-
VT San Antonio Aerospace
March 7, 2020
•
[ ransomware, malware, technology ]
The Maze Ransomware gang breach and successfully encrypt the systems of VT San Antonio Aerospace. They also steal and leak unencrypted files. The attack occurred in April 2020.
-
Foodmandu
March 7, 2020
Foodmandu, an e-commerce company providing on-demand food delivery service across Kathmandu valley suffered a data breach. 50,000 customers' data is dumped on the web.
-
Koodo Mobile
March 6, 2020
Telus-owned Koodo Mobile suffers a data breach after their systems were hacked on February 13, 2020, and customer data from August and September 2017 was stolen by the attackers.
-
Durham County
March 6, 2020
•
[ ransomware, malware, government ]
The City of Durham and Durham County are hit by two separate Ryuk ransomware attacks.
-
Trident Crypto Fund
March 6, 2020
•
[ leak, finance ]
The usernames and passwords of more than a quarter of a million Trident Crypto Fund customers have been stolen and published online.
-
BJC HealthCare
March 6, 2020
•
[ hack, phishing, healthcare ]
BJC HealthCare warns patients that their information may have been exposed after it discovered someone gained unauthorized access to three employee email accounts on March 6.
-
Entercom
March 6, 2020
•
[ leak, misconfiguration, technology ]
US radio giant Entercom reports a data breach that took place in August 2019 after an unauthorized party was able to access database backup files stored in a third-party cloud hosting service and containing Radio.com user credentials.
-
EVRAZ
March 5, 2020
•
[ ransomware, malware, manufacturing ]
EVRAZ, one of the world's largest steel manufacturers and mining operations, has its North American activities taken down by a Ryuk ransomware attack.
-
Carnival Corporation
March 5, 2020
•
[ social, phishing ]
Carnival Corp. announces that two of its most popular lines, Holland America and Princess Cruises, were hit by a phishing attack between April 11 and July 23, 2019.
-
Communications & Power Industries (CPI)
March 5, 2020
•
[ ransomware, malware, manufacturing ]
Communications & Power Industries (CPI) is still down after a ransomware attack suffered in January.
-
Australian Defence Force
March 4, 2020
The Australian Signals Directorate (ASD) reveals that a vulnerability in Citrix, could have been used by malicious actors to access a database of Australian Defence recruitment details.
-
Boots
March 4, 2020
•
[ hack, brute-force, retail ]
Boots suspends payments using loyalty points in shops and online after attempts to break into customers' accounts using stolen passwords.
-
T-Mobile
March 4, 2020
•
[ hack, technology ]
US telecommunications giant T-Mobile discloses a security breach that impacted both its employees and customers alike. The attackers gained access to "certain T-Mobile employee email accounts, some of which contained account information for T-Mobile customers and employees."
-
Lead Hunter
March 4, 2020
•
[ leak, misconfiguration ]
In March 2020, a massive trove of personal information referred to as "Lead Hunter" was provided to HIBP after being found left exposed on a publicly facing Elasticsearch server. The data contained 69 million unique email addresses across 110 million rows of data accompanied by additional personal information including names, phone numbers, genders and physical addresses. At the time of publishing, the breach could not be attributed to those responsible for obtaining and exposing it. The data was provided to HIBP by dehashed.com.
-
Four Queens Hotel and Casino
March 3, 2020
•
[ ransomware, malware ]
Four Queens Hotel and Casino and Binion's Casino are hit with a ransomware attack.
-
J.Crew
March 3, 2020
•
[ hack, retail ]
Clothing giant J.Crew says an unknown number of customers had their online accounts accessed "by an unauthorized party" in or around April 2019.
-
Spartanburg School District One
March 2, 2020
•
[ ransomware, malware, education ]
Spartanburg School District One is hit with a ransomware attack.
-
Vijay Sales
March 2, 2020
•
[ leak, misconfiguration, retail ]
A threat actor posts a leaked Vijay Sales, a large electronics retail store chain in India, database on a popular dark web hacker forum. The threat actor claims the source was from an "exposed backup server" breached in February 2020.
-
GeoCloud
March 2, 2020
•
[ leak, misconfiguration, technology ]
A threat actor posts another database, this time from technology company GeoCloud, leaked through a public Amazon server. The data contains users' names, email addresses, and passwords as well as the company's social media keys and company information.
-
City of Novi Sad
March 2, 2020
•
[ ransomware, malware, government ]
The City of Novi Sad in Serbia is hit by the PwndLocker ransomware.