1 million records.

What to Do If Your Data Is Breached
Major database breaches are a regular occurrence, meaning it’s not a matter of if you’ll get hit, but when. The good news is that being proactive when this happens can help prevent the headaches that come from the breach. 

bottom of page