Full List

Search

Recent Breaches

• Buffalo Bills January 27, 2020 • [ hack ] The Facebook account of the Buffalo Bills has been hacked by the OurMine group.
• Dallas Cowboys January 27, 2020 The Facebook account of the Dallas Cowboys has been hacked by the OurMine group.
• New York Giants January 27, 2020 The Twitter account of the New York Giants has been hacked by the OurMine group.
• Royal Yachting Association January 27, 2020 • [ hack ] The Royal Yachting Association (RYA) forces a password reset for all online users after warning that some that their data may have been compromised by a third party.
• Bhinneka January 27, 2020 In early 2020, the Indonesian consumer electronics website Bhinneka suffered a data breach that exposed almost 1.3M customer records. The data included email and physical addresses, names, genders, dates of birth, phone numbers and salted password hashes.
• Wishbone (2020) January 27, 2020 In January 2020, the mobile app to "compare anything" Wishbone suffered another data breach which followed their breach from 2016. An extensive amount of personal information including almost 10M unique email addresses alongside names, phone numbers geographic locations and other personal attributes were leaked online and extensively redistributed. Passwords stored as unsalted MD5 hashes were also included in the breach. The data was provided to HIBP by a source who requested it be attributed to "All3in".
• SuperCasino January 26, 2020 The online gambling platform SuperCasino experiences a data breach that exposes sensitive information belonging to its customers.
• Chicago Bears January 26, 2020 The Twitter account of the Chicago Bears has been hacked by the OurMine group.
• Bird Construction January 26, 2020 Bird Construction acknowledges to have been recently hit with a Maze ransomware attack.
• Ulmon January 26, 2020 In January 2020, the travel app creator Ulmon suffered a data breach. The service had almost 1.3M records with 777k unique email addresses, names, passwords stored as bcrypt hashes and in some cases, social media profile IDs, telephone numbers and bios. The data was subsequently posted to a popular hacking forum.
• MeetMindful January 26, 2020 In early 2020, the online dating service MeetMindful suffered a data breach that exposed 1.4 million unique customer email addresses. Included in the data was an extensive array of personal information used to find romantic matches including physical attributes, use of alcohol, drugs and cigarettes, marital statuses, birthdates, genders and the gender being sought. Additional personal information such as names, geographical locations and IP addresses were also exposed, along with passwords stored as bcrypt hashes.
• Brandywine Urology Consultants January 25, 2020 • [ ransomware, malware, healthcare ] Brandywine Urology Consultants notify about a ransomware attack. The attack occurred on January 25, and the practice became aware of it on January 27.
• Tampa Bay Times January 24, 2020 • [ ransomware, malware ] The Tampa Bay Times suffers a Ryuk ransomware attack.
• U.S. government agency January 24, 2020 Researchers at Palo Alto Networks' Unit 42 discover a new campaign dubbed "Fractured Statue", carried out via a malware called CARROTBALL, used in targeted attacks, against a U.S. government agency and non-US foreign nationals professionally affiliated with current activities in North Korea.
• Official website of the Greek National Police January 24, 2020 • [ hack, ddos, government ] A new DDoS attack hits the official state websites of the Greek prime minister, the national police and fire service and other ministries.
• City of Potsdam January 24, 2020 • [ ransomware, malware, government ] The City of Potsdam severs the administration servers' Internet connection following a ransomware attack carried out exploiting the CVE-2019-1978 vulnerability.
• Site belonging to a reseller of tickets for theTokyo Summer Olympics January 23, 2020 The sites belonging to a reseller of tickets for Euro Cup and the Tokyo Summer Olympics (olympictickets2020[.]com), are the victims of a magecart attack.
• Gedia Automotive Group January 23, 2020 • [ ransomware, malware, manufacturing ] Parts manufacturer Gedia Automotive Group shuts down its network after being hit with a Sodinokibi ransomware attack.
• Ben Gurion International Airport January 23, 2020 • [ hack ] As Israel hosted dozens of world leaders last week for the World Holocaust Forum, the country's cyber defense system fended off hundreds of cyberattacks targeting the country's international airport and the planes of the world leaders.
• Bitcoin Gold January 23, 2020 Bitcoin Gold experiences a 51% attack. A total amount of over $70,000 is double-spent.