-
Stalker Online
June 22, 2020
More than one million players of the video game Stalker Online are at risk after a database containing over 1.2 million user records is being sold on hacking forums. Separately, another database which is said to contain more than 136,000 records from the game's forums is also being offered for sale.
-
Coastal Preparatory Academy
June 22, 2020
According to a letter sent to parents by Coastal Preparatory Academy and a lawsuit filed in Superior Court, a former employee obtained extremely sensitive personal information about parents and students, including social security numbers, health and financial information, and employment records. The employee also allegedly locked Academy leadership out of the computer system by refusing to provide passwords.
-
Promo
June 22, 2020
In July 2020, the self-proclaimed "World's #1 Marketing Video Maker" Promo suffered a data breach which was then shared extensively on a hacking forum. The incident exposed 22 million records containing almost 15 million unique email addresses alongside IP addresses, genders, names and salted SHA-256 password hashes. The data was provided to HIBP by dehashed.com.
-
Appen
June 22, 2020
In June 2020, the AI training data company Appen suffered a data breach exposing the details of almost 5.9 million users which were subsequently sold online. Included in the breach were names, email addresses and passwords stored as bcrypt hashes. Some records also contained phone numbers, employers and IP addresses. The data was provided to HIBP by dehashed.com.
-
Scentbird
June 22, 2020
In June 2020, the online fragrance service Scentbird suffered a data breach that exposed the personal information of over 5.8 million customers. Personal information including names, email addresses, genders, dates of birth, passwords stored as bcrypt hashes and indicators of password strength were all exposed. The data was provided to HIBP by breachbase.pw.
-
yotepresto.com
June 22, 2020
In June 2020, the Mexican lending platform yotepresto.com suffered a data breach. Over 1.4 million customers were impacted by the breach which disclosed email and IP addresses, usernames and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
-
Vakinha
June 22, 2020
In June 2020, the Brazilian fund raising service Vakinha suffered a data breach which impacted almost 4.8 million members. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as bcrypt hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by dehashed.com.
-
Undisclosed bank in Europe
June 21, 2020
•
[ hack, ddos, finance ]
Akamai reveals that a bank in Europe was hit by a massive distributed denial-of-service (DDoS) attack that peaked at a record 809 million packets per second (PPS).
-
University of California, Davis
June 21, 2020
•
[ hack, phishing, education ]
A racist cyberattack email is delivered to thousands of University of California, Davis email accounts, prompting the university to block most of the emails, officials said Tuesday.
-
Not Acxiom
June 21, 2020
•
[ leak, misconfiguration, technology ]
In 2020, a corpus of data containing almost a quarter of a billion records spanning over 400 different fields was misattributed to database marketing company Acxiom and subsequently circulated within the hacking community. On review, Acxiom concluded that "the claims are indeed false and that the data, which has been readily available across multiple environments, does not come from Acxiom and is in no way the subject of an Acxiom breach". The data contained almost 52M unique email addresses.
-
Tallapoosa County Probate Office
June 20, 2020
•
[ ransomware, malware, government ]
Tallapoosa County Probate Office is hit with a ransomware attack.
-
SitePoint
June 20, 2020
•
[ hack, technology ]
In June 2020, the web development site SitePoint suffered a data breach that exposed over 1M customer records. Impacted data included email and IP addresses, names, usernames, bios and passwords stored as bcrypt hashes.
-
Florida Orthopedic Institute
June 19, 2020
•
[ leak, healthcare ]
The Florida Orthopedic Institute warns of a data breach that occured on or around April 9.
-
Crozer-Keystone Health System
June 19, 2020
•
[ ransomware, malware, healthcare ]
Crozer-Keystone Health System suffers a ransomware attack by the NetWalker ransomware gang. The gang auctions the stolen data through its darknet website.
-
Mid-Michigan College
June 19, 2020
•
[ hack, education ]
An attacker breaks into the Mid-Michigan College's email system, compromising the accounts of 10 employees and compromising personal data of potentially up to 16,000 people.
-
US Police
June 19, 2020
A leak-focused activist group known as Distributed Denial of Secrets publishes BlueLeaks, a 269-gigabyte collection of police data, allegedly received from the Anonymous collective, which includes emails, audio, video, and intelligence documents, with more than a million files in total.
-
Blaze Angel Roberts Instagram account
June 19, 2020
•
[ hack, technology ]
Popular Australian surfer Blaze Angel Roberts has her Instagram account hacked, posting sexually explicit images.
-
Dunzo
June 19, 2020
In approximately June 2019, the Indian delivery service Dunzo suffered a data breach. Exposing 3.5 million unique email addresses, the Dunzo breach also included names, phone numbers and IP addresses which were all broadly distributed online via a hacking forum. The data was provided to HIBP by dehashed.com.
-
LiveAuctioneers
June 19, 2020
•
[ leak, misconfiguration, retail ]
In June 2020, the online antiques marketplace LiveAuctioneers suffered a data breach which was subsequently sold online then extensively redistributed in the hacking community. The data contained 3.4 million records including names, email and IP addresses, physical addresses, phones numbers and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by breachbase.pw.
-
Lion
June 18, 2020
•
[ hack, manufacturing ]
Australian beverage giant Lion is hit by a second cyber attack.