-
Rhode Island College Foundation
July 28, 2020
•
[ ransomware, malware, education ]
Rhode Island College Foundation is another victim of the Blackbaud ransomware attack.
-
Catholic Diocese of Hong Kong
July 28, 2020
The Catholic Diocese of Hong Kong to China has been hacked by RedDelta, a Chinese-state sponsored threat actor. The network intrusion was part of a campaign that occurred ahead of the anticipated September 2020 renewal of the China-Vatican provisional agreement.
-
iVoy
July 28, 2020
Delivery startup, iVoy, suffers a breach with 127,432 account users' emails and passwords being exposed on an online forum.
-
Mattapan Community Health Center (MCHC)
July 28, 2020
•
[ social, phishing, healthcare ]
Mattapan Community Health Center (MCHC) provides notice of a phishing incident involving potential unauthorized access to personal information.
-
Mattel
July 28, 2020
•
[ ransomware, malware, retail ]
Toy maker Mattel has disclosed that it suffered a ransomware attack in July that impacted some of its business functions but did not lead to data theft.
-
Drizly
July 27, 2020
ShinyHunters leaks the database of Drizly, containing approximately 2.5 million records
-
Promo
July 27, 2020
•
[ leak, technology ]
Promo.com, an Israeli-based marketing video creation site, discloses a data breach after a database containing 22 million user records is leaked for free on a hacker forum.
-
The city of Lafayette, CO
July 27, 2020
•
[ ransomware, malware, government ]
The City of Lafayette suffers a ransomware attack that impact the phone services, email, and online payment reservation systems. The city is forced to pay $45,000.
-
Dave
July 26, 2020
•
[ leak, misconfiguration, finance ]
Loan app Dave.com has 7.5 million records leaked, blaming the breach to the OAuth tokens stolen by the attackers from Waydev.
-
Waydev
July 26, 2020
Hackers use a blind SQL injection vulnerability to gain access to Waydev's database, from where they stole GitHub and GitLab OAuth tokens from other companies.
-
Flood
July 26, 2020
•
[ hack, misconfiguration, technology ]
Software testing service Flood.io suffers a breach blamed on OAuth tokens stolen by the attackers from Waydev.
-
Beaumont Health
July 25, 2020
•
[ social, phishing, healthcare ]
Beaumont Health, Michigan's largest healthcare provider warns around 6,000 patients that their data may have been exposed following a phishing attack that occurred between January 3, 2020, and January 29, 2020.
-
Carlson Wagonlit Travel (CWT)
July 25, 2020
US corporate travel management firm Carlson Wagonlit Travel (CWT) suffers an intrusion and it is believed to have paid a $4.5m ransom to get its data back.
-
Aberystwyth University
July 24, 2020
•
[ hack, education ]
The Aberystwyth University is an additional university affected by the Blackbaud hack.
-
Emotet botnet
July 24, 2020
•
[ hack, malware, technology ]
Someone is taking fun at the Emotet botnet and disrupting its operations by hacking into the malware's distribution sites and replacing malicious payloads with memes and GIFs.
-
CouchSurfing
July 23, 2020
•
[ hack, technology ]
CouchSurfing, an online service that lets users find free lodgings, investigates a security breach after hackers began selling the details of 17 million users on Telegram channels and hacking forums.
-
Instacart
July 23, 2020
•
[ leak, brute-force, retail ]
Online shopping service Instacart says reused passwords are to blame for a recent spate of account breaches, which saw personal data belonging to hundreds of thousands of Instacart customers stolen and put up for sale on the dark web.
-
Administrador de Infraestructuras Ferroviarias (ADIF)
July 23, 2020
•
[ ransomware, malware, government ]
Administrador de Infraestructuras Ferroviarias (ADIF), a Spanish state-owned railway infrastructure manager is hit by REvil ransomware operators.
-
Garmin
July 23, 2020
Garmin is hit by a WastedLocker ransomware attack.
-
Sylva, NC
July 23, 2020
•
[ social, misconfiguration, government ]
A town board meeting in Sylva, NC was Zoom-bombed with unknown participants shouting racist remarks.
