top of page

Q1'24 Data Breaches 

V2verify Is The Key To Preventing Data Breaches

V2verify is the answer for preventing data breaches like these, but until they are no longer an issue, we want to provide you with tools and information to minimize your risk and exposure.   

First Quarter ~ 2024

February 2024

FEB 26

LOANDEPOT
Almost 17 million LoanDepot customers had sensitive personal information, including Social Security numbers, stolen in a January ransomware attack, the company has confirmed.
The loan and mortgage giant company said that the stolen LoanDepot customer data includes names, dates of birth, email and postal addresses, financial account numbers, and phone numbers. The stolen data also includes Social Security numbers, which LoanDepot collected from customers.

FEB 23

AMERICAN VISION PARTNERS
Medical Management Resource Group, doing business as American Vision Partners, experienced a cybersecurity incident impacting patient data.
American Vision Partners detected unauthorized activity within its computer network on Nov. 14, according to a Feb. 6 news release. The company contained the incident by isolating affected systems and launched an investigation with third-party cybersecurity firms.
Information that may have been affected includes names, contact information, dates of birth, certain medical information, and in certain cases, Social Security numbers and insurance information.

FEB 23

U-HAUL
Truck and trailer rental company U-Haul said on Friday that some customers in the U.S. and Canada were affected by a data breach in December.
An “unauthorized party” used “legitimate credentials” to access a system that U-Haul dealers use to track reservations and view customer records, the company said in a regulatory filing with the state of Maine.
The original posting did not include the number of affected persons, but a U-Haul spokesperson told Recorded Future News that the incident involved the data of about 67,000 in the U.S. and Canada.
The breached data included driver’s license numbers and other identification card numbers. The incident did not involve the company’s payment system, U-Haul said.

FEB 22

MR COOPER
U.S. healthcare technology giant Change Healthcare has confirmed a cyberattack on its systems. In a brief statement, the company said it was 'experiencing a network interruption related to a cyber security issue.'

FEB 22

CHANGE HEALTHCARE
U.S. healthcare technology giant Change Healthcare has confirmed a cyberattack on its systems. In a brief statement, the company said it was 'experiencing a network interruption related to a cyber security issue.'

FEB 21

TANGERINE
Internet service provider Tangerine has suffered a data breach, with the full names, dates of birth, email address and mobile phone numbers of more than 200,000 customers taken by hackers.

FEB 20

WYZE
Around 13,000 Wyze security camera customers were able to see sensitive content from strangers’ devices Friday. As cameras were coming back online after a service outage, the customers saw thumbnails from other people’s feeds in their apps, and some clicked through to see videos. 

The Seattle-based company alerted customers about the “security incident” in an email Monday. It says the original hours-long outage was caused by Amazon Web Services. When the cameras came back online, the device IDs and user ID mapping were mixed up, leading to some people having access to data from the wrong accounts. The company said a separate third-party partner caused the problem, but that issue has already been fixed. 

FEB 17

IDAHO NATIONAL LABORATORY
Idaho National Laboratory has announced several lab employees have received suspicious letters at their homes in the wake of a November data breach.
The breach occurred within Oracle HCM, a federally approved vendor system that resides outside the lab and supports certain INL Human Resources applications, the lab’s website said. The stolen information affected many current and previous employees of Battelle Energy Alliance, the contractor that manages INL, and some Idaho Cleanup Project employees, the website said.

FEB 16

TE WHATU ORA
At least 12,000 people have been had their personal information disclosed by a former staff member of Te Whatu Ora.

FEB 16

GOA
The United States Government Accountability Office (GAO), the independent, nonpartisan government agency within the legislative branch that serves as a federal watchdog organization announced this week that it was alerted by an IT contractor of a cyber breach that occurred last month. CGI Federal notified the agency of the breach that may have affected about 6,000 current and former GAO employees.

FEB 15

WILLIAMSON COUNTY
Williamson County officials are warning about a “data security event” that affected the 277th District Court in November 2022.
In a press release Thursday, officials said the county became aware of “suspicious activity in its email environment” on Nov. 10, 2022.
An investigation found that an unauthorized actor gained access to an email account of a member of the 277th District Court sometime between Nov. 1 and Nov. 10, and “may have viewed or taken certain information contained therein.”

