Phishing Watchdog – Stay Safe with Instant Alerts


Phishing Watchdog “Phishing Watchdog” Is A Timeline of All Major Phishing Attacks Reported As They Breakout


An Updated Feed of All Significant Phishing Attacks

This is a comprehensive and frequently updated resource page that lists all the significant Phishing Attacks as they are discovered and happen online. Each attack is summarized here with links to further information about each attack. The list below is updated instantly with threat details as soon as the attack is verified to be authentic.

Please Sign Up To Get Instant Phishing Attack Alerts by Email



UC San Diego Health Announces Data Breach

27th July 2021 | Target: UC San Diego Health | Reported Here

UC San Diego Health, the academic health system of the University of California, San Diego, has disclosed a data breach after the compromise of some employees’ email accounts.

UC San Diego Health is one of the nation’s best hospitals, being repeatedly ranked as the best health care system in San Diego, according to the 2021-2022 U.S. News & World Report survey.


[above via Bleeping Computer post] Update 1 / Update 2 


Saudi Aramco data breach sees 1 TB stolen data for sale

19th July 2021 | Target: Saudi Aramco | Reported Here

Saudi Aramco, the world’s largest oil producer, confirmed on Wednesday that some of its company files had been leaked via a contractor, after a cyber extortionist claimed to have seized troves of its data last month and demanded a $50 million ransom from the company.

Aramco said in a statement that it had “recently become aware of the indirect release of a limited amount of company data which was held by third-party contractors.” The oil company did not name the supplier or explain how the data were compromised.


[above via Arstechnica post] Update 1 / Update 2 


Ransomware hits Campbell Conroy & O’Neil, P.C. (Campbell), a US law firm

18th July 2021 | Target: Campbell Conroy & O’Neil | Reported Here

Campbell Conroy & & O’Neil, P.C. (Campbell), a United States law firm counseling lots ofFortune 500 as well as Global 500 companies, has actually divulged an information violation complying with a February 2021 ransomware strike.

Campbell’s client list consists of top-level companies from different market markets, consisting of auto, aeronautics, power, insurance policy, pharmaceutical, retail, friendliness, as well as transport.


[above via Tech Widdle post] Update 1


Cyberattack on Moldova’s Court of Accounts destroyed public audits

16th July 2021 | Target: Moldova’s Court | Reported Here

Moldova’s “Court of Audit” has suffered a cyber attack that has led to the destruction of public databases and agency audits.

The Moldovan Court of Accounts is a government authority that conducts audits of public financial resources and government agencies to comply with international standards.


[above via News Block post] Update 1


Ransomware attack at Comparis resulted in data breach

15th July 2021 | Target: Comparis | Reported Here

Leading Swiss price comparison platform Comparis has notified customers of a data breach following a ransomware attack that hit and took down its entire network last week.

Comparis is one of the most popular Swiss websites with more than 80 million visits every year and the largest Swiss online marketplace for property and cars.


[above via Bleeping Computer post] Update 1


Nepal Telecom call details stolen by Chinese hackers

12th July 2021 | Target: Nepal Telecom | Reported Here

Nepal Telecom has been subjected to a terrible “cyber attack” from China. Chinese hackers have attacked Nepal Telecom and stolen the call details of all Nepali users.

By hacking the Oracle Glass Fish Server used by the telecom company, the Chinese hackers have stolen all the call details of Nepalis.



Fashion retailer Guess discloses data breach after ransomware attack

12th July 2021 | Target: Guess | Reported Here

American fashion brand Guess was hit by a ransomware attack, now the company is disclosing a data breach and is notifying affected customers.

The attack was likely carried out by the DarkSide ransomware gang that in April listed Guess on their data leak site claiming to have stolen over 200 GB of files.


[above via Security-affairs post] Update 1


Mint Mobile hit by a data breach

10th July 2021 | Target: Mint Mobile | Reported Here

Carrier Mint Mobile has revealed it was the victim of a data breach, one which allowed a number of customer phone numbers to be ported out to another carrier, along with possible access to subscriber data.

