BushidoUK/Breach-Report-Collection

Breach Report Collection A collection of companies that disclose adversary TTPs after they have been breached Useful for analysis of intrusions launched by adversaries with measurable effects and impact Organization Breach Date Adversary Source Coinbase February 2023 0ktapus (suspected) coinbase.

This article provides a collection of companies that have been breached by adversaries, along with the associated breach date, adversary, and source. The breaches range from July 2023 to June 2015, with the most recent being the JumpCloud breach in July 2023 by the DPRK RGB (UNC4899).

The Dragos breach in May 2023 was attributed to the "KyivWarrior" adversary, while the 3CX breach in March 2023 was attributed to the DPRK RGB (UNC4736). The Coinbase breach in February 2023 was attributed to the 0ktapus adversary, while the source of the breach was Reddit. The CircleCI breach in January 2023 was attributed to an unknown adversary, while the LastPass breach in October 2022 was also attributed to an unknown adversary.

The Uber breach in September 2022 was attributed to the Lapsus$adversary, while the Okta breach in August 2022 was attributed to the 0ktapus adversary. The Twilio breach in August 2022 was also attributed to the 0ktapus adversary, while the Cisco breach in May 2022 was attributed to the Yanluowang adversary. The GitHub breach in April 2022 was attributed to an unknown adversary, while the Okta breach in April 2022 was attributed to the Lapsus$ adversary.

The Microsoft breach in March 2022 was attributed to the Lapsus$ adversary, while the Kaseya breach in July 2021 was attributed to an unknown adversary. The Viasat KA-SAT breach in February 2022 was attributed to the Sandworm (GRU) adversary, while the Irish HSE breach in May 2021 was attributed to the Conti adversary. The Microsoft breach in February 2021 was attributed to the CozyBear (SVR) adversary, while the New Zealand Reserve Bank breach in January 2021 was attributed to the FIN11 adversary.

The FireEye breach in December 2020 was attributed to the CozyBear (SVR) adversary, while the SolarWinds breach in December 2020 was also attributed to the CozyBear (SVR) adversary. The Equinix breach in September 2020 was attributed to the Netwalker adversary, while the CapitalOne breach in July 2019 was attributed to the "ERRAT1C" (aka Paige Thompson) adversary. The Avast/CCleaner breach in September 2016 was attributed to the WickedPanda (MSS) adversary, while the Kaspersky breach in June 2015 was attributed to the Duqu 2.0 adversary

📓 BushidoUK/Breach-Report-Collection

👉🏽 Breach Report Collection A collection of companies that disclose adversary TTPs after they have been breached Useful for analysis of intrusions launched by adversaries with measurable effects and impact Organization Breach Date Adversary Source Coinbase February 2023 0ktapus (suspected) coinbase. 👉🏽 Collection of breached companies, breach dates, adversaries, and sources. 👉🏽 Recent JumpCloud breach in July 2023 by DPRK RGB (UNC4899). 👉🏽 Dragos breach in May 2023 attributed to "KyivWarrior" adversary. 👉🏽 3CX breach in March 2023 attributed to DPRK RGB (UNC4736). 👉🏽 Coinbase breach in February 2023 attributed to 0ktapus adversary, source: Reddit. 👉🏽 CircleCI breach in January 2023 attributed to unknown adversary. 👉🏽 LastPass breach in October 2022 attributed to an unknown adversary. 👉🏽 Uber breach in September 2022 attributed to Lapsus$ adversary. 👉🏽 Okta breach in August 2022 attributed to 0ktapus adversary. 👉🏽 Twilio breach in August 2022 attributed to 0ktapus adversary.

🔗 source link: https://github.com/BushidoUK/Breach-Report-Collection

🔗 summarized content: https://hut.threathunterz.com/battlefield-intel/tradecraft-tools/bushidouk-breach-reportcollection

#DataBreaches #Adversaries #BreachDates #Attribution #Cybersecurity