Full List

Search

Recent Breaches

• Travelex December 31, 2019 • [ ransomware, malware, finance ] Travelex is forced to take down its website after a ransomware attack.
• Aurora Water December 31, 2019 • [ leak, misconfiguration, government ] Aurora Water announces yet another data breach involving the Click2Gov payment system. Payments between Aug. 30 and Oct. 14 were impacted.
• Poloniex December 30, 2019 • [ finance, leak ] The Poloniex Exchange forces a password reset after someone leaked a list of email addresses and passwords on Twitter.
• Town of Erie December 30, 2019 • [ financial, phishing, government ] Colorado Town of Erie loses more than $1 million to a business email compromise scam (BEC).
• Undisclosed maritime facility December 30, 2019 • [ ransomware, malware, government ] The U.S. Coast Guard issues a security alert after a Ryuk ransomware attack takes down the network of a federally regulated maritime facility.
• Active Network December 30, 2019 • [ hack, technology ] School software vendor Active Network notifies to have suffered a breach between Oct. 1, 2019 and Nov. 13, 2019, when there was illegal activity taking place on its Blue Bear platform during which time personal information was accessed or acquired by malicious actors.
• Sonicbids December 30, 2019 In December 2019, the booking website Sonicbids suffered a data breach which they attributed to "a data privacy event involving our third-party cloud hosting services". The breach contained 752k user records including names and usernames, email addresses and passwords stored as PBKDF2 hashes. The data was provided to HIBP by breachbase.pw.
• Bapco December 29, 2019 • [ espionage, malware, energy ] Multiple sources reveal that Iranian state-sponsored hackers have deployed Dustman, a new strain of data-wiping malware on the network of Bapco, Bahrain's national oil company. The attack occurred on December 29, 2019.
• Special Olympics of New York December 28, 2019 • [ hack, phishing ] Special Olympics of New York, a nonprofit organization focused on competitive athletes with intellectual disabilities, has its email server hacked and later used to launch a phishing campaign against previous donors.
• Richmond Community Schools December 27, 2019 • [ ransomware, malware, education ] Richmond Community Schools are hit with a ransomware attack.
• BtoBet December 26, 2019 • [ leak, misconfiguration, technology ] In December 2019, a large collection of data from Nigerian gambling company Surebet247 was sent to HIBP. Alongside the Surebet247, database backups from gambling sites BetAlfa, BetWay, BongoBongo and TopBet was also included. Further investigation implicated betting platform provider BtoBet as being the common source of the data. Impacted data included user records and extensive information on gambling histories.
• Prison in south Thailand December 25, 2019 Authorities in Thailand investigate an apparent online break-in by a computer hacker that allowed him to broadcast surveillance video from inside a prison in the country's south.
• The Heritage Company December 24, 2019 • [ ransomware, malware ] The Heritage Company, a telemarketing company, sends home more than 300 employees and tells them to find new jobs after IT recovery efforts didn't go according to plan following a ransomware incident that took place at the start of October 2019.
• The Center for Health Care Services (CHSC) December 24, 2019 • [ hack, healthcare ] San Antonio's The Center for Health Care Services (CHSC) shuts down computing systems for all its clinics in response to a larger-scale cyber-attack.
• Almex December 24, 2019 • [ hack, technology ] Almex, a booking site for customers of Japanese "love hotels" is hacked. Customer data including guest email addresses, handle name, birth date and gender, telephone number, log-ins, address and credit card information could all have been swiped by attackers.
• Maastricht University (UM) December 23, 2019 • [ ransomware, malware, education ] Maastricht University (UM) announces that almost all of its Windows systems have been encrypted by ransomware following a cyber-attack that took place on December 23.
• Roosevelt General Hospital December 23, 2019 • [ hack, malware, healthcare ] Roosevelt General Hospital informs its patients to monitor their credit reports after the healthcare unit discovered malware on a digital imaging server on November 14, 2019.
• Synoptek December 23, 2019 • [ ransomware, malware, technology ] Synoptek, a California business that provides cloud hosting and IT management services, suffers a Sodinokibi ransomware attack that disrupts operations for many of its clients. The company reportedly pays a ransom demand in a bid to restore operations as quickly as possible.
• Entercom December 22, 2019 • [ hack, technology ] Entercom is targeted in a new cyberattack that may have impacted the back-office functions.
• Moss Adams December 22, 2019 The accounting, consulting and wealth management firm Moss Adams posts a cybersecurity incident notice centered on an employee email account that was accessed by an unauthorized person compromising PII.