Phishing Watchdog
PhishProtection.com “Phishing Watchdog” Is A Timeline of All Major Phishing Attacks Reported As They Breakout
An Updated Feed of All Significant Phishing Attacks
This is a comprehensive and frequently updated resource page that lists all the significant Phishing Attacks as they are discovered and happen online. Each attack is summarized here with links to further information about each attack. The list below is updated instantly with threat details as soon as the attack is verified to be authentic.
23rd December 2021 | Target: Pro Wrestling Tees | Reported Here
Pro Wrestling Tees, which sells t-shirts designed by professional wrestlers, has discovered that some customers’ credit card numbers have been compromised in a data breach, according to a notification seen by The Daily Swig.
A letter apparently sent to potentially impacted customers from the Chicago-based company indicates that a malware-related compromise of customer names and payment card data came to light on November 1.
24th December 2021 | Target: Inetum | Reported Here
Less than a week before the Christmas holiday, French IT services company Inetum Group was hit by a ransomware attack that had a limited impact on the business and its customers.
Inetum is active in more than 26 countries, providing digital services to companies in various sectors: aerospace and defense, banking, automotive, energy and utilities, healthcare, insurance, retail, public sector, transportation, telecom and media.
16th December 2021 | Target: Minecraft servers | Reported Here
Microsoft urges admins of self-hosted Minecraft servers to upgrade to the latest release to defend against Khonsari ransomware attacks exploiting the critical Log4Shell security vulnerability.
Mojang Studios, the Swedish video game developer behind Minecraft, released an emergency security update last week to address the bug tracked as CVE-2021-44228 in the Apache Log4j Java logging library(used by the game’s Java Edition client and multiplayer servers).
21st December 2021 | Target: Monongalia Health System, Inc. | Reported Here
Monongalia Health System, Inc., and its affiliated hospitals, Monongalia County General Hospital Company and Stonewall Jackson Memorial Hospital Company (collectively, “Mon Health”), announced that it recently investigated and addressed an email phishing incident, and is now notifying individuals, including patients, providers, employees, and contractors, whose information may have been involved.
20th December 2021 | Target: Ubisoft | Reported Here
French video game maker Ubisoft said today that a misconfiguration in its IT infrastructure exposed gamer data for players of its Just Dance video game series.
The company is currently notifying all impacted users via email after disclosing the breach earlier today in a community forum post.
17th December 2021 | Target: Sports gear sites | Reported Here
Four affiliated online sports gear sites have disclosed a cyberattack where threat actors stole credit cards for 1,813,224 customers.
While not much is known about the attack, a law firm representing the four websites stated that personal information and credit card information, including full CVV, were stolen on October 1st, 2021.
20th December 2021 | Target: Belgium | Reported Here
Belgium’s ministry of defense confirmed on Monday it had been hit by a cyberattack.
Hackers exploited a vulnerability in software called Log4j, which was discovered earlier in December, a ministry spokesperson told local media. The ministry uncovered the attack last Thursday.
Cybersecurity officials across the world have rushed to patch the Log4j vulnerability over the past week. The glitch has affected a long list of software firms including Amazon and Microsoft.
14th December 2021 | Target: Superior Plus | Reported Here
Superior Plus, the number one propane distributor in Canada and number five distributor in the U.S., has reported a ransomware incident. It’s the second security incident involving a top company in the propane business in the last six months.
Superior reported having discovered the breach on December 12. The company’s announcement does not mention when the attackers originally gained access to its systems.
16th December 2021 | Target: McMenamins | Reported Here
Portland brewery and hotel chain McMenamins suffered a Conti ransomware attack over the weekend that disrupted the company’s operations.
McMenamins is a popular chain of restaurants, pubs, breweries, and hotels located in Oregon and Washington.
The ransomware attack occurred over the weekend, on December 12th, with sources telling BleepingComputer that the Conti gang conducted it.
9th December 2021 | Target: Hellmann | Reported Here
Hellmann Worldwide Logistics has been hit by a cyber attack that has impacted operations.
On December 9, the German logistics services company said external security specialists are working on restoring operations, but it is currently unable to confirm whether any data has been leaked.
10th December 2021 | Target: South Australian government | Reported Here
South Australia Treasurer Rob Lucas said on Friday that state government employee data has been exfiltrated as part of a ransomware attack on payroll provider Frontier Software.
Lucas said the company has informed government that some of the data have been published online, with at least 38,000 employees and up to 80,000 government employees possibly having their data accessed.
10th December 2021 | Target: Volvo | Reported Here
Swedish car giant Volvo has confirmed it has suffered a security breach, with internal company data thought to have been affected.
In a statement, the company said that it had “become aware that one of its file repositories has been illegally accessed by a third party.”
