Major Data Breaches & Hacking News in November 2024

Organization Description: Internet Archive is a nonprofit digital library offering free access to digitized resources.

Breach Size: 31 million records

Data Exposed: Hackers recently compromised the Internet Archive website and stole 31 million unique records from its user authentication database. The leaked database totals 6.4GB and contains registered members’ email addresses, screen names, hashed passwords, password change timestamps, and more. It’s not known how the cybercriminals accessed the archive, which remained down for over two weeks before some functions were restored. Internet Archive is taking measures to upgrade its security and prevent future attacks.

Organization Description: Fidelity Investments is a financial services corporation known for wealth management and financial planning services.

Breach Size: 77,000 people

Data Exposed: Fidelity Investments recently announced that its systems were breached this August when an unknown cybercriminal stole personal information from over 77,000 customers. The type of data was not revealed, but Fidelity says it did not involve access to users’ accounts. Fidelity is working with security experts to investigate further.

Organization Description: Hot Topic is an American retail chain specializing in counterculture-related clothing, accessories, and licensed music merchandise.

Breach Size: 350 million records

Data Exposed: A recent breach exposed sensitive customer data from Hot Topic, Box Lunch, and Torrid, including full names, email addresses, dates of birth, phone numbers, addresses, purchase history, and partial credit card details. On October 21, 2024, a threat actor known as "Satanic" claimed responsibility, stating they had stolen 350 million user records. They attempted to sell the database for $20,000 while also demanding a $100,000 ransom from Hot Topic to remove the data from BreachForums.

Organization Description: Casio is a Japanese electronics manufacturing company specializing in watches, digital cameras, musical instruments, phones, and calculators.

Breach Size: Unknown

Data Exposed: Casio fell victim to a ransomware attack that exposed the confidential information of employees and some customers. The company says compromised information likely includes the personal details of business partners, financial data regarding transactions and invoices, and other internal documents, but does not include customer payment information. Casio has notified the relevant authorities and is investigating the breach.

Organization Description: Landmark Admin is a third-party insurance administrator based in Texas.

Breach Size: 800,000 customers

Data Exposed: After first detecting suspicious activity in May, Landmark Admin has shared that a threat actor has stolen files containing the personal information of over 800,000 people. Compromised information includes names, addresses, Social Security numbers, passport numbers, tax identification numbers, medical information, insurance policy information, and more. Affected individuals are being notified as Landmark continues to investigate the incident.