Public Breach Repository
Gain a new perspective on the latest public breaches impacting the biggest companies in the world and the need for a new generation of tools to keep ecosystems safe.
Title & Description
Date
Type
Cisco Systems Allegedly Exfiltrated by Hacker using exploited API Token
Misconfigured public facing DevHub platform led to the breach, resulting in stolen data being put up for sale.
November 26, 2024
Public Breach
Secret Google TPU Chip Technology Compromised by Chinese National
A former Google Software Engineer allegedly uploaded over 500 confidential files to his personal account.
November 25, 2024
Public Breach
International Monetary Fund Suffers Hack via Cloud Microsoft 365 Accounts
11 email accounts compromised during the attack from early 2024.
November 15, 2024
Public Breach
MGM Breach by Scattered Spider / Star Fraud Results in $100M Loss
A combination of phishing, social engineering, and IT access culminates in a ransomware attack.
November 6, 2024
Public Breach
Uber Hack Uses Stolen Credentials and MFA Fatigue
Leads to access of several internal systems including AWS and Google Workspace.
November 5, 2024
Public Breach
Social Engineering Attack at EA Games Leads to a Multimillion Dollar Data Breach
$10 Slack cookie used to initiate the attack which ultimately compromises 780 GB of data.
November 1, 2024
Public Breach
United Healthcare Hack Causes Over $1B in Damages
Over one-third of Americans impacted by this data breach, caused by lack of MFA.
October 29, 2024
Public Breach
Microsoft Storm Breach by Chinese State-Sponsored Threat Group
Unauthorized email access and compromised Microsoft signing key.
September 20, 2024
Credential Phishing
Business Email Compromise
Public Breach
Microsoft Blizzard Breach by Russian State-Sponsored Threat Actor
Email spear-phishing + M365 enterprise app exfiltrated code + accessed Microsoft systems.
September 17, 2024
Credential Phishing
Public Breach
News Corp Breached by Chinese Nation-State Through Phishing
Email spear-phishing + M365 enterprise app used to exfiltrate data to the Chinese nation state.
September 13, 2024
Credential Phishing
Business Email Compromise
Public Breach