Hi there, cyber enthusiasts and digital doomscrollers! Welcome to the "2024 Cybersecurity Breach List" – the ultimate, somewhat morbid carnival of digital mayhem and misfortune. Here, we're compiling every cyber hiccup, blunder, and full-blown catastrophe that graces the unforgiving cybersecurity landscape of 2024. Think of it as your one-stop shop for all things hacky and cracky and that smack-in-the-face-of-security.

Submit Breach Details HERE

Now, before you dive in, let's set the scene. 2024 isn't just another year in the cyber realm - it's like the digital equivalent of a reality TV show where every contestant tries to out-hack the other. From corporate giants to your next-door neighbor's smart toaster, nothing is safe, and we're here to chronicle every bit of it.

So, grab your popcorn (or a stiff drink), and let's embark on this questionable journey through the minefield of cybersecurity breaches. We promise to keep it snarky, keep it real, and above all, keep it informative. Because, let's face it, in the cyber world, if you're not laughing, you're probably crying in a corner somewhere. Let's do this!

Note: I don’t claim the hack details are accurate, nor do I claim anything beyond what I read in the link attached to each breach. I’m simply putting together a list of every breach I read about in 2024. The format for each post is the article's date followed by some Snarky Summary.

Share

4.19.2024 Cyberattack Takes Frontier Communications Offline - A local Texas telco loses unspecified PII to a hack attack.

4.19.2024 MITRE says state hackers breached its network via Ivanti zero-days - Even the defenders of the righteous get popped every now and again.

4.19.2024 Octopharma Plasma’s US operations shut down due to suspected ransomware attack - Blod plasma donations centers across the US are down.

4.18.2024 Over half a million Roku accounts compromised in second cybersecurity breach - 2nd time in the recent past. Roku is in trouble.

4.10.2024 Banking giant Wells Fargo suffers data breach, sends two notification letters - Ouch a breach at a big bank. Impact is unknown at this time.

4.9.2024 Round 2: Change Healthcare Targeted in Second Ransomware Attack - DING DING Round Two!

4.5.2024 The OWASP Foundation disclosed a data breach that impacted some members due to a misconfiguration of an old Wiki web server. HAH, it’s a nothing-burger of a story but still an interesting target!

4.5.2024 Yacht retailer MarineMax discloses data breach after cyberattack - I bought a BOAT! Yacht company haxored.

4.3.2024 Over 1.3M PandaBuy customers hit by data breach - API based breaches are becoming all the rage.

4.2.2024 CLOSED UNTIL FURTHER NOTICE: Jackson County says ransomware attack has impacted tax systems, other offices - The title says it all.

4.1.2024 AT&T notifies customers of massive data breach. Here’s what to know - Another massive data trove found on the Dark Web. No idea how old it is.

3.30.2024 North Carolina honey bun maker hit with ransomware attack - Oh no! This one hits close to home. Now my favorite honey buns!

3.29.2024 Massachusetts Health Insurer Data Breach Impacts 2.8 Million - Harvard Pilgrim Health Care gets fallout smashed by previous United Health Care breach.

3.20.2024 US Warns of Cyberattacks Against Water Systems Throughout Nation - Not sure this is an individual “breach” but still worth recording here.

3.20.2024 Fujitsu found malware on IT systems, confirms data breach - Another big tech company hit. Not sure of damage levels yet.

3.19.2024 Mintlify says customer GitHub tokens exposed in data breach - I’m not sure this one is a “breach” but it is certainly a mistake.

3.13.2024 Roku says over 15,000 accounts may have been accessed by bad actors in data breach incident - and just like that my parents TV watching habits have been pwned. Let’s hope that’s all they got.

3.9.2024 Top US cybersecurity agency hacked and forced to take some systems offline - Additional government systems were declared as compromised.

3.9.2024 Russian state-backed hackers breached Microsoft's core software systems, company says - I’m not sure this is a “breach” exactly, but it’s close enough to make my list.

