Full List

Search

Recent Breaches

• University of Basel October 5, 2020 Hackers have managed to steal salary payments from employees at the University of Basel.
• Unnamed Swiss university October 5, 2020 • [ financial, hack, education ] Hackers have managed to steal salary payments from employees at two unnamed Swiss universities.
• Unnamed Swiss university October 5, 2020 • [ hack, education ] Hackers have managed to steal salary payments from employees at an unnamed Swiss university.
• Chowbus October 5, 2020 In October 2020, the Asian food delivery app Chowbus suffered a data breach which led to over 800,000 records being emailed to customers. The email contained a link to a CSV file with customer data including physical addresses, names, phone numbers and over 444,000 unique email addresses.
• Gulf Coast State College October 4, 2020 • [ hack, phishing, education ] Gulf Coast State College has notified some students and employees that a hacker accessed several employees' email accounts.
• Software AG October 3, 2020 • [ ransomware, malware, technology ] TA505 hits the network of German enterprise software giant Software AG last, asking for a ransom of $23 million after stealing employee information and company documents.
• Bay Shore School District October 3, 2020 • [ hack, ddos, education ] The Bay Shore School District is hit with a DDoS attack.
• Gravatar October 3, 2020 In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars . 167 million names, usernames and MD5 hashes of email addresses used to reference users' avatars were subsequently scraped and distributed within the hacking community. 114 million of the MD5 hashes were cracked and distributed alongside the source hash, thus disclosing the original email address and accompanying data. Following the impacted email addresses being searchable in HIBP, Gravatar release an FAQ detailing the incident.
• Foxtons October 2, 2020 • [ financial, leak, malware ] Financial details belonging to customers of UK estate agency Foxtons are widely available on the dark web following a malware attack in October last year that affected parent company Foxtons Group.
• Hospital for Special Surgery October 2, 2020 • [ insider, malware, healthcare ] Richard Liriano was sentenced yesterday to 30 months in prison for engaging in a scheme to use malicious software programs, including a program known as a "keylogger," on dozens of his coworkers' computers at a New York City-area hospital, secretly obtaining user names and passwords to his victims' personal email and other accounts, and using that unauthorized access to steal private and confidential files.
• City of Odessa October 2, 2020 • [ hack, government ] The city of Odessa has suffered a breach of its Click2Gov portal.
• Nicole Sifuentes Twitter account October 2, 2020 • [ hack, social, government ] Hackers also appear to have hijacked the Canadian Olympic runner Nicole Sifuentes to promote an additional bitcoin scam impersonating Elon Musk.
• Jonah Williams Twitter account October 2, 2020 • [ hack, social, technology ] Unknown hackers appear to have hijacked verified the Twitter account of Cincinnati Bengals player to promote a bitcoin scam, this time impersonating Elon Musk.
• Trickbot botnet October 2, 2020 Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt the Trickbot botnet.
• GeniusU October 2, 2020 • [ leak, education ] In November 2020, a collection of data breaches were made public including the "Entrepreneur Success Platform", GeniusU. Dating back to the previous month, the data included 1.3M names, email and IP addresses, genders, links to social media profiles and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
• 104 Job Bank October 1, 2020 104 Job Bank, a popular Taiwanese online job site, has allegedly been hacked by Chinese hackers and sold on the dark web.
• Alejandro Caceres October 1, 2020 A zero-day hunter has told The Register he realised he'd been targeted by a North Korean campaign aimed at stealing Western researchers' vulns.
• Pitkin County October 1, 2020 • [ leak, misconfiguration, government ] Pitkin County has disclosed a data sercurity incident where a file was left accessible via the Internet and was subject to unauthorized access.
• Jersey City Municipal Utilities Authority September 30, 2020 • [ ransomware, malware, government ] The Jersey City Municipal Utilities Authority was hit with a ransomware attack that blocked access to "vital" water and sewer service information.
• United Jewish Israel Appeal September 30, 2020 • [ hack, ddos ] United Jewish Israel Appeal, a British Jewish charity, was the target of a cyberattack during its virtual centenary. Hundreds of participants were kicked off the video conference or prevented from joining it.