Full List

Search

Recent Breaches

• Justus Liebig University December 17, 2019 • [ hack, malware, education ] The Justus Liebig University is hit with an Emotet malware attack and as consequence 38,000 students and staff are asked to change their password.
• KH - Katholische Hochschule Freiburg (Catholic University in Freiburg) December 17, 2019 • [ malware, education ] Katholische Hochschule Freiburg is also hit with an Emotet infection.
• St. Lucie County Sheriff's Office December 17, 2019 • [ ransomware, malware, government ] The St. Lucie County Sheriff's Department is forced to shutter most of its network after it is struck with ransomware.
• Government organization in Cambodia December 17, 2019 • [ espionage, malware, government ] Researchers from Palo Alto reveal a new wave of attacks carried out by a Chinese APT dubbed Rancor, using a new malware strain dubbed Dudell.
• Avvo December 17, 2019 • [ leak, misconfiguration, technology ] In approximately December 2019, an alleged data breach of the lawyer directory service Avvo was published to an online hacking forum and used in an extortion scam (it's possible the exposure dates back earlier than that). The data contained 4.1M unique email addresses alongside SHA-1 hashes, most likely representing user passwords. Multiple attempts at contacting Avvo over the course of a week were unsuccessful and the authenticity of the data was eventually verified with common Avvo and HIBP subscribers.
• GameSprite December 17, 2019 • [ leak, technology ] In December 2019, the now defunct gaming platform GameSprite suffered a data breach that exposed over 6M unique email addresses. The impacted data also included usernames, IP addresses and salted MD5 password hashes.
• Go Ninja December 17, 2019 • [ hack, technology ] In December 2019, the now defunct German gaming website Go Ninja suffered a data breach that exposed 5M unique email addresses. The impacted data included usernames, email and IP addresses and salted MD5 password hashes. More than 4M of the email addresses appeared to have been generated as opposed to organically provided by the user.
• Epilepsy Foundation Twitter's account December 16, 2019 • [ hack, healthcare ] The Epilepsy Foundation files a criminal complaint and requests investigation in response to some attacks on its Twitter feed, showing flashing and strobing lights.
• City of Galt December 16, 2019 • [ ransomware, malware, government ] The city of Galt, California, is hit with a ransomware attack.
• SoarGames December 16, 2019 • [ leak, misconfiguration, technology ] In December 2019, the now defunct gaming website SoarGames suffered a data breach that exposed 4.8M unique email addresses. The impacted data included usernames, email and IP addresses and salted MD5 password hashes. A significant number of the email addresses appeared to have been generated as opposed to organically provided by the user.
• Iran December 15, 2019 • [ hack, government ] Iran telecommunications minister announces that for the second time in a week, the country has foiled a cyber attack against its infrastructure allegedly carried out by APT27.
• Hackensack Meridian Health December 15, 2019 • [ ransomware, malware, healthcare ] The largest hospital in New Jersey, the Hackensack Meridian Health, reveals it was the victim of a ransomware attack that disrupted its network, and also that the IT staff decided to pay the ransom to restore the files.
• Unnamed gas station in North America December 14, 2019 • [ hack, malware, retail ] Payments processor VISA says North American merchants who operate gas stations and gas pumps are facing a rash of attacks from cybercrime groups wanting to deploy point-of-sale (POS) malware on their networks. VISA has identified two specific attacks which were attributed to FIN8.
• JoyGames December 14, 2019 • [ leak, technology ] In December 2019, the forum for the JoyGames website suffered a data breach that exposed 4.5M unique email addresses. The impacted data also included usernames, IP addresses and salted MD5 password hashes.
• Unigame December 14, 2019 In December 2019, the now defunct gaming website Unigame (maker of Hunter Online) suffered a data breach that was later redistributed as part of a larger corpus of data. The data included 844k email addresses and salted MD5 password hashes.
• City of New Orleans December 13, 2019 • [ ransomware, malware, government ] The city of New Orleans is hit with a ransomware attack. All employees are immediately alerted to power down computers, unplug devices & disconnect from the city's WiFi.
• Vimly Benefit Solutions December 13, 2019 • [ social, phishing, technology ] Vimly Benefit Solutions says that it is mailing letters to some of its customers whose information may have been compromised as part of a phishing attempt.
• Keybase December 13, 2019 • [ financial, misconfiguration, finance ] Keybase announces the closure of its free Lumens (XLM) cryptocurrency drop scheme due to an influx of spam accounts.
• Love Bonito December 13, 2019 • [ hack, malware, retail ] Love Bonito reports a data breach, with personal and credit card information potentially accessed. The company discovered a malicious code being added to their e-commerce site on 10 Dec.
• GoSport et Courir December 12, 2019 • [ ransomware, malware, retail ] GoSport et Courir is hit by a ransomware attack. 2 out of 84 shops are closed as a consequence of the attack.