An email sent on Saturday to affected customers by Mint Mobile discloses there was a breach of the carrier’s systems. The breach, which occurred between June 8 and June 10, reveals a “very small number of Mint Mobile subscribers’ phone numbers were affected by the incident.


[above via Apple Insider post] Update 1


Forefront Dermatology reports breach of 2.4M patient records

9th July 2021 | Target: Forefront Dermatology | Reported Here

Forefront Dermatology S.C, a Wisconsin-based dermatology practice with affiliated offices in 21 states plus Washington, D.C., is notifying 2.4 million patients, employees and clinicians of a recent hacking incident. The incident apparently involved a ransomware strain known as “Cuba.”


[above via Data Breach Today post] Update 1


Morgan Stanley reports data breach after vendor Accellion hack

8th July 2021 | Target: Morgan Stanley | Reported Here

Morgan Stanley suffered a data breach that exposed sensitive customer data, and it became the latest known casualty of hackers exploiting a series of now-patched vulnerabilities in Accellion FTA, a widely used third-party file-transfer service.

The data obtained included names, addresses dates of birth, social security numbers, and affiliated corporate company names, Morgan Stanley said in a letter first reported by Bleeping Computer. A third-party service called Guidehouse, which provides account maintenance services to the financial services company, was in possession of the data at the time.


[above via Arstechnica post] Update 1 / Update 2


Hackers Scrape 90,000 GETTR User Emails, Surprising No One

6th July 2021 | Target: Gettr | Reported Here

Hackers were able to scrape the email addresses and other data of more than 90,000 GETTR users.

On Tuesday, a user of a notorious hacking forum posted a database that they claimed was a scrape of all users of GETTR, the new social media platform launched last week by Trump’s former spokesman Jason Miller, who pitched it as an alternative to “cancel culture.” The data seen by Motherboard includes email addresses, usernames, status, and location.


[above via Vice post] Update 1 / Update 2


Ransomware Attacks Hits PractiseFirst

5th July 2021 | Target: Practicefirst | Reported Here

Practicefirst, an Amherst, New York-based medical management services provider, on July 1 reported to federal regulators a breach that occurred late last year.

The company’s breach notification statement appears to indicate that the firm paid a ransom in exchange for promises that the attackers would destroy and not further disclose files stolen in the incident.


[above via Govinfosecurity post] Update 1


16k L&I Workers’ Data Compromised

2nd July 2021 | Target: Pacific Market Research (PMR) | Reported Here

Sensitive information on over 16,000 workers may have been exposed in a ransomware attack on a Renton market research company’s data system.

Pacific Market Research (PMR) “recently notified” the Washington state Department of Labor and Industries, one of its clients, about the May 22 attack, according to a Thursday L&I news release.

An unauthorized party accessed PMR’s network and encrypted their servers during the attack, affecting an L&I file with sensitive information, according to the release.


[above via The Olympian post] Update 1


Ransomware Hits Arthur J. Gallagher (AJG)

2nd July 2021 | Target: Arthur J. Gallagher (AJG) | Reported Here

Arthur J. Gallagher (AJG), a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September.

“Working with the cybersecurity and forensic specialists to determine what may have happened and what information may have been affected, we determined that an unknown party accessed or acquired data contained within certain segments of our network between June 3, 2020 and September 26, 2020,” AJG said.


[above via Bleeping Computer post] Update 1


REvil ransomware hits 200 companies in MSP supply-chain attack

2nd July 2021 | Target: Kaseya | Reported Here

In a statement late Friday evening, Kaseya CEO Fred Voccola confirmed that the company’s Incident Response team caught wind of the attack mid-day and immediately shut down their SaaS servers as a precautionary measure, despite not having received any reports of compromise from any SaaS or hosted customers.

“[We] immediately notified our on-premises customers via email, in-product notices, and phone to shut down their VSA servers to prevent them from being compromised. We then followed our established incident response process to determine the scope of the incident and the extent that our customers were affected,” Voccola said.


[above via Zdnet post] Update 1 / Update 2


Microsoft’s Halo dev site breached using dependency hijacking

29th June 2021 | Target: Microsoft | Reported Here

Microsoft has actually once more been efficiently struck by a dependency hijacking assault.

