Full List

Search

Recent Breaches

• SitePoint June 20, 2020 • [ hack, technology ] In June 2020, the web development site SitePoint suffered a data breach that exposed over 1M customer records. Impacted data included email and IP addresses, names, usernames, bios and passwords stored as bcrypt hashes.
• Florida Orthopedic Institute June 19, 2020 • [ leak, healthcare ] The Florida Orthopedic Institute warns of a data breach that occured on or around April 9.
• Crozer-Keystone Health System June 19, 2020 • [ ransomware, malware, healthcare ] Crozer-Keystone Health System suffers a ransomware attack by the NetWalker ransomware gang. The gang auctions the stolen data through its darknet website.
• Mid-Michigan College June 19, 2020 • [ hack, education ] An attacker breaks into the Mid-Michigan College's email system, compromising the accounts of 10 employees and compromising personal data of potentially up to 16,000 people.
• US Police June 19, 2020 A leak-focused activist group known as Distributed Denial of Secrets publishes BlueLeaks, a 269-gigabyte collection of police data, allegedly received from the Anonymous collective, which includes emails, audio, video, and intelligence documents, with more than a million files in total.
• Blaze Angel Roberts Instagram account June 19, 2020 • [ hack, technology ] Popular Australian surfer Blaze Angel Roberts has her Instagram account hacked, posting sexually explicit images.
• Dunzo June 19, 2020 In approximately June 2019, the Indian delivery service Dunzo suffered a data breach. Exposing 3.5 million unique email addresses, the Dunzo breach also included names, phone numbers and IP addresses which were all broadly distributed online via a hacking forum. The data was provided to HIBP by dehashed.com.
• LiveAuctioneers June 19, 2020 • [ leak, misconfiguration, retail ] In June 2020, the online antiques marketplace LiveAuctioneers suffered a data breach which was subsequently sold online then extensively redistributed in the hacking community. The data contained 3.4 million records including names, email and IP addresses, physical addresses, phones numbers and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by breachbase.pw.
• Lion June 18, 2020 • [ hack, manufacturing ] Australian beverage giant Lion is hit by a second cyber attack.
• RBX.Place June 18, 2020 • [ hack, technology ] Hackers steal data from RBX.Place, a grey marketplace where players of the massively popular online game Roblox can sell in-game items for real money.
• Wells Fargo customers June 18, 2020 • [ social, phishing, finance ] Researchers from Abnormal Security discover a phishing campaign impersonating the Wells Fargo Security Team and luring potential victims to phishing pages with the help of calendar invites.
• Bank of America customers June 18, 2020 • [ financial, phishing, finance ] Researchers from Armorblox discover a phishing campaign against Bank of America customers that able to bypass security filters.
• Club Fitness Holdings, Inc. June 18, 2020 Club Fitness Holdings, Inc. was the victim of a data security event that prevented access to data and programs on its network. As a result of the attack an unknown actor also gained access to data on the network.
• Acuity June 18, 2020 • [ leak ] In mid-2020, a 437GB corpus of data attributed to an entity named "Acuity" was created and later extensively distributed. However, the source could not be confidently verified as any known companies named Acuity. The data totalled over 14M unique email addresses with each row containing extensive personal information across more than 400 columns of data including names, phone numbers, physical addresses, genders and dates of birth.
• Unnamed web host June 17, 2020 • [ hack, ddos, technology ] An unnamed webhost was hit with one of the largest DDoS attacks ever registered by Akamai (1.44 terabit-per-second).
• City of Lexington June 17, 2020 • [ hack, misconfiguration, government ] A Zoom meeting regarding issues surrounding police discipline is interrupted by callers shouting racist and homophobic remarks.
• Cebu Normal University (CNU) June 17, 2020 • [ hack, education ] Subdomains of the Cebu Normal University (CNU) website, particularly the Library and Journal for Higher Education (JHE), are hacked by unknown entities.
• Far Eastern University (FEU) June 17, 2020 • [ leak, education ] 1,000 student accounts from the Far Eastern University (FEU) are made public, with details such as names, student numbers, and passwords exposed.
• Light S.A. June 17, 2020 • [ ransomware, malware, energy ] Sodinokibi ransomware (aka REvil) operators breach the Brazilian-based electrical energy company Light S.A. and demand a $14 million worth ransom.
• MEDNAX Services, Inc. June 17, 2020 • [ hack, phishing, healthcare ] MEDNAX Services, Inc. has revealed that an unauthorized third-party gained access to some MEDNAX business email accounts.