3.9.2024 American Express card data exposed in third-party breach - More financial services destruction in this one. This time AMEX gets popped.

3.3.2024 Golden Corral restaurant chain data breach impacts 183,000 people - Eaters of crappy food and shoppers of odd southern knick knacks beware!

2.29.2024 Change Healthcare cyberattack outage could persist for weeks, UnitedHealth Group executive suggests - More healthcare hacks.

2.29.2024 Cyberattack on insurance giant disrupting business for doctors and therapists - Therapists are medical professionals too!

2.29.2024 Hackers Steal Personal Information From Pharma Giant Cencora - Even more healthcare. People are seeing an impact on the ability to get prescriptions filled!

2.29.2024 UnitedHealth hackers say they stole 'millions' of records, then delete statement - Hackers are clearly targeting health care companies at this point.

2.29.2024 Toronto Public Library cyber-attack report finds user data may have been compromised - This one found via local news. Public libraries are still around?

2.28.2024 Hackers Abuse Telegram API To Exfiltrate User Information - Phishing attempts targeting telegram APIs are in full effect.

2.27.2024 Hackers demanded money in Ohio Lottery cybersecurity incident: I-Team - Lottery getting popped is a bit ironic. Sounds like a natural target to me.

2.27.2024 Steel giant ThyssenKrupp confirms cyberattack on automotive division - Automotive seems to be a super hot target these days.

2.26.2024 Over 2M Mr. Cooper customers’ records exposed by unsecured database - Open cloud datastore for this one. Let’s get basic hygiene right people!

2.26.2024 Submitted Breach Notification Sample UHAUL - Ooopsie. Better not try to move anytime soon!

2.26.2024 Update: Some applications are experiencing connectivity issues - Incident Report for Optum Solutions - Boink. More healthcare going down.

2.19.2024 Hackers Claim Data Breach at Staffing Giant Robert Half, Sell Sensitive Data - Another recruiting house goes down! Breached last June, data finally leaks.

2.14.2024 Prudential Financial breached in data theft cyberattack - Second breach in two years for Prudential. 320K records the first time and undisclosed this time.

2.13.2024 Hackers Leak Alleged Partial Facebook Marketplace Database - This one is the result of a contractor hack at the end of 2023.

2.12.2024 LectureNotes Learning App Hit by Cyberattack; 2 Million Users Affected - 2.1M records disclosed due to an open MongoDB. Misconfiguration strikes again!

2.8.2024 Verizon Employee Data Exposed in Insider Threat Incident - I debated not including this one as it was insider threat related - but meh. It’s still a compromise!

2.6.2024 HPE investigates new breach after data for sale on hacking forum - Not sure when they were hacked but data is floating around the dark web for them.

2.5.2024 Pennsylvania Courts website down due to cyberattack - Another court goes down in flames.

2.5.2024 Anydesk Incident: Customer Credentials Leaked and Published For Sales On The Dark Web - More dark web bomb drops.

2.3.2024 Lurie Children's Hospital network outage continues as hospital responds to 'cybersecurity matter' - Attacking a children’s hospital is the lowest of the low. Despicable!

1.30.2024 Timex breach leaks employee Social Security numbers - Time to get a Rolex? Timex employees might be considering it.

1.29.2024 Keenan warns 1.5 million people of data breach after summer cyberattack - 1.5M records lost in summer of 2023 just now coming to light. Complete health, SSN, passport, name, DL, and more were compromised.

1.29.2024 Energy giant Schneider Electric hit by Cactus ransomware attack - Ransomware is declining but still affected the Schneider Electrics sustainability division.

1.29.2024 Cyberattack hits Georgia county where Trump faces election interference charges - All desktop phones, intranet, and department servers were hit. This one looks to be politically charged!