Previously, as initially reported by BleepingComputer, a scientist had morally hacked over 35 significant technology companies, consisting of Microsoft, by manipulating a weak point called “dependency confusion.”

This month, one more scientist discovered an npm interior dependency being made use of by an open-source task.


[above via Techtwiddle post] Update 1


Technisanct has disclosed serious data breach

25th June 2021 | Target: Technisanc | Reported Here

Kochi-based cybersecurity and big data startup, Technisanct, has disclosed ‘serious data breach’ in a trading platform in India. Information of over 3.4 million customers were compromised, according to a statement from the cybersecurity startup. Personal Identifiable Information (PII) which includes name, customer ID, contact number, email ID, trade login ID, branch ID, city and country were leaked. The security breach was identified by Technisanct’s digital risk monitoring tool ‘Integrite’.

The data of the customers has been kept for sale on a data-sharing platform for 8 of their credits. The information was published on June 15 and the incident was reported to CERT by Technisanct.


[above via The Week post] Update 1 


Fleury hit by REvil ransomware attack

23rd June 2021 | Target: Fleury Medical Diagnostics | Reported Here

This week, Brazilian healthcare giant Grupo Fleury suffered a ransomware attack. Business operations were impaired up to the point that systems had to be shut down, leaving patients unable to book appointments for labs and other medical examinations online.

On the 22nd of June, the Grupo Fleury website began displaying a warning message, alerting to the fact that its systems were suffering an attack, but that the company was doing its best to remediate the damage. The message also stated that “the causes of this unavailability originated from the attempted external attack on [their] systems, which are having operations re-established with all the resources and technical efforts for the rapid standardization of services.”


[above via It Security Guru post] Update 1 


Fertility clinic discloses data breach exposing patient info

20th June 2021 | Target: Fertility Clinic | Reported Here

A Georgia-based fertility clinic has disclosed a knowledge breach after recordsdata containing delicate affected person data have been stolen throughout a ransomware assault.

Reproductive Biology Associates, LLC, (RBA) is a fertility clinic that recruits egg donors, retrieves eggs, and shops them for later use by recipients, together with these utilizing the MyEggBank service.


[above via Technicalripon post] 


Wegmans notifies customers of data breach

18th June 2021 | Target: Wegmans | Reported Here

Wegmans Food Markets were hit with a database breach that exposed customers’ information — name, address, email, birth date — but no social security numbers or financial information.

The Rochester, New York supermarket said in a press release that “a previously undiscovered configuration issue” led to two of its internal cloud databases being inadvertently left open to potential outside access. The company said it notified its customers that no financial information or social security numbers were involved since the company doesn’t collect or store that data.


[above via Pymnts post] Update1 / Update 2


Carnival Cruise hit by data breach, warns of data misuse risk

17th June 2021 | Target: Carnival Cruise | Reported Here

Carnival Corp. said Thursday that a data breach in March might have exposed personal information about customers and employees on Carnival Cruise Line, Holland America Line and Princess Cruises.

In a letter to customers, the company indicated that outsiders might have gained access to Social Security numbers, passport numbers, dates of birth, addresses and health information of people.


[above via USA Today post] Update1 / Update 2 / Update 3


Eggfree Cake Box suffer data breach exposing credit card numbers

17th June 2021 | Target: Cake Box | Reported Here

UK-based cake maker and retailer Cake Box Holdings Plc (CBOX.L) said on Thursday it had informed customers about a data breach in 2020 that might have compromised their personal information.

Shares of the company fell more than 8%. Cake Box said it had taken “appropriate steps to investigate the incident”.


[above via Reuters post] Update1 / Update 2


Gateley suffers data breach

16th June 2021 | Target: Gateley | Reported Here

Gateley, the UK-based legal and professional services group, has revealed that client data was accessed during a cyber-attack.

In a security alert published yesterday (June 16), the company said it took “some systems offline” after detecting unauthorized activity on its network.

It has since reestablished “core systems to enable us to continue to work and communicate with our clients, suppliers and intermediaries”.


[above via Portswigger post] Update1


IKEA Fined $1.2m for Spying on Employees

15th June 2021 | Target: IKEA | Reported Here

Swedish furnishing conglomerate IKEA has been fined €1m ($1.2m) for illegally spying on its employees in France and storing their data.

