-
Eight cities across three states in the United States
June 26, 2020
•
[ financial, malware, government ]
Researchers from Trend Micro reveal that eight cities across three states in the United States have fallen victim to a Magecart card skimming attack. The sites all appear to have been built using Click2Gov.
-
Benefit Recovery Specialists
June 26, 2020
•
[ ransomware, malware, finance ]
A Texas Medicaid subcontractor has been terminated after a data-privacy breach caused by a ransomware attack from Russia last year exposed the personal information of tens of thousands of low-income residents.
-
Brazilian government officials including president Jair Bolsonaro
June 26, 2020
•
[ leak, government ]
The Brazilian federal police are investigating the leak of personal details of senior government officials including president Jair Bolsonaro.
-
ProctorU
June 26, 2020
•
[ hack, education ]
In June 2020, the online exam service ProctorU suffered a data breach which was subsequently shared extensively across online hacking communities. The breach contained 444k user records including names, email and physical addresses, phones numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by breachbase.pw.
-
LG Electronics
June 25, 2020
•
[ ransomware, malware, manufacturing ]
Maze ransomware operators claim on their website that they breached and locked the network of the South Korean multinational LG Electronics.
-
South Country Health Alliance
June 25, 2020
South Country Health Alliance disclosed a data security incident after an employee email account was breached in June 2020.
-
Xerox Corporation
June 25, 2020
•
[ ransomware, malware, manufacturing ]
Maze ransomware operators update their list of victims adding Xerox Corporation.
-
Ledger
June 25, 2020
•
[ leak, misconfiguration, finance ]
Crypto-wallet firm Ledger reveals a major security breach of its e-commerce and marketing database, resulting in the compromise of one million customer email addresses and the personal details of thousands after the vulnerability was exploited on June 25, 2020.
-
Ledger
June 25, 2020
In June 2020, the hardware crypto wallet manufacturer Ledger suffered a data breach that exposed over 1 million email addresses. The data was initially sold before being dumped publicly in December 2020 and included names, physical addresses and phone numbers. The data was provided to HIBP by Alon Gal, CTO of cybercrime intelligence firm Hudson Rock.
-
Havenly
June 25, 2020
•
[ leak, retail ]
In June 2020, the interior design website Havenly suffered a data breach which impacted almost 1.4 million members of the service. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as SHA-1 hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by dehashed.com.
-
Android users in Canada
June 24, 2020
•
[ ransomware, malware, government ]
Researchers from ESET discover a malicious Android app in disguise of Canada's official COVID-19 tracing app, but hiding the CryCryptor ransomware.
-
Frost & Sullivan
June 24, 2020
•
[ leak, misconfiguration, technology ]
U.S. business consulting firm Frost & Sullivan is breached after data from an unsecured backup folder exposed on the Internet is sold on a hacker forum.
-
Mercy Iowa City
June 24, 2020
Mercy Iowa City notifies its patients of a data breach that occurred in the spring after an employee's email account was compromised and exposed the information of 92,795 people. The hacker reportedly used the compromised email account to send spam and phishing emails.
-
Choice Health Management Services
June 23, 2020
•
[ social, phishing, healthcare ]
Choice Health Management Services notifies an unspecified number of individuals of a phishing attack that occurred in late 2019.
-
Tax Collector's Office for Polk County
June 23, 2020
•
[ hack, malware, government ]
The Tax Collector's Office for Polk County blames malware found on an employee's computer for a data breach that affected around 450,000 residents of Polk County. The breach occurred in June.
-
Kreditplus
June 23, 2020
•
[ leak, finance ]
In June 2020, the Indonesian credit service Kreditplus suffered a data breach which exposed 896k records containing 769k unique email addresses. The breach exposed extensive personal information including names, family makeup, information on spouses, income and expenses, religions and employment information. The data was provided to HIBP by breachbase.pw.
-
Swvl
June 23, 2020
•
[ hack ]
In June 2020, the Egyptian bus operator Swvl suffered a data breach which impacted over 4 million members of the service. The exposed data included names, email addresses, phone numbers, profile photos, partial credit card data (type and last 4 digits) and passwords stored as bcrypt hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by breachbase.pw.
-
Encrochat
June 22, 2020
•
[ hack, technology ]
The encrypted chat Encrochat shuts down after a police hack.
-
Indiabulls Group
June 22, 2020
Indian conglomerate Indiabulls Group is allegedly hit with a cyberattack from the CLOP Ransomware operators who have leaked screenshots of stolen data.
-
Iowa State University
June 22, 2020
Iowa State University officials announce that nearly 4,900 Iowa State University-affiliated email accounts were the recipients of a racist cyberattack from an email sender claiming to be Equity Prime Mortgage.