Public Breach Repository
Gain a new perspective on the latest public breaches impacting the biggest companies in the world and the need for a new generation of tools to keep ecosystems safe.
Title & Description
Date
Type
March 7, 2025
Third-Party Vendor Compromise Leads to GrubHub Breach
Attack exposes personal details of customers, drivers and merchants.
Public Breach
January 29, 2025
Volkswagen Data Breach Exposes Sensitive EV Owner Information
Misconfigured cloud storage leaves 800,000 customers’ data vulnerable.
Public Breach
January 24, 2025
400GB of Sensitive Finastra Data Stolen via Compromised Credentials
Attackers exploit weak authentication to access secure file transfer platform.
Public Breach
January 10, 2025
Hackers Breach BeyondTrust Remote Support SaaS Instances
Threat actors use API key to gain unauthorized access, but BeyondTrust detected the anomaly early.
Public Breach
November 26, 2024
Cisco Systems Allegedly Exfiltrated by Hacker using exploited API Token
Misconfigured public facing DevHub platform led to the breach, resulting in stolen data being put up for sale.
Public Breach
November 25, 2024
Secret Google TPU Chip Technology Compromised by Chinese National
A former Google Software Engineer allegedly uploaded over 500 confidential files to his personal account.
Public Breach
November 15, 2024
International Monetary Fund Suffers Hack via Cloud Microsoft 365 Accounts
11 email accounts compromised during the attack from early 2024.
Public Breach
November 6, 2024
MGM Breach by Scattered Spider / Star Fraud Results in $100M Loss
A combination of phishing, social engineering, and IT access culminates in a ransomware attack.
Public Breach
November 5, 2024
Uber Hack Uses Stolen Credentials and MFA Fatigue
Leads to access of several internal systems including AWS and Google Workspace.
Public Breach
November 1, 2024
Social Engineering Attack at EA Games Leads to a Multimillion Dollar Data Breach
$10 Slack cookie used to initiate the attack which ultimately compromises 780 GB of data.
Public Breach
October 29, 2024
United Healthcare Hack Causes Over $1B in Damages
Over one-third of Americans impacted by this data breach, caused by lack of MFA.
Public Breach
September 20, 2024
Microsoft Storm Breach by Chinese State-Sponsored Threat Group
Unauthorized email access and compromised Microsoft signing key.
Credential Phishing
Business Email Compromise
Public Breach
September 17, 2024
Microsoft Blizzard Breach by Russian State-Sponsored Threat Actor
Email spear-phishing + M365 enterprise app exfiltrated code + accessed Microsoft systems.
Credential Phishing
Public Breach
September 13, 2024
News Corp Breached by Chinese Nation-State Through Phishing
Email spear-phishing + M365 enterprise app used to exfiltrate data to the Chinese nation state.
Credential Phishing
Business Email Compromise
Public Breach