1.29.2024 Freehold Township schools closed after the cyber attack; other schools are vulnerable - 3500 K-8th grade students affected. Schools should be off-limits for attackers!

1.28.2024 Anthropic confirms it suffered a data leak - It looks like Claude may have gotten popped. This could be an interesting one long term.

1.24.2024 Wall Street Stock-Lending Platform Crashes in Ransomware Attack - Equilend popped. Yet another lender compromised with Ransomware.

1.24.2024 Jason’s Deli credential stuffing attack - It looks like Subway wasn’t the only sandwich shop in the crosshairs recently. 33K+ records popped.

1.24.2024 Subway Puts a LockBit Investigation on the Menu - Stick this in your footlong and smoke it, Jared! OUCH! And seriously is their bread made of glass or plastic?

1.24.2024 Trezor support site breach exposes personal data of 66,000 customers - 66K crypto wallet customers personal data leaked. Crypto was definitely a SAFE BET!

1.24.2024 Data of 15 million Trello users scraped and offered for sale - Frequently used high-tech tool Trello data is seen floating around the dark web.

1.21.2024 Carnegie Mellon University hit by cyberattack, informs 7,300 people possibly affected - Another university popped. FF: My first hack was a university!

1.19.2024 Thieves steal 35.5M customers’ data from Vans sneakers maker - Damn Daniel! Back at it again with the white VANS!

1.11.2024 Xerox Releases Statement Regarding Cybersecurity Incident Affecting XBS Subsidiary - If a tree falls in the woods, does anyone actually care? I didn’t even know XBS was still in business!

1.11.2024 Fidelity National Financial says hackers stole data on 1.3 million customers - 1.3M customer records. Another day, another financial breach!

1.8.2024 loanDepot, Inc. Cybersecurity Incident - This one was disclosed in an SEC 8-K filing. I wonder if this is how we’ll predominantly learn about breaches in the future.

1.5.2024 Administrator Account for Middle East Internet Registry Hacked - Not US-based news, but still an interesting one for the record books. Middle East, Europe, and Asian domain registry hacked!

1.5.2024 Law firm that handles data breaches was hit by data breach - 637k records of breach information stolen from Orrick, Herrington & Sutcliffe. Ooopsie.

1.3.2024 Data breach at healthcare tech firm impacts 4.5 million patients - OUCH 4.5M patients compromised. HealthEC population health management platform.

1.2.2024 Hackers hit Australian state's court recording database - Another Australian attack - Nissan now this! Court notes were compromised in this one.

1.1.2024 Ohio bank gives notice of ‘security incident’ - Name, passport number, license information, SSN, financial account information, medical information and username and password disclosed. Watch your backs on this one!

12.28.2024 Steam game mod breached to push password-stealing malware - Shoot, I hope I didn’t get pwned through this one. It’s not the first time Steam has been targeted.

12.28.2023 GTA 5 source code leaks online, giving Rockstar a huge blow on Christmas: Report - I wonder if any interesting easter eggs were discovered?

12.27.2023 Ransomware Group Claims 100GB of Data Stolen From Nissan - Akira group takes credit for 100GB of compromised data. Austalia and New Zealand Nissan systems were targeted.

12.27.2024 Cybercriminals Launched “Leaksmas” Event In The Dark Web Exposing Massive Volumes Of Leaked PII And Compromised Data - More than one target and tons of leaked NFO. This one was global, with attacks affecting dozens of countries.

12.22.2023 Ubisoft says it’s investigating reports of a new security breach - attacker planned to exfiltrate 900GB of data. Sharepoint, Teams, Confluence, and MongoDB were compromised. Sorry Ubisoft, you’re in deep trouble. Follow up: It looks like Ubisoft prevented this attack after all LINK.

12.19.2023 Comcast says hackers stole data of close to 36 million Xfinity customers - DAMN, That’s a lot of customers. Imagine if this had happened before cord-cutting! This one looks like the result of the CitrixBleed attack.