-
Cisco
May 28, 2020
Cisco discloses a security breach that impacted a small part of its backend infrastructure: hackers used a vulnerability in the SaltStack software package, which Cisco bundles with some products, to gain access to six servers.
-
Stark Summit Ambulance
May 28, 2020
•
[ leak, healthcare ]
Stark Summit Ambulance suffered a data breach in May 2020 which exposed personal and protected health information.
-
City government systems in Minneapolis
May 28, 2020
•
[ hack, ddos, government ]
City government systems in Minneapolis are taken down by a DDoS attack.
-
Michigan State University
May 28, 2020
•
[ ransomware, malware, education ]
The operators of the NetWalker (Mailto) ransomware announce that they've infected the network of Michigan State University.
-
telwizjarepublika
May 27, 2020
Ghostwriter, a suspected Belarus-backed hacking group, has compromised websites and email accounts in Latvia, Lithuania, and Poland'to publish fabricated documents pushing anti-North Atlantic Treaty Organization (NATO) narratives consistent with Kremlin talking points. The influence campaign started in 2017.
-
-
LiveJournal
May 27, 2020
•
[ leak, hack, technology ]
Blogging platform LiveJournal appears to have suffered a security breach in 2014, and multiple hackers are selling the company's user database on the dark web and on hacking forums (26 million users).
-
zary-zagan.regionalna.pl
May 27, 2020
•
[ influence campaign, disinformation, website compromise ]
Ghostwriter, a suspected Belarus-backed hacking group, has compromised websites and email accounts in Latvia, Lithuania, and Poland'to publish fabricated documents pushing anti-North Atlantic Treaty Organization (NATO) narratives consistent with Kremlin talking points. The influence campaign started in 2017.
-
Arbonne International
May 26, 2020
Arbonne International exposes the personal information and credentials of thousands after its internal systems were breached by an unauthorized party.
-
Preen.Me
May 25, 2020
In May 2020, social media marketing company Preen.Me was the target of a ransom attack that resulted in hundreds of thousands of records being publicly posted. Over 236k unique email addresses were exposed in the attack alongside names, usernames and links to social media profiles.
-
suxx
May 24, 2020
•
[ leak, technology ]
Researchers from Cyble discover the databases of three hacking forums Nulled.ch, Sinfulsite.com, and suxx.to leaked online.
-
Unknown resume aggregator
May 23, 2020
Researchers from Cyble discover a dump containing 29.1 million Indian jobseekers personal details, offered for free in the hacking underground.
-
Mathway
May 22, 2020
•
[ hack, education ]
ShinyHunters breaches Mathway, a popular math solving application, stealing more than 25 million emails and passwords.
-
San Raffaele Hospital
May 22, 2020
•
[ leak, hack, healthcare ]
Hackers from LulzSecITA leak sensitive data from the San Raffaele Hospital in Milan. Data includes personal details of patients, doctors, nurses, and various employees. The breach occurred two months ago.
-
Everett & Hurite Ophthalmic Association
May 22, 2020
•
[ social, phishing, healthcare ]
Everett & Hurite Ophthalmic Association notifies 34,113 patients of a phishing attack that occurred between February and March 2020.
-
EduCBA
May 22, 2020
•
[ leak, education ]
Online education site EduCBA starts notifying customers that they are resetting their passwords after suffering a data breach.
-
-
Wishbone
May 20, 2020
•
[ leak, technology ]
ShinyHunters puts up for sale the details of 40 million users registered on Wishbone, a popular mobile app that lets users compare two items in a simple voting poll.
-
Highpoint Foot and Ankle Center
May 20, 2020
•
[ ransomware, malware, healthcare ]
A ransomware attack on Highpoint Foot and Ankle Center in Pennsylvania potentially breached the data of 25,554 patients.
-
Nulled.ch
May 20, 2020
•
[ hack, technology ]
In May 2020, the hacking forum Nulled.ch was breached and the data published to a rival hacking forum. Over 43k records were compromised and included IP and email addresses, usernames and passwords stored as salted MD5 hashes alongside the private message history of the website's admin. The data was provided to HIBP by a source who requested it be attributed to "Split10".