Breach

Nearly $4.78 million had been stolen by threat actors that compromised Equiniti via email chain hijacking in 2022, nearly $1 million of which has been recovered, while another intrusion in April 2023 that involved the exfiltration of certain Equiniti Trust account holders' Social Security numbers led to the theft of nearly $1.9 million.

Attackers who infiltrated Arden Claims Service's systems around Oct. 3, 2023, were able to exfiltrate individuals' names and other personally identifiable information, according to the notification letter provided to Vermont and Maine regulators.

Aside from modifying the account's bio to include a rug pull reference, the acquisition of $700,000 worth of Solana cryptocurrency, and the flag of India, threat actors also published posts with the caption "a McDonald's experiment on Soluna" and a cryptocurrency address.

Unauthorized access to CannonDesign's network from Jan. 19 to 25 has prompted attackers to exfiltrate names, Social Security numbers, addresses, and driver's license numbers, said the firm in breach notification letters that emphasized the lack of evidence suggesting misuse of the stolen data.

Individuals' names, birthdates, Social Security numbers, addresses, and health insurance details, as well as medical and diagnosis data, have been compromised by threat actors who infiltrated Carespring's network between Oct. 12 and Oct. 30, said Carespring.

Threat actors were able to secure payment card details, including individuals' names, payment card numbers, CVVs, and expiration dates, between Dec. 20, 2023 and Jun. 26, 2024, after redirecting online ticket transactions from a third-party vendor, said Oregon Zoo officials in a filing with Maine regulators.

Infiltration of the Toyota branch has enabled the exfiltration not only of data from customers and employees but also financial information, contracts, emails, and network infrastructure details, which have been obtained through the ADRecon tool, claimed ZeroSevenGroup.