Volvo says an initial investigation into the breach suggests that “a limited amount” of company’s R&D information has been stolen, and that this could have an effect on its overall operations.
7th December 2021 | Target: GitLab servers | Reported Here
Cerber ransomware is back, as a new ransomware family adopts the old name and targets Atlassian Confluence and GitLab servers using remote code execution vulnerabilities.
As ransomware began picking up pace in 2016, a new Cerber ransomware operation emerged that quickly became one of the most prolific gangs at the time. However, its activity slowly tapered off until it disappeared at the end of 2019.
6th December 2021 | Target: Infrastructure Sectors | Reported Here
Last Friday, the FBI released a new notice regarding the Cuba ransomware, stating that a threat group has attacked 49 entities spanning five different critical infrastructure sectors. The FBI also noted that the group has likely made at least $43.9 million in ransom payments. The threat group deploying the Hancitor malware is targeting enterprises in the financial, government, healthcare, manufacturing, and information technology sectors. The Hancitor malware is used to gain entry into Windows systems and is a loader known for dropping or executing Remote Access Trojans (RATs).
6th December 2021 | Target: Spar | Reported Here
More than 300 branches of the convenience store chain Spar in the north of England have been hit by a cyberattack, forcing many of them to close.
The attack hit the company’s computer systems, causing a “total IT outage” that has prevented staff from taking card payments and locked them out of emails.
Some branches of the chain, one of the few places to buy groceries in many remote communities, are accepting cash but the rest have been forced to close entirely.
5th December 2021 | Target: BitMart | Reported Here
Crypto trading platform Bitmart says it will use its own money to reimburse victims of a large-scale security breach, in which hackers took as much as $196 million.
Bitmart claims hackers withdrew about $150 million in assets. However, blockchain security and data analytics firm Peckshield, which first publicized the hack, estimates that the loss is closer to $200 million. CNBC reached out to Bitmart to ask about the multimillion dollar discrepancy, but the exchange declined to comment on this point.
6th December 2021 | Target: Nordic Choice Hotels | Reported Here
In the wake of the virus attack on the night of 2 December, Nordic Choice Hotels has over the weekend worked to map the extent of the virus attack on the IT systems.
On the night of 2 December, Nordic Choice Hotels was hit by a virus attack on our IT systems. The virus infected systems for bookings, check-in and check-out, as well as payment solutions. After the incident, we have worked around the clock with internal and external resources to get an overview of the extent of the event, as well as restore the systems so that the operation of the hotels can return to normal.
29th November 2021 | Target: Panasonic | Reported Here
Japanese tech giant Panasonic has confirmed a data breach after hackers gained access to its internal network.
Panasonic said in a press release dated November 26 that its network was “illegally accessed by a third party” on November 11 and that “some data on a file server had been accessed during the intrusion.” However, when reached, Panasonic spokesperson Dannea DeLisser confirmed that the breach began on June 22 and ended on November 3 — and that the unauthorized access was first detected on November 11.
26th November 2021 | Target: IKEA | Reported Here
Ikea is reportedly reeling under an ongoing cyberattack perpetrated through phishing emails sent via compromised Microsoft Exchange servers.
According to BleepingComputer, the homeware giany is alerting its employees of the campaign conducted through the classic reply-all email chain attack.
18th November 2021 | Target: Utah | Reported Here
Utah Imaging Associates (UIA), a Utah-based radiology center, has announced a data breach affecting 582,170 people after their personal information was exposed.
According to the data breach notification sent to affected individuals, the security incident was discovered on September 4, 2021, and was remediated on the same day.
17th November 2021 | Target: GoDaddy | Reported Here
Customer information including email addresses, account numbers and passwords related to more than one million GoDaddy users was exposed in a data breach, the company said Monday in a regulatory filing.
According to the web hosting company’s Securities and Exchange Commission notification, the breach affected users of WordPress, a web-based content management system used by bloggers and websites. The systems were first compromised on Sept. 6 when an unauthorized person used a stolen password to gain access, but the breach wasn’t discovered until Nov. 17.
12th November 2021 | Target: Costco | Reported Here
Costco customers at four of the retailer’s Chicago-area warehouses may have had their payment information compromised after employees discovered five card-skimming devices during routine PIN pad inspections at the end of August.
“We promptly removed the skimmers, notified law enforcement, and engaged a forensics firm to analyze the devices,” A Costco spokesperson told FOX Business in a statement. “It appears that these skimmers had the ability to capture information on the magnetic stripe of a payment card, including name, card number, expiration date, and CVV.”