FEB 15

US INTERNET
US Internet's email security business exposed thousands of its customers' emails on the open internet due to human error.
The gaffe was discovered by a Milwaukee computer security consultant and made public Wednesday by cybersecurity expert Brian Krebs. Minnetonka-based US Internet said Thursday the problem has been resolved, and it's assessing how much data may have been accessed.

FEB 14

DOD
The U.S. Department of Defense has begun informing current and former employees, partners, and job applicants regarding the potential exposure of their personally identifiable information stemming from a service provider's inadvertent leak of several emails between Feb. 3 and Feb. 20, 2023

FEB 14

INTEGRIS HEALTH
Nearly 2.4 million patients of Oklahoma City-based Integris Health were caught up in a data breach where the alleged hackers sent extortion emails directly to some of them.
The health system reported Feb. 6 that it determined an "unauthorized party" had accessed or stolen patient data Nov. 28. Integris also said it learned Dec. 24 that a group claiming responsibility for the hack was reaching out to patients.    

FEB 14

PRUDENTIAL FINANCIAL 
Prudential Financial has disclosed that its network was breached last week, with the attackers stealing employee and contractor data before being blocked from compromised systems one day later.
This leading global financial services Fortune 500 company manages roughly $1.4 trillion in assets, and it provides insurance, retirement planning, as well as wealth and investment management services to over 50 million customers across the United States, Asia, Europe, and Latin America.

FEB 13

BANK OF AMERICA
An attack on a technology partner claimed by LockBit ransomware exposed sensitive information, including Social Security numbers, of more than 57,000 banking customers.
Bank of America has warned customers of a leak of their sensitive data that occurred due to a ransomware attack that breached the environment at technology partner Infosys McCamish Systems (IMS) last autumn. It's an incident that once again highlights the importance of securing access to data and environments across third-party systems.
At least 57,028 customers were affected in the breach, which occurred when "when an unauthorized third party accessed IMS systems, resulting in the non-availability of certain IMS applications," 

FEB 12

VIAMEDIS & ALMERYS
Nearly half the citizens of France have had their data
exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week.

Payments outfits Viamedis and Almerys both experienced breaches of their systems in late January, the National Commission on Informatics and Liberty (CNIL) revealed, leading to the theft of data belonging to more than 33 million customers. Affected data on customers and their families includes dates of birth, marital status, social security numbers and insurance information. No banking info, medical data or contact information was compromised, the CNIL added.

FEB 8

CONNECTICUT COLLEGE
Connecticut College has brought in cybersecurity experts to investigate a data security incident that might have compromised files in the college's computer system, including social security numbers. The college first detected unauthorized activity over a year ago in March 2023, according to a release from today. Afterwards, officials notified law enforcement and began an investigation into what personal information was involved in the breach. Social security numbers, credit files and medical information may be involved in the breach. The college "has no evidence that any personal information has been or will be misused as a direct result of this incident," according to the release.

FEB 7

CALIFORNIA STATE WORKER UNION
California’s largest state employee union fell victim to a ransomware attack last month that, according to a cybersecurity analyst, likely exposed Social Security numbers, home addresses, birth dates and other sensitive information.
The union, which represents close to 96,000 California state workers, first reported news of a “network disruption” on Jan. 20, two days after the breach occurred. At the time, SEIU Local 1000 told members that it was “currently assessing what was affected.”
Union spokesperson Jim O’Donnell confirmed Tuesday that authorities were investigating the incident but declined to identify which law enforcement agencies were involved. He also said investigators were still determining whether any personal data — employees’ or members’ — was compromised.

FEB 8

AZURA VASCULAR CARE
Azura Vascular Care, a Pennsylvania-based operator of 70 outpatient vascular centers and ambulatory surgery centers in 25 states and Puerto Rico, notified the HHS’ Office for Civil Rights last month about a cybersecurity incident involving the protected health information of 348,000 patients.

