Breach

Infiltration of the third-party provider's systems between June 3 and 7 allowed threat actors to exfiltrate the customers' certain banking details, including full names, bank account numbers, and routing numbers leveraged for ACH fund transfers.

Investigation into the incident, which may have been caused by a successful phishing attack, is still underway, reported officials, who noted that the recovery of impacted law enforcement systems is being prioritized.

Infiltration of Michigan Medicine's employee email accounts on May 23 and 29 enabled the exfiltration of individuals' names, birthdates, addresses, medical record numbers, diagnostic and treatment details, and health insurance information, as well as the Social Security numbers of four patients.

Included in the leaked database were BreachForums 1.0 members' user IDs, login names, email addresses, registration IP addresses, and last used IP addresses.

Such exposed information may have been exfiltrated from a compromised Diligent Corp. system leveraged by Leidos for internal investigation data hosting, noted a source close to the matter.

With the impacted site potentially still being cached, users have been urged by dYdX to ensure that their browsers are restarted and caches cleared before visiting the website.

Threat actors behind the attack discovered on April 13 were able to exfiltrate 6.5 TB of data, including names, birthdates, contact details, addresses, individual healthcare identifiers, Medicare numbers, and prescription information from customers who used the service between March 2019 and November 2023.

Such a significant increase in victimization comes amid a 14% increase in the number of data breaches, as well as a 23% growth in driver's license data exfiltration between the first half of 2023 and the first half of 2024, according to a report from the Identity Theft Resource Center.