-
Canva
August 18, 2020
Australian design platform Canva unwittingly provided phishing campaigns with graphics, making threat actors' schemes appear more legitimate as they pilfer credentials through social engineering trickery. Hackers hijacked the graphic design site and used it to leverage other brands like Sharepoint, Microsoft Office and Docusign in their messages.
-
ACT schools
August 17, 2020
Students in Australian Capital Territory (Canberra) schools are unable to access Google Classroom as a result of being spammed with offensive content.
-
GCKey
August 17, 2020
•
[ hack, brute-force, government ]
According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked. The hackers targeted GCKey, a service that is used by some 30 federal departments, with credential stuffing.
-
East Anglia's Children's Hospices (EACH)
August 17, 2020
•
[ ransomware, malware, healthcare ]
East Anglia's Children's Hospices (EACH) joins the victims of the Blackbaud ransomware cyber attack.
-
Tennessee State Univesity
August 17, 2020
•
[ financial, insider, education ]
A former admissions worker at Tennessee State University (TSU) was sentenced to more than 30 months in federal prison after pleading guilty to student loan, wire fraud and aggravated identity theft. He was arrested for managing an elaborate scheme to steal and divert $84,506 in student loans into a bank account set up using a false name and Social Security number.
-
Baugo Community Schools
August 17, 2020
•
[ hack, ddos, education ]
Cyber attacks directed at the internent service for Baugo Community Schools have disrupted virtual learning.
-
Utah Gun Exchange
August 17, 2020
•
[ leak, retail ]
Earlier this month, datasets containing over 240,000 records of the Utah Gun Exchange website were posted openly on a popular hacking forum.
-
Carnival Corporation
August 15, 2020
•
[ ransomware, malware ]
Cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend.
-
The Ritz hotel in London
August 15, 2020
Diners at the luxury Ritz hotel in London have been targeted by "extremely convincing" scammers who posed as hotel staff to steal payment card details.
-
Rochester City School District
August 15, 2020
•
[ hack, misconfiguration, education ]
The Rochester City School District's first parent forum of the 2020-2021 school year, which was held over Zoom, was interrupted by attackers posting racist comments and hurtful symbols.
-
Oklahoma State Board of Education
August 14, 2020
The Oklahoma State Board of Education is Zoom-bombed.
-
R1 RCM
August 14, 2020
•
[ ransomware, malware, healthcare ]
R1 RCM Inc., one of the nation's largest medical debt collection companies, has been hit in a ransomware attack.
-
Canada Revenue Agency
August 14, 2020
•
[ hack, government ]
The Canada Revenue Agency was recently hit by two cyberattacks, compromising thousands of accounts linked to the agency's services. The agency confirmed on Saturday that as of Aug. 14, about 5,500 accounts had been affected by the separate attacks but that the breaches are now contained.
-
FuhrparkService (BWFU) transport fleet
August 14, 2020
•
[ hack, government ]
Germany's Bundestag administration and federal parliamentarians were told Friday that unknown hackers had infiltrated the FuhrparkService (BWFU) transport fleet. The fleet is reportedly run by the German military and the hackers could have obtained parliamentarians' sensitive information.
-
Brown-Forman Corp.
August 14, 2020
•
[ hack, manufacturing ]
Brown-Forman Corp., a manufacturer of alcoholic beverages including Jack Daniel's and Finlandia, said it was hit by a cyber-attack in which some information, including employee data, may have been impacted. The company, however, was able to prevent its systems from being encrypted.
-
-
Bonobos
August 14, 2020
In August 2020, the clothing store Bonobos suffered a data breach that exposed almost 70GB of data containing 2.8 million unique email addresses. The breach also exposed names, physical and IP addresses, phone numbers, order histories and passwords stored as salted SHA-512 hashes, including historical passwords. The breach also exposed partial credit card data including card type, the name on the card, expiry date and the last 4 digits of the card. The data was provided to HIBP by dehashed.com.
-
Momentum Metropolitan
August 13, 2020
•
[ hack, finance ]
Financial services group Momentum Metropolitan warns that a third party unlawfully accessed a limited portion of data of a subsidiary of the group.
-
Harvard University
August 13, 2020
•
[ ransomware, malware, education ]
Even the Harvard University might have compromised by the Blackbaud breach.
-
U.S. Financial Industry Regulatory Authority (FINRA) members
August 13, 2020
The U.S. Financial Industry Regulatory Authority (FINRA) warns its members that a copycat site is impersonating them and potentially being used in phishing attacks.