Category: ➽Data Leaks
-
Yippi social network data breach
June 2022: Targeted attack against Asia’s Social Media Network detected by Kaduu’s Dark Web Monitoring Research Team Southeast Asia’s 1st social media & messaging super app that connects people around the world with multi-features, including social communication, has been hacked. On June 14, 2022 Kaduu Team has discovered data leak belonging to YippiWeb.com. More details…
-
Novartis experienced a cyber attack
On February 25, Pharmaceutical giant Novartis has been attacked by Industrial Spy hacking group. The company ensures no sensitive data has been compromised during the incident. Industrial Spy is a hacking group that runs an extortion marketplace where they sell data stolen from compromised organizations. On June 2, the hacking group began selling data allegedly…
-
Cl0p Ransomware back online, 21 victims in a month
After shutting down their entire operation for several months, between November and February, the Cl0p ransomware is now back. The surge in activity was noticed after the ransomware group added 21 new victims to their data leak site within a single month of April. Cl0p has became very active comparing to itself in the past.…
-
General Motors suffered from credential stuffing
On May 23, it was disclosed that car manufacturer General Motors was the victim of a credential stuffing attack last month that exposed some customers’ information and allowed hackers to redeem rewards points for gift cards. General Motors run its own online platform for car owners to facilitate car and accessories management. Credentials stuffing is…
-
21M SuperVPN, GeckoVPN users data leaked on Telegram
Earlier this month we have detected several Telegram channels that share with their followers various data breaches. This time database of 10GB worth of data from companies like SuperVPN, GeckoVPN, and ChatVPN has been shared online and is now available to anyone for download. On May 4th, 2022, a database containing the personal details and…
-
Heroku confirms its data breach
On May 5, Heroku, a platform as a service (PaaS) that enables developers to build, run, and operate applications entirely in the cloud, confirmed its data breach. Heroku revealed that hackers used stolen GitHub integration OAuth tokens in order to exfiltrate customers’ hashed and salted passwords from internal customer database. This week, Heroku started performing forced password resets…
-
BlackCat ransomware hits 60 entities worldwide
Relatively new ransomware, called Black Cat, has reportedly breached 60 different companies around the globe. The Federal Bureau of Investigation (FBI) has released a white flash report concerning BlackCat, also known as ALPHV. It is known that ransomware gang has been attacking organisations between November 2021 and March 2022. The flash alert is part of…
-
TikTok data leaked online
On April 17, 2022 a data leak allegedly belonging to a video-focused social networking service TikTok started spreading on underground hacking platforms. It consisted of JSON and SQL files totalling 26GB. Kaduu Team has analysed files in this “leak”. The dataset is just metadata for 32,489,068 TikTok videos, scraped between 2020-07-22 and 2020-10-13, meaning, it…
-
Globant Hacked, 70Gb leaked online
IT and software consultancy firm Globant has confirmed that they were breached by the Lapsus$ ransomware operators, where data consisting of administrator credentials and source code was leaked by the threat actors. As part of the leak, the hacking group released a 70GB archive of data stolen from Globant, describing it as “some customers source…
-
Nestlé Data: Anonymous Hack or Internal Breach?
On March 22, Nestlé, the Swiss multinational food and drink processing conglomerate corporation, has suffered a data breach. Hacking group Anonymous in a series of tweets has called out companies that continue operating in Russia for sponsoring Kremlin regime by taxes they pay in country. Days after Anonymous has claimed to have hacked Nestlé, extracting…