GitHub (2022)
OAuth tokens stolen from Heroku and Travis CI integrations
Latest Disclosures
Quito Metro (Ecuador)
Ransomware attacked Ecuador's Quito metro transit system
Deutsche Windtechnik (Germany)
Cyberattack shut down remote monitoring of 2,000 wind turbines
Oil India Limited
Ransomware attack on state-owned oil company — $7.5M ransom demanded
Weslaco ISD (TX)
12K student records exposed
China Eastern Airlines
Passenger data leaked online — flight records and personal information exposed
Southwest Health System
46K patient records exposed in breach
Travelio
471,376 records exposed — Auth tokens, Dates of birth, Email addresses, Names and 3 more
GE Aviation
Former employee stole turbine trade secrets for China
Maternal & Family Health Services
461K patient records exposed
Block (Cash App)
8.2M user records exposed by former employee
Cash App Investing
8.2M customer account records exposed by former employee
Clark University
92K student records exposed
City of Wheat Ridge CO
Ransomware encrypted city systems
Bryan Health (Nebraska)
134K patient records exposed in email breach
Beetle Eye
7M email marketing records with financial data exposed
Physicians Business Office
196K patient records exposed in vendor billing breach
Royal Enfield
420,873 records exposed — Dates of birth, Email addresses, Genders, Names and 5 more
Nordex SE (German Wind)
Conti ransomware hit German wind turbine manufacturer — IT systems shut down
Lapsus$ / Globant
70GB of source code stolen from IT consultancy
Shields Health Care (tech)
2.3M patient records exposed via technology vendor breach
MCG Health
1.1M patient records exposed including SSNs
Trenitalia (Italian Railways)
Hive ransomware disrupted Italian train ticket systems nationwide
Okta (2022)
LAPSUS$ breached via third-party vendor Sitel, 366 customer tenants affected