FEB 6

VERIZON
Verizon is notifying more than 63,000 people, mostly current employees, that an insider, accidentally or otherwise, had inappropriate access to their personal data.
At the heart of the drama: A Verizon employee apparently obtained a file that they shouldn't have had access to, containing personal information including: names, addresses, Social Security numbers or other national identifiers, gender, union affiliation (if applicable), dates of birth, and compensation informatio

FEB 5

KEENAN & ASSOC
Keenan & Associates, the third-party administrator of Prime Healthcare’s employee benefit health plan, has been involved in a cybersecurity incident. 
In late August 2023, Keenan discovered disruptions occurring on some of its network servers. Keenan immediately began an investigation and engaged leading third-party cybersecurity and forensic experts to assist. Upon detection, Keenan took prompt action to contain it. Keenan also notified law enforcement.

FEB 5

MERCEDES-BENZ
A GitHub token leak compromised Mercedes-Benz's source code, revealing critical internal information including intellectual property, passwords, and cloud access keys. The breach was traced back to a Mercedes-Benz employee's GitHub  token, found in a public repository on September 29. RedHunt Labs researchers determined that this token provided unrestricted access to the car manufacturer's internal GitHub Enterprise Server.
Sensitive data exposed in the leak included database connection strings, cloud access keys, blueprints, design documents, single sign-on (SSO) passwords, API keys, and other vital internal details

FEB 5

HPE
Hewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information.
The company has told BleepingComputer that they have not found any evidence of a security breach and no ransom has been requested, but it's investigating the threat actor's claims.

FEB 2

CANOPY CHILDRENS SOLUTIONS
Canopy Children’s Solutions sent out data breach letters to anyone who was affected by the recent data security incident. Unfortunately, the publicly available Canopy Children’s Solutions data breach letter does not specifically mention what type of information was subject to unauthorized access. However, The personalized data breach letters sent to individual victims should provide victims with a list of what information belonging to them was compromised.

FEB 2

ANYDESK
AnyDesk, a remote access software company based in Germany with 170,000 customers globally, including Comcast and Thales, has confirmed its production systems were compromised in a security incident.  The company had left customers sweating for three days after client logins failed and it notified them of unplanned maintenance. A changelog showed it invalidated a previous code signing certificate on January 29. Germany's BSI warned after the incident that "possible leakage of the source code and certificates poses a risk of that this information could be used for further attacks on the provider's customers."

FEB 2

EXACTECH
Global orthopedic implant device and surgical instrument manufacturer Exactech had its computer network breached in April, resulting in the potential compromise of personal data belonging to 4,230 individuals across the U.S., reports Cybernews.

Information that could have been stolen in the data breach included individuals' names, usernames, email addresses, and passwords, as well as Social Security numbers and other government ID numbers, medical and health insurance details, and debit card or credit card data, although the types of exfiltrated data were different among victims, according to Exactech.

FEB 2

CLOUDFLARE

Last fall, Cloudflare announced it mitigated an attempted cyberattack stemming from the infamous Okta breach. But the cybersecurity vendor revealed on Thursday that this was not the case.

Cloudflare disclosed that it had been breached by an unnamed nation-state threat actor using an access token and three service account credentials that were stolen during the Okta breach in October. Cloudflare initially detected the attacker in its self-hosted Atlassian server on Thanksgiving Day and began investigating the breach, with later assistance from CrowdStrike.
According to the blog post, the threat actor accessed Cloudflare's internal wiki on Atlassian Confluence, its bug database on Atlassian Jira and its source code management system on Atlassian Bitbucket. Cloudflare said the operational impact of the breach was "extremely limited" and that no customer data or systems were impacted.

 

January 2024

Jan 24

HPE 
Hewlett Packard Enterprise disclosed that its cloud email environment was compromised in 2023 by the threat actor tracked as Midnight Blizzard, a Russia-aligned hacker group also recently blamed for an attack that compromised senior Microsoft executives.
In a filing with the U.S. Securities and Exchange Commission Wednesday, HPE said it was “notified” on Dec. 12 about the incident, which began in May 2023 and impacted a “small percentage” of staff email accounts.

Jan 24

SDPD
A file containing personal details of San Diego Police Department employees, including individuals' names and contact information, was made available on the department's website in early January, the department confirmed to NBC 7 Wednesday.

