Catalog of September 2022 Cyber Attacks and Data Breaches – 35.6 Million Records Breached

Cyber attacks

• Tulsa Tech hit by security incident (unknown)
• Indonesian and Malaysian restaurants hacked by DESORDEN (425,644)
• Samsung says customer data stolen in security incident (unknown)
• Yandex Taxi systems breached in bizarre cyber attack that caused massive traffic jam (unknown)
• Criminal hackers breached Overby-Seawell Company (unknown)
• Orange Cyberdefense investigating claims of compromise (unknown)
• Franklin College hack by malware (5,900)
• Data from Chile’s COVID-19 tracking platform of a mining company compromised (9,200)
• Student arrested for hacking Sri Lankan Examinations Dept website (270,000)
• Kansas school district pulls messaging app after security breach (unknown)
• Uber responding to “cybersecurity incident” (unknown)
• Starbucks Singapore has been hit by a security incident (330,000)
• Revolut caught out by phishing scam (50,144)
• Six UK schools hit by cyberattack on multi-academy trust (unknown)
• Wolfe Clinic notifies patients of Eye Care Leaders security incident (542,776)
• Guacamaya Group leaks emails from Chile’s Joint Chiefs of Staff (unknown)
• Everest Group sells access to Argentina’s Ministry of Economy (unknown)
• Hackers steal South Carolina fire department’s pay checks (6)
• Website of Virginia’s Hampton Public Library website hacked, redirects to adult retail store (unknown)
• Australian telecoms giant Optus hit by cyber attack (unknown)
• M.C. Dean reports security breach after unauthorised party had access to the company’s systems for six months (unknown)
• Berry, Dunn, McNeil & Parker reports breach following compromised employee email account
• San Francisco 49ers reports security breach involving Social Security numbers (20,930)
• CBC Group files official notice of security incident (unknown)
• SF Fire Credit Union reports security breach (unknown)
• Radiant Logistics says unauthorised actor breached its systems (unknown)
• The Physicians’ Spine and Rehabilitation Specialists of Georgia hit by security incident (unknown)
• Medical Associates of the Lehigh Valley reports security incident (75,628)
• Henderson & Walton Women’s Center says employee’s email account was hacked (34,306)
• U-Haul says two passwords were compromised in security breach (unknown)
• Genesis Health Care reports security breach (unknown)
• Legacy Supply Chain Services confirms cyber attack (11,972)
• Wilson’s Gun Shop says hacker broke into its systems (13,522)
• City Furniture of Massachusetts files security notice (unknown)
• DaVita Inc confirms that health data was leaked in cyber attack (unknown)
• Lubbock Heart & Surgical Hospital says it was hacked (23,379)
• Platinum Performance suffers security breach following phishing attack (unknown)
• Radiology Ltd suffers security incident (unknown)
• One Medical embroiled in security breach (unknown)
• Cash Express hit by cyber attack (unknown)
• Northern Trust Corporation reports breach affecting clients’ financial account numbers (unknown)
• Internet outage in Tucson area was due to cyber attack (unknown)
• Diodes Incorporated confirms security breach (unknown)
• Apex Capital Corp hit in cyber attack (unknown)
• FMC Services suffers cyber attack (unknown)
• Indian firm Swachhta City Platforms hit by criminal hackers (16,457,744)
• Hacker breaches Fast Company systems to send offensive Apple News notifications (unknown)
• The Coeur Group notifies patients of security breach (2,020)
• Brazil’s Mimoso do Sul reports cyber attack (unknown)
• Eight Shangri-La hotels in Asia hit by security breach (290,000)
• Mexico confirms hack of military records, president’s health information (unknown)

Ransomware

• Costa Rica’s Junta De Proteccion Social hit by ransomware (unknown)
• Former students and staff at Savannah College of Art and Design affected by security incident (unknown)
• Ransomware attack takes down L.A. Unified school district (unknown)
• Brazil’s National Fund for Educational Development struck with ransomware (unknown)
• Ourique Municipality targeted by ransomware attack (unknown)
• Fruit supplier Lacalera victim of ransomware attack (unknown)
• Bardstown confirms ransomware hack (unknown)
• OakBend Medical Center hit by ransomware (unknown)
• Alegria Family Services hit in ransomware attack (unknown)
• Buenos Aires legislature announces ransomware attack (unknown)
• Empress EMS in New York says it was struck by ransomware (318,558)
• Suffolk County struggles to recover from BlackCat ransomware attack (unknown)
• NYSARC Columbia County Chapter discloses ransomware incident (unknown)
• Bosnia and Herzegovina investigating alleged ransomware attack on parliament (unknown)
• Tift Regional Medical Center victim of ransomware attack (unknown)
• Sierra College investigating scope of latest ransomware incident (unknown)
• Denver suburb won’t negotiate with ransomware gang that closed city hall (unknown)
• New York Racing Association hit by ransomware (unknown)
• TIC International Corporation suffers ransomware attack (unknown)
• Malaysian Telecom RedOne hit by DESORDEN ransomware (unknown)
• Aoyuan Healthy Life Group hit by ransomware group (unknown)
• Ministry of Foreign Affairs of Guatemala victim of cyber attack (unknown)
• Chilean Judiciary hit in massive ransomware campaign (unknown)
• Electricity Company of Ghana systems hacked with ransomware (unknown)
• Thailand’s THE ICON GROUP hacked by ransomware group (264,128)

Data breaches

• IRS mistakenly posts taxpayers’ data online thanks to human coding error (120,000)
• NHS Orkney apologises after data breach (69)
• Ringgold School District student data was leaked via email (unknown)
• Morgan Stanley to pay $35 million fee for ‘astonishing’ customer data disposal practices (15 million)
• Yukon education department accidentally leaks student data (unknown)
• Email blunder sees Norfolk school send details of vulnerable children to all pupils (unknown)
• Data breach at Canadian Border Agency contractor (1.38 million)

Malicious insiders and miscellaneous incidents

• Sensitive data belonging to Loyal Order officials found by a member of the public on street (unknown)
• Ocean City therapist used patients’ credit cards for psychic readings
• InterContinental Hotels Group confirms cyber attack by ‘vindictive’ couple (unknown)
• Health worker photographed patient credit cards and went shopping with them (120)