Stor-a-File hit by ransomware after crooks target SolarWinds Serv-U FTP software
10th November 2021 | Target: Stor-a-File | Reported Here
Stor-а-File, а British dаtа cаpture аnd storаge compаny, suffered а rаnsomwаre аttаck in Аugust thаt exploited аn unpаtched instаnce of SolаrWinds’ Serv-U FTP softwаre.
The compаny informed its clients аbout the September аttаck, аnd told The Register thаt it refused to pаy. We understаnd some dаtа hаs been leаked by rаnsomwаre criminаls on а Tor blog.
8th November 2021 | Target: MediaMarkt | Reported Here
MediaMarkt and its stores have been hit by a large-scale cyber-attack. The electronics retailer’s international computer systems are said to have been ‘held hostage’ by a ransomware attack.
Everything encrypted
MediaMarkt employees were told this morning not to use the computers in the stores. They have become the victim of a cyber-attack. This also applies to the Dutch, Belgian and German stores. The staff is asked to disconnect the cash registers from the Internet and not to restart the systems, RTL Nieuws reports.
8th November 2021 | Target: Robinhood | Reported Here
Robinhood Markets on Monday afternoon disclosed an unauthorized party obtained access to personal information for nearly one-quarter of the company’s nearly 20 million users, marking one of the biggest security breaches ever for the popular online brokerage.
3rd November 2021 | Target: UK Labour Party | Reported Here
The Labour Party has been affected by a “cyber incident” involving its members’ data.
Labour said it was told on 29 October that it had been affected by the event by a third party firm that handled membership data on its behalf.
As a result, “a significant quantity” of party data was “rendered inaccessible on their systems”.
1st November 2021 | Target: N.L. health-care system | Reported Here
The Canadian province of Newfoundland and Labrador has suffered a cyberattack that has led to severe disruption to healthcare providers and hospitals.
The attack took place on October 30th, causing regional health systems to shut down their networks and cancel thousands of medical appointments. This outage affected health systems in Central Health, Eastern Health, Western Health, and the Labrador-Grenfell Regional Health authorities.
30th October 2021 | Target: LGBTQ Apps & Sites | Reported Here
The hacker group “Black Shadow” has leaked data from various Israeli companies, such as LGBTQ dating app “Atraf”, Dan bus company and tour booking company Pegasus on Saturday night.
Earlier in the day, they leaked data from the Kavim bus app after previous threats. “They did not contact us …So first data is here,” the group said on Telegram, affixing a photo of what appeared to be a database of Israeli citizens’ personal information. “If you do not contact us, (sic) it will be more,” added the group.
26th October 2021 | Target: Fullerton Health | Reported Here
“Fullerton Health confirms that its own IT network, systems and databases have not been accessed or breached,” it added.
In a statement, Agape said it discovered on Oct 19 that client information was compromised due to “unauthorised access by a malicious third party”.
15th October 2021 | Target: Porto Seguro | Reported Here
And the cases of virtual attacks targeting companies continue to rise, with Porto Seguro being the most recent organization to be hit by one of these crimes. Due to the scam, the service channels and in some systems of the insurance company have been unstable since Thursday
14th October 2021 | Target: Acer | Reported Here
The second Acer cyberattack, this 2021 is now confirmed after involved hackers themselves shared that they have access to the computer manufacturer’s servers.
Network cables are plugged in a server room on November 10, 2014 in New York City. U.S. President Barack Obama called on the Federal Communications Commission to implement a strict policy of net neutrality and to oppose content providers in restricting bandwith to customers.
This detail was announced after the ransomware attack back in March, which also targeted Acer. The cybercriminals claimed that they breached the offices of the giant tech firm in India in the second week of October.
12th October 2021 | Target: Olympus Corporation | Reported Here
Researchers say that BrewDog exposed the personally identifiable information (PII) of roughly 200,000 shareholders for the best part of 18 months.
According to PenTestPartners, BrewDog “declined to inform their shareholders and asked not to be named” in the research revealing the security flaw.
8th October 2021 | Target: BrewDog | Reported Here
Researchers say that BrewDog exposed the personally identifiable information (PII) of roughly 200,000 shareholders for the best part of 18 months.
According to PenTestPartners, BrewDog “declined to inform their shareholders and asked not to be named” in the research revealing the security flaw.
7th October 2021 | Target: Mastodon | Reported Here
Vidar stealer is back and has a new target: this time, the Mastodon social media network is being abused in a fresh malicious campaign. The goal is C2 configuration achievement without being noticed.
6th October 2021 | Target: Twitch, TV network | Reported Here
Twitch, the popular if frequently controversial Amazon-owned streaming service with 30 million daily visitors, confirmed reports on Wednesday that a breach had taken place after data, including possibly its entire source code and other sensitive company information, was leaked online.