Full List

Search

Recent Breaches

• City of Duncannon June 29, 2020 • [ ransomware, malware, government ] Duncannon reveals to have been hit with a ransomware attack in April, which left many municipal computer systems inoperable and caused the borough to pay out more than $40,000 to the hackers to restore systems.
• New Mexico State University Foundation June 29, 2020 • [ ransomware, malware, education ] New Mexico State University Foundation is another victim of the Blackbaud hack.
• Wattpad June 29, 2020 • [ hack, leak, technology ] In June 2020, the user-generated stories website Wattpad suffered a huge data breach that exposed almost 270 million records. The data was initially sold then published on a public hacking forum where it was broadly shared. The incident exposed extensive personal information including names and usernames, email and IP addresses, genders, birth dates and passwords stored as bcrypt hashes.
• OrderSnapp June 29, 2020 In June 2020, the restaurant solutions provider OrderSnapp suffered a data breach which exposed 1.3M unique email addresses. Impacted data also included names, phone numbers, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
• Israel Philharmonic Orchestra June 28, 2020 The online Israel Philharmonic Orchestra concert, hosted by Helen Mirren, was disrupted by cyberattackers.
• National Highway Authority of India (NHAI) June 28, 2020 • [ hack, malware, government ] The National Highway Authority of India (NHAI) is attacked by malware.
• Dave June 28, 2020 In June 2020, the digital banking app Dave suffered a data breach which exposed 7.5 million rows of data and subsequently appeared for public download on a hacking forum. The breach exposed extensive personal information including almost 3 million unique email addresses alongside names, dates of birth, encrypted social security numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
• Delhi State Health Mission website June 27, 2020 • [ leak, government ] The Kerala Cyber Hackers claim they have accessed the personal data of 80,000 COVID-19 patients in New Delhi, in protest at the treatment of healthcare workers.
• France Tvisions June 26, 2020 • [ hack, technology ] The France T l visions group announces it was the victim of a cyber attack that targeted one of its broadcasting sites.
• E27 June 26, 2020 • [ hack, technology ] Media firm E27 is hacked, and attackers ask for a small "donation" to provide information on the vulnerabilities used in the attack.
• Eight cities across three states in the United States June 26, 2020 • [ financial, malware, government ] Researchers from Trend Micro reveal that eight cities across three states in the United States have fallen victim to a Magecart card skimming attack. The sites all appear to have been built using Click2Gov.
• Benefit Recovery Specialists June 26, 2020 • [ ransomware, malware, finance ] A Texas Medicaid subcontractor has been terminated after a data-privacy breach caused by a ransomware attack from Russia last year exposed the personal information of tens of thousands of low-income residents.
• Brazilian government officials including president Jair Bolsonaro June 26, 2020 • [ leak, government ] The Brazilian federal police are investigating the leak of personal details of senior government officials including president Jair Bolsonaro.
• ProctorU June 26, 2020 • [ hack, education ] In June 2020, the online exam service ProctorU suffered a data breach which was subsequently shared extensively across online hacking communities. The breach contained 444k user records including names, email and physical addresses, phones numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by breachbase.pw.
• LG Electronics June 25, 2020 • [ ransomware, malware, manufacturing ] Maze ransomware operators claim on their website that they breached and locked the network of the South Korean multinational LG Electronics.
• South Country Health Alliance June 25, 2020 South Country Health Alliance disclosed a data security incident after an employee email account was breached in June 2020.
• Xerox Corporation June 25, 2020 • [ ransomware, malware, manufacturing ] Maze ransomware operators update their list of victims adding Xerox Corporation.
• Ledger June 25, 2020 • [ leak, misconfiguration, finance ] Crypto-wallet firm Ledger reveals a major security breach of its e-commerce and marketing database, resulting in the compromise of one million customer email addresses and the personal details of thousands after the vulnerability was exploited on June 25, 2020.
• Ledger June 25, 2020 In June 2020, the hardware crypto wallet manufacturer Ledger suffered a data breach that exposed over 1 million email addresses. The data was initially sold before being dumped publicly in December 2020 and included names, physical addresses and phone numbers. The data was provided to HIBP by Alon Gal, CTO of cybercrime intelligence firm Hudson Rock.
• Havenly June 25, 2020 • [ leak, retail ] In June 2020, the interior design website Havenly suffered a data breach which impacted almost 1.4 million members of the service. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as SHA-1 hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by dehashed.com.