-
James
March 25, 2020
•
[ hack, misconfiguration, retail ]
In June 2020, 14 previously undisclosed data breaches appeared for sale including the Brazilian delivery service, "James". The breach occurred in March 2020 and exposed 1.5M unique email addresses, customer locations expressed in longitude and latitude and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
-
PropTiger
March 24, 2020
Private data of more than 2 million users are shared on a hacking forum following a major security breach of the Indian property website PropTiger in 2018.
-
-
World Health Organization
March 23, 2020
Reuters reveal that hackers tried to break into the World Health Organization earlier this month.
-
118 118 Money
March 23, 2020
•
[ hack, finance ]
118 118 Money writes to personal loans and credit card customers to notify an intrusion.
-
123RF
March 22, 2020
In March 2020, the stock photo site 123RF suffered a data breach which impacted over 8 million subscribers and was subsequently sold online. The breach included email, IP and physical addresses, names, phone numbers and passwords stored as MD5 hashes. The data was provided to HIBP by dehashed.com.
-
Rotherham Council
March 20, 2020
•
[ social, phishing, government ]
Rotherham Council's IT system is compromised by an email with "COVID-19" in the subject field.
-
Finastra
March 20, 2020
•
[ ransomware, malware, finance ]
Finastra, a leading financial technology provider from the UK, announces that it had to take several servers offline following a ransomware attack.
-
Golden Valley Health Centers
March 20, 2020
•
[ hack, phishing, healthcare ]
Golden Valley Health Centers notifies patients after an employee email account was compromised on March 3.
-
Oregon Department of Human Services
March 20, 2020
•
[ social, phishing, government ]
The Oregon Department of Human Services announces that it uncovered a "phishing" incident on March 6 that affected one staff member's e-mail.
-
University of Utah Health
March 20, 2020
•
[ hack, malware, healthcare ]
The University of Utah Health discloses a security breach, due to unauthorized access to some employee email accounts along with the presence of malware on its systems. The intrusion took place between January 7 and February 21, 2020.
-
General Electric (GE) via Canon Business Process Services
March 20, 2020
•
[ hack, manufacturing ]
General Electric (GE) discloses that personally identifiable information of current and former employees, as well as beneficiaries, was exposed in a security incident experienced by one of GE's service providers, Canon Business Process Services. One of their employees' email accounts was breached by an unauthorized party in February.
-
InformInvestGroup CJSC
March 20, 2020
•
[ hack, espionage, government ]
Russian hacker group Digital Revolution claims to have breached InformInvestGroup CJSC, a contractor for the FSB, Russia's national intelligence service, and discovered details about Fronton, a project intended for hacking Internet of Things (IoT) devices.
-
Brooks International
March 19, 2020
•
[ ransomware, malware ]
The Sodinokibi Ransomware operators publish over 12 GB of stolen data allegedly belonging to a company named Brooks International for not paying the ransom.
-
Takeaway
March 19, 2020
•
[ hack, ddos, retail ]
The German food delivery service Takeaway is hit with a DDoS attack.
-
Keen
March 19, 2020
Cybercriminals try to disrupt a charity initiative by Keen aimed to deliver shoes to the workers on the front lines and the families at home fighting through the COVID-19 crisis.
-
baltic-course
March 19, 2020
Ghostwriter, a suspected Russia-backed hacking group, has compromised websites and email accounts in Latvia, Lithuania, and Poland to publish fabricated documents pushing anti-North Atlantic Treaty Organization (NATO) narratives consistent with Kremlin talking points. The influence campaign started in 2017.
-
baltic-course.com
March 19, 2020
•
[ website compromise, email account compromise, influence campaign ]
Ghostwriter, a suspected Russia-backed hacking group, has compromised websites and email accounts in Latvia, Lithuania, and Poland to publish fabricated documents pushing anti-North Atlantic Treaty Organization (NATO) narratives consistent with Kremlin talking points. The influence campaign started in 2017.
-
-
Blizzard Entertainment
March 18, 2020
•
[ hack, ddos ]
Blizzard is hit with a DDoS attack.