Jan 23

LEAK-LOOKUP 
The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak, which contains LinkedIn, Twitter, Weibo, Tencent, and other platforms’ user data, is almost certainly the largest ever discovered.
There are data leaks, and then there’s this. A supermassive Mother of all Breaches (MOAB for short) includes records from thousands of meticulously compiled and reindexed leaks, breaches, and privately sold databases. The full and searchable list is included at the end of this article.
Bob Dyachenko, cybersecurity researcher and owner at SecurityDiscovery.com, together with the Cybernews team, has discovered billions upon billions of exposed records on an open instance.

Jan 22

LOAN DEPOT
LoanDepot, one of the largest US-based retail mortgage lenders, has confirmed that around 16.6 million of its customers have had their personal information stolen.
In a new filing to the US Securities and Exchange Commission (SEC) on January 22, LoanDepot gave further detail about the cyber incident that affected the firm’s computer systems on January 8.  The mortgage provider has previously described the incident as a ransomware attack.

Jan 19

MICROSOFT
Microsoft said on Friday that a Russian state-sponsored group hacked into its corporate systems on Jan. 12 and stole some emails and documents from staff accounts.
The company said the hackers used a "password spray attack" starting in Nov. 2023 to breach a Microsoft platform. Hackers use this technique to infiltrate a company's systems by using the same compromised password against multiple related accounts.

Jan 19

VF CORP
Vans sneaker maker VF Corp said on Thursday the cyber incident that hit the company in December led to a breach of personal data of about 35.5 million consumers.
The company said it has substantially restored the IT systems and data that were impacted by the cyber incident, while working through minor operational issues..

Jan 17

ELECTROSTIM MEDICAL SERVICES
The Florida medical device company Electrostim Medical Services, Inc., which does business as EMSI, has recently confirmed that it suffered a cyberattack in May 2023 which involved access to parts of the network containing patient data. The Electrostim Medical Services data breach has recently been reported to the HHS’ Office for Civil Rights as affecting 542,990 patients.

Jan 17

PASTELERIA MOZART
A threat actor claims to have leaked sensitive data from the renowned Pastelería Mozart, a well-established bakery in Santiago de Chile since 1967. The Pastelería Mozart data breach, allegedly orchestrated by an entity known as Ynnian, has exposed a large amount of information, totaling 10,870,524 lines of data. The leaked details include names, email addresses, phone numbers, passwords, dates of birth, and more..

Jan 14

AUSTRALIAN GOVERNMENT
Labor has admitted it suffered Australia’s largest-ever government data breach, with key intelligence, defence and economic departments falling victim after millions of files were stolen from Australia’s largest commercial law firm.
After months of questioning, officials finally revealed late last year that 62 government departments including Australia Post, the Departments of Prime Minister and Cabinet, Treasury, Foreign Affairs and Trade, and Home Affairs, and the Tax Office, were all affected by the cyber attack on HWL Ebsworth.

Jan 12

BURR & FORMAN
Alabama-based law firm Burr & Forman announced that the company experienced a data breach affecting client information.
On October 23, 2023, Burr & Forman became aware of anomalous activity on one of the laptops in its network. The investigation indicated that an unauthorized actor gained access to certain documents and information from Burr & Forman's systems. On or about November 10, 2023, the investigation determined that some personal information was contained within the affected data.

Jan 12

RAPTOR TECHNOLOGIES
A popular school safety application used by thousands of schools across the country -- including some in Mid-Missouri -- had thousands of documents accessed that contained sensitive information.

Cybersecurity researcher Jerimiah Fowler said he discovered a breach in Raptor Technologies on Dec. 20 and notified the company of the flaw. Raptor Technologies' smartphone application Raptor Alert is aimed at improving responses for schools and law enforcement during emergencies, such as school shootings.

Fowler said he discovered more than 4 million records that contained highly sensitive data. That data included school maps, student health records, safety drill reports and court records. Fowler's report claims documents in a cloud system were not protected with a password.

Raptor Technologies says it is used by 60,000 schools across the world including more than 5,300 schools in the United States.

