-
Unknown resume aggregator
May 23, 2020
Researchers from Cyble discover a dump containing 29.1 million Indian jobseekers personal details, offered for free in the hacking underground.
-
Mathway
May 22, 2020
•
[ hack, education ]
ShinyHunters breaches Mathway, a popular math solving application, stealing more than 25 million emails and passwords.
-
San Raffaele Hospital
May 22, 2020
•
[ leak, hack, healthcare ]
Hackers from LulzSecITA leak sensitive data from the San Raffaele Hospital in Milan. Data includes personal details of patients, doctors, nurses, and various employees. The breach occurred two months ago.
-
Everett & Hurite Ophthalmic Association
May 22, 2020
•
[ social, phishing, healthcare ]
Everett & Hurite Ophthalmic Association notifies 34,113 patients of a phishing attack that occurred between February and March 2020.
-
EduCBA
May 22, 2020
•
[ leak, education ]
Online education site EduCBA starts notifying customers that they are resetting their passwords after suffering a data breach.
-
-
Wishbone
May 20, 2020
•
[ leak, technology ]
ShinyHunters puts up for sale the details of 40 million users registered on Wishbone, a popular mobile app that lets users compare two items in a simple voting poll.
-
Highpoint Foot and Ankle Center
May 20, 2020
•
[ ransomware, malware, healthcare ]
A ransomware attack on Highpoint Foot and Ankle Center in Pennsylvania potentially breached the data of 25,554 patients.
-
Nulled.ch
May 20, 2020
•
[ hack, technology ]
In May 2020, the hacking forum Nulled.ch was breached and the data published to a rival hacking forum. Over 43k records were compromised and included IP and email addresses, usernames and passwords stored as salted MD5 hashes alongside the private message history of the website's admin. The data was provided to HIBP by a source who requested it be attributed to "Split10".
-
Three telecom companies in Pakistan
May 19, 2020
The Greenbug group has used off-the-shelf tools and living-off-the-land techniques to gain access to South Asian telecommunication providers' database servers, including at least three Pakistani telecom companies.
-
EasyJet
May 19, 2020
EasyJet admits that a "highly sophisticated cyber-attack" has affected approximately nine million customers. Email addresses and travel details have also been stolen and 2,208 customers also had their credit and debit card details "accessed". The attack was discovered in January.
-
-
BlueScope
May 15, 2020
BlueScope confirms it was the victim of a cyber incident.
-
Taiwanese military
May 15, 2020
•
[ espionage, malware, government ]
Researchers from Trend Micro reveal the details of a campaign targeting the air-gapped networks of the Taiwanese and the Philippine military via the USBferry malware.
-
Car owners in Russia
May 15, 2020
A database with 129 million records of car owners in Moscow is being offered for sale on a dark web forum.
-
Covve
May 15, 2020
•
[ leak, technology ]
Covve, the popular address book app, is identified as the source of a data breach that exposed the details of nearly 23 million individuals.
-
9 million customers of the CDEK Express transportation service
May 14, 2020
•
[ leak, transportation ]
Data belonging to nine million customers of the CDEK Express transportation service is up for sale on the Web for 70 thousand rubles ($950).
-
BlockFi
May 14, 2020
Crypto lending provider BlockFi reports that it suffered a data breach after, some of the company's client data was breached through a SIM card swap attack performed on one of its employees.
-
Des Moines City Council
May 14, 2020
A Des Moines civil rights meeting is abandoned after being Zoombombed.
-
Texas Department of Transportation
May 14, 2020
•
[ ransomware, malware, government ]
A new ransomware attack hits the network of the Texas Department of Transportation (TxDOT).