The fine was ordered by a French court on Tuesday after a criminal probe launched in 2012 found that IKEA France had created an elaborate “spying system” to snoop on staff and on customers who had opened disputes.

IKEA, which has 29 stores in France, was found guilty of “receiving personal data by fraudulent means.”


[above via InfoSecurity post] Update1 / Update 2


System failure hits Stillwater Medical

14th June 2021 | Target: Stillwater Medical | Reported Here

The Stillwater Medical Center hospital system is responding to a major computer outage that briefly shut down emergency room operations Monday morning.

Staff discovered the incident Sunday, June 13, according to spokesperson Shyla Eggers. Ambulances were diverted to other hospitals from about midnight to 7 a.m. on Monday, she said.


[above via News9 post] Update1 / Update 2


Audi, Volkswagen data breach affects 3.3 million customers

12th June 2021 | Target: Audi, Volkswagen | Reported Here

Audi and Volkswagen have suffered a data breach affecting 3.3 million customers after a vendor exposed unsecured data on the Internet.

Volkswagen Group of America, Inc. (VWGoA) is the North American subsidiary of the German Volkswagen Group. It is responsible for US and Canadian operations for Volkswagen, Audi, Bentley, Bugatti, Lamborghini, and VW Credit, Inc.


[above via Bleeping Computer post] Update1 / Update 2


Intuit notifies customers of hacked TurboTax accounts

12th June 2021 | Target: Intuit – TurboTax | Reported Here

Financial software company Intuit has notified TurboTax customers that attackers have accessed some of their personal and financial information after what appears to be a series of account takeover attacks.

In a breach notification letter sent to affected customers earlier this month, the company said it was not a “systemic Intuit data breach.”


[above via News Block post]


McDonald’s Hit by Data Breach

11th June 2021 | Target: McDonald’s | Reported Here

McDonald’s Corp. said hackers stole some data from its systems in markets including the U.S., South Korea and Taiwan, in another example of cybercriminals infiltrating high-profile global companies.

The burger chain said Friday that it recently hired external consultants to investigate unauthorized activity on an internal security system, prompted by a specific incident in which the unauthorized access was cut off a week after it was identified, McDonald’s said. The investigators discovered that company data had been breached in markets including the U.S., South Korea and Taiwan, the company said.


[above via WSJ post] Update 1 / Update 2 / Update 3


Foodservice supplier Edward Don hit by a ransomware attack

10th June 2021 | Target: Edward Don | Reported Here

Edward Don, a foodservice company, was hit by a suspected ransomware attack that encrypted its network. The attack caused the company to shut down some of its operations to prevent the malware’s spread.

Owned and operated by the Don family since 1921, Edward Don and Company are one of the largest foodservice equipment and supplies distributors in the US. It sells such equipment as kitchen supplies, bar supplies, dinnerware, and flatware.


[above via Cyber Intel Mag post] Update 1


CD Projekt: Data stolen in ransomware attack now circulating online

10th June 2021 | Target: CD Projekt | Reported Here

The CD Projekt Group, which owns Cyberpunk and Witcher developer CD Projekt Red, has warned that sensitive data — including that of its own employees — was likely exposed during a security breach earlier this year.

In a statement, the Polish developer said it has discovered new information about the breach, and now has reason to believe that some illegally gathered data is “currently being circulated on the internet.”


[above via Games Industry post] Update 1


Hackers breach gaming giant Electronic Arts, steal game source code

10th June 2021 | Target: Electronic Arts | Reported Here

Hackers have broken into gaming giant Electronic Arts, the publisher of Battlefield, FIFA, and The Sims, and stole a wealth of game source code and related internal tools, Motherboard has learned.


[above via Vice post] Update 1


ADATA hit by Ragnar Locker ransomware

8th June 2021 | Target: ADATA | Reported Here

Leading Taiwan-based memory and storage manufacturer ADATA says a ransomware attack forced it to shut down systems after attacking its network in late May.

ADATA manufactures high-performance DRAM memory modules, NAND Flash memory cards, and other products, including mobile accessories, gaming products, electrical powertrains, and industrial solutions.

