Date
Victim
Summary
Threat Actor
Business Impact
Source Link
November 01, 2024
France’s Ministry of Labor and Employment
Young people’s data feared stolen in cyber attack on French government contractor
Unknown
France’s Ministry of Labor and Employment announced on Thursday that it discovered a cyber attack suspected to have impacted the data of young people it was helping get into employment.
Source: The Record
November 04, 2024
Cisco
Cisco notifies ‘limited set’ of customers after hacker accessed non-public files
IntelBroker
Cisco said it has notified a limited set of customers about files that were accessed by a hacker during an incident announced in October.
Source: The Record
November 04, 2024
Nokia
Nokia investigates breach after hacker claims to steal source code
IntelBroker
“Nokia is aware of reports that an unauthorised actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia,” the company told BleepingComputer. “Nokia takes this allegation seriously and we are investigating. To date, our investigation has found no evidence that any of our systems or data are being impacted. We continue to closely monitor the situation.” The statement came after a threat actor known as IntelBroker claimed to be selling Nokia source code that was stolen after they breached a third-party vendor’s server.
Source: Bleeping Computer
November 05, 2024
SelectBlinds
SelectBlinds says 200,000 customers impacted after hackers embed malware on site
Unknown
More than 200,000 who shopped for blinds or window dressing this year had their credit card information and other data stolen after hackers placed malware on SelectBlinds’s website. In addition to login information, the company learned that hackers likely obtained names, emails, shipping and billing addresses, phone numbers and payment card numbers alongside expiration dates and security/CVV codes.
Source: The Record
November 11, 2024
Amazon
Amazon confirms employee data breach after vendor hack
Nam3L3ss, a BreachForums name
Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hacking forum. The threat actor behind this data leak, known as Nam3L3ss, published over 2.8 million lines of Amazon employee data, including names, contact information, building locations, email addresses, and more. Amazon spokesperson Adam Montgomery confirmed Nam3L3ss’ claims, adding that this data was stolen from systems belonging to a third-party service provider.
November 11, 2024
Hot Topic, Box Lunch, and Torrid
HIBP notifies 57 million people of Hot Topic data breach
Satanic, a BreachForums name
Have I Been Pwned warns that an alleged data breach exposed the personal information of 56,904,909 accounts for Hot Topic, Box Lunch, and Torrid customers. According to HIBP, the exposed details include full names, email addresses, dates of birth, phone numbers, physical addresses, purchase history, and partial credit card data for Hot Topic, Box Lunch, and Torrid customers.
Source: Bleeping Computer
November 11, 2024
US govt officials
US govt officials’ communications compromised in recent telecom hack
A Chinese hacking group tracked as Salt Typhoon (aka Earth Estries, FamousSparrow, Ghost Emperor, and UNC2286)
CISA and the FBI confirmed that Chinese hackers compromised the “private communications” of a “limited number” of government officials after breaching multiple U.S. broadband providers. The attackers also stole other information from the companies’ compromised systems, including information related to customer call records and law enforcement requests.
Source: Bleeping Computer
November 14, 2024
Hungary’s defence procurement agency (VBÜ)
Hungary confirms hack of defence procurement agency
INC ransomware
Hungarian officials confirmed to local media that the country’s defence procurement agency (VBÜ) was attacked by an international group of hackers as the cybercrime group known as INC Ransomware claimed access to the agency’s data and posted sample screenshots on its dark web portal.
Source: The Record
November 16, 2024
T-Mobile
T-Mobile confirms it was hacked in recent wave of telecom breaches
Chinese state-sponsored threat actors known as Salt Typhoon (Allegedly mentioned)
T-Mobile confirmed it was hacked in the wave of recently reported telecom breaches conducted by Chinese threat actors to gain access to private communications, call records, and law enforcement information requests.
Source: Bleeping Computer
November 18, 2024
US space tech company Maxar
US space tech giant Maxar discloses employee data breach
“post” a BreachForums name
Hackers breached U.S. satellite maker Maxar Space Systems and accessed personal data belonging to its employees, the company informed in a notification to impacted individuals.
Source: Bleeping Computer
November 19, 2024
Ford
Ford rejects breach allegations, says customer data not impacted
EnergyWeaponUser and IntelBroker, BreachForums names
Ford investigated allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. The leak was announced by threat actor ‘EnergyWeaponUser,’ also implicating the hacker ‘IntelBroker,’ who supposedly took part in the November 2024 breach. The threat actors leaked on BreachForums 44,000 Ford customer records containing customer information, including full names, physical locations, purchase details, dealer information, and record timestamps.
Source: Bleeping Computer
November 19, 2024
Fintech Giant Finastra
Fintech Giant Finastra Investigating Data Breach
Abyss0, BreachForums Name
The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has supposedly learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company.
November 19, 2024
MediBoard by Software Medical Group
Cyber attack at French hospital exposes health data of 750,000 patients
A threat actor using nickname ‘nears’ (previously near2tlg) on BreachForums
A data breach at an unnamed French hospital exposed the medical records of 750,000 patients after a threat actor gained access to its electronic patient record system. A threat actor using the nickname ‘nears’ (previously near2tlg) claimed to have attacked multiple healthcare facilities in France, alleging that they have access to the patient records of over 1,500,000 people as the hacker claimed they breached MediBoard by Software Medical Group, a company offering Electronic Patient Record (EPR) solutions across Europe.
Source: Bleeping Computer
November 22, 2024
An unnamed US company
Hackers breach US firm over Wi-Fi from Russia in ‘Nearest Neighbor Attack’
APT28 (Fancy Bear/Forest Blizzard/Sofacy)
Russian state hackers APT28 (Fancy Bear/Forest Blizzard/Sofacy) breached a U.S. company through its enterprise WiFi network while being thousands of miles away, by leveraging a novel technique called “nearest neighbor attack.” The threat actor pivoted to the target after first compromising an organisation in a nearby building within the WiFi range. The attack was discovered on February 4, 2022, when cybersecurity company Volexity detected a server compromise at a customer site in Washington, DC that was doing Ukrainian-related work.
Source: Bleeping Computer