Jan 10

HMG HEALTHCARE
Texas-based care provider HMG Healthcare has confirmed that hackers accessed the personal data of residents and employees, but says it has been unable to determine what types of data were stolen.
In a notice published on its website, HMG chief executive Derek Prince confirmed that hackers in August accessed a server storing “unencrypted files” containing sensitive information belonging to patients, employees, and their dependents. HMG said it learned of the breach months later in November.

Jan 9

FIDELITY NATIONAL 
Real estate services giant Fidelity National Financial has confirmed hackers stole data on 1.3 million of its customers during a November cyberattack that knocked the company offline for a week.
FNF said in a filing Tuesday with federal regulators: “We determined that an unauthorized third-party accessed certain FNF systems, deployed a type of malware that is not self-propagating, and exfiltrated certain data.” The company said it has “notified its affected customers and applicable state attorneys general and regulators, and approximately 1.3 million potentially impacted consumers.”
The filing did not say what specific customer data was stolen, but said FNF is providing credit monitoring and identity theft services to affected customers, suggesting that the stolen customer information was personal or sensitive in nature.

Jan 7

LOANCARE
Loancare, a significant player in the national home mortgage servicing industry, has admitted to a massive data breach, compromising the personal identifiable information (PII) of over 1.3 million customers. The exposed data—a potential goldmine for cybercriminals—included names, addresses, Social Security numbers, and loan numbers.

Jan 5

COOPER AEROBICS 
Cooper Aerobics filed a notice of data breach with the Attorney General of California after discovering unauthorized access to its computer network. In this notice, Cooper Aerobics explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, addresses, phone numbers, email addresses, dates of birth, credit or debit card numbers and expiration dates, financial account information, driver’s license numbers, passport numbers, health information, and health insurance information. 

Jan 5

ORRICK, HERRINGTON, SUTCLIFFE 
Orrick, Herrington & Sutcliffe, a law firm that specializes in cyberattacks, last week disclosed that more than 600,000 individuals were impacted by a data breach that happened in early 2023.
Between February 28 and March 13, 2023, the company said attackers had unauthorized access to a portion of its network, including a file share storing files related to Orrick’s clients.

Jan 3

SSM HEALTH 
One of Oklahoma's biggest healthcare providers is warning patients that their business partner Navvis had a data breach in July of 2023.

Jan 3

XEROX 
Printing solutions giant Xerox over the weekend confirmed that its US-based subsidiary Xerox Business Solutions experienced a data breach.
The incident, the company says, was limited to Xerox Business Solutions US and was contained by its cybersecurity team.
While the attack did not affect Xerox’s corporate systems and had no impact on the company’s operations or data, the investigation launched into the matter determined that personal information was compromised.

Jan 2

BUNKER HILL COMMUNITY COLLEGE 
Bunker Hill Community College (BHCC) in Boston, Massachusetts experienced a data breach in May 2023.
On May 23, 2023, BHCC detected irregular activity on certain BHCC systems that was consistent with a ransomware attack. BHCC took the affected systems offline, contacted law enforcement and conducted an investigation. BHCC's backups were not affected, and BHCC personnel were able to restore BHCC's network from those backups without any data loss.

Jan 2

FALLON AMBULANCE SERVICE
Fallon Ambulance Service, a medical transportation company that served the greater Boston area, reported a data breach that impacted more than 911,000 individuals. Fallon was a subsidiary of Transformative Healthcare until December 2022, when it ceased operations.
Although the company was no longer providing services, it maintained a data storage archive to fulfill legal obligations. In April 2023, Fallon discovered that an unauthorized party had accessed the data storage archive from February to April and obtained files containing personal information.

Jan 1

TRANSFORMATIVE HEALTHCARE
Tesla has begun notifying current and former employees whose information was included in a confidential data Transformative Healthcare filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party accessed stored data related to Fallon Ambulance Services, a former subsidiary of Transformative Healthcare. In this notice, Transformative Healthcare explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, addresses, Social Security numbers, medical information and employment information.

What to Do If Your Data Is Breached
Major database breaches are a regular occurrence, meaning it’s not a matter of if you’ll get hit, but when. The good news is that being proactive when this happens can help prevent the headaches that come from the breach. 

bottom of page