The company was ranked as the second largest manufacturer of DRAM memory and solid state drives (SSD). in 2018.


[above via News-block post] Update 1 / Update 2


Navistar discloses data breach

7th June 2021 | Target: ADATA | Reported Here

US truck and military vehicle manufacturer Navistar International Corp said on Monday that the company was targeted by a cyberattack.

In an 8-K US Securities and Exchange Commission filing published on Monday, Navistar said it became aware of a potential data breach last month, saying it received a claim that data had been stolen from its IT system. It’s unclear exactly what data was taken.


[above via Business Insider post] Update 1 / Update 2


Fujifilm Shuts Down Network After Suspected Ransomware Attack

3rd June 2021 | Target: Fujifilm | Reported Here

Japanese multinational conglomerate Fujifilm has been forced to shut down parts of its global network after falling victim to a suspected ransomware attack.

The company, which is best known for its digital imaging products but also produces high-tech medical kit, including devices for rapid processing of COVID-19 tests, confirmed that its Tokyo headquarters was hit by a cyberattack on Tuesday evening.


[above via Techcrunch post] Update 1 / Update 2


The M.T.A. Is Breached by Hackers as Cyberattacks Surge

2nd June 2021 | Target: Metropolitan Transportation Authority | Reported Here

The Metropolitan Transportation Authority, which operates New York City’s subway and bus systems, confirmed to Fox News on Wednesday that at least three of its 18 systems were hacked in April.

The MTA is critical infrastructure in a city that serves as a national and world financial center, among other roles New York plays in the economy.


[above via Fox Business post] Update 1 / Update 2


Spain’s Ministry of Labor and Social Economy hit by cyberattack

1st June 2021 | Target: Spanish Ministry of Labor and Social Economy | Reported Here

The Ministry of Labor and Social Economy has suffered a new cyber attack. Just three months after the one suffered by the State Public Employment Service (SEPE), dependent on Labor. Through a brief message on Twitter, the Ministry of Labor has reported that it is being affected by a computer attack.


[above via Explica post] Update 1 / Update 2


Swedish Health Agency shuts down SmiNet after hacking attempts

31st May 2021 | Target: Swedish Health Agency | Reported Here

The Swedish Public Health Agency shut down SmiNet, the country’s infectious disease database, on Thursday after it was the target of several hacking attempts.

SmiNet, which is also used to store electronic reports with statistics on COVID-19 infections, was closed on Thursday to investigate the attacks and came back online Friday night.


[above via News Block post]


JBS Foods shuts down production after cyberattack

31st May 2021 | Target: JBS Food | Reported Here

Meat processor JBS has warned it could take the company some time to recover from an “organised cyber security attack” that has impacted servers in its Australian and North American operations.

The attack was first reported by industry news website Beefcentral, which quoted JBS Australia CEO Brent Eastwood saying that the full impact of the attack was still being assessed.


[above via Itnews post] Update 1


Beware: Walmart phishing attack says your package was not delivered

29th May 2021 | Target: Walmart | Reported Here

An ongoing domain name spoofing campaign is taking aim at retail giant Walmart and other big fish, with more than 540 malicious domains being used to harvest consumer information.

The scam domains are mimicking legitimate sites in name and appearance, in hopes of fooling visitors into entering their personal details, according to analysis from DomainTools. Aside from Walmart, other big-name lures are affiliated with the phishing campaign, spoofing Fortune 500 companies like McDonald’s, online dating sites and movie downloads. An unknown threat actor is behind it all, the firm said, displaying an obvious level of sophistication given the sheer scale of the effort.


[above via Threatpost post] Update 1


Canada Post hit by data breach after supplier ransomware attack

27th May 2021 | Target: Canada Post | Reported Here

Canada Post said on Wednesday that a cyberattack and data breach on an electronic data interchange (EDI) supplier has compromised information from 44 of its large parcel business customers, affecting nearly 1 million recipients.

The attack on Ontario-based Commport Communications compromised the shipping manifest data of the customers. Canada Post, Canada’s government-run postal carrier, did not identify the customers.


[above via Freightwaves post] Update 1 / Update 2 / Update 3