-
Microsoft
March 2, 2020
•
[ leak, technology ]
The Syrian Electronic Army publishes some invoices leaked from Microsoft indicating that the company charges the FBI to view customers' information.
-
Tesco
March 2, 2020
•
[ hack, brute-force, retail ]
Tesco issues new cards to 600,000 Clubcard account holders after a credential stuffing attack.
-
Community Development Bank
March 1, 2020
•
[ ransomware, malware, finance ]
Community Development Bank becomes the latest victim of the Maze ransomware team.
-
Visser Precision
March 1, 2020
•
[ ransomware, malware, manufacturing ]
Visser Precision, parts maker for space and defense contractors confirms a DoppelPaymer ransomware attack.
-
Catho
March 1, 2020
•
[ leak, misconfiguration, technology ]
In approximately March 2020, the Brazilian recruitment website Catho was compromised and subsequently appeared alongside 20 other breached websites listed for sale on a dark web marketplace. The breach included almost 11 million records with 1.2 million unique email addresses. Names, usernames and plain text passwords were also exposed. The data was provided to HIBP by breachbase.pw.
-
Digitex
February 29, 2020
•
[ hack, finance ]
A hacker dubbed Digileaker claims to have stolen the data related to 8,000 Digitex users.
-
-
Loqbox
February 29, 2020
Fintech startup Loqbox reveals to have suffered an "attack" which potentially revealed its customers' names, postal addresses, dates of birth, email addresses and phone numbers.
-
RailWorks Corporation
February 29, 2020
•
[ ransomware, malware, manufacturing ]
RailWorks Corporation, one of the leading providers of rail infrastructure solutions in North America, discloses a ransomware attack.
-
Munson Healthcare Group
February 28, 2020
•
[ hack, phishing, healthcare ]
Munson Healthcare Group discloses that hackers gained access to patient data placed by compromising the email accounts of at least two employees. Patient records were accessed from July 31, 2019, to October 22, 2019, but the breach went undetected until January 16, 2020.
-
Tamodo
February 28, 2020
In February 2020, the affiliate marketing network Tamodo suffered a data breach which was subsequently shared on a popular hacking forum. The incident exposed almost 500k accounts including names, email addresses, dates of birth and passwords stored as bcrypt hashes. Tamodo failed to respond to multiple attempts to report the breach via published communication channels.
-
Democratic National Committee
February 27, 2020
•
[ social, phishing, government ]
The Democratic National Committee warns its presidential candidates to be cautious after Bernie Sanders' campaign reported that an "impersonator" with a domain registered overseas had posed as one of its staffers and sought conversations with members of at least two other campaigns.
-
-
Kenneth Cole Productions
February 27, 2020
•
[ ransomware, malware, manufacturing ]
The operators behind the Sodinokibi Ransomware (AKA Revil) publish the download links to files containing what they claim is financial and work documents, as well as customers' personal data stolen from Kenneth Cole Productions.
-
OKEx
February 27, 2020
•
[ hack, ddos, finance ]
OKEx and Bitfinex suffered simultaneous distributed denial of service (DDoS) attacks.
-
Barbara Corcoran
February 27, 2020
Barbara Corcoran, a renowned real-estate broker and business expert, admits she lost $380,000 via a BEC scam.
-
AnimeGame
February 27, 2020
•
[ hack, technology ]
In February 2020, the gaming website AnimeGame suffered a data breach. The incident affected 1.4M subscribers and exposed email addresses, usernames and passwords stored as salted MD5 hashes. The data was subsequently shared on a popular hacking forum and was provided to HIBP by dehashed.com.
-
Rady's Children's Hospital
February 26, 2020
•
[ leak, misconfiguration, healthcare ]
Rady's Children's Hospital notifies patients whose data were accessed via an "open port" on June 2019, and January 2020.
-
Southern Water
February 26, 2020
•
[ social, phishing, energy ]
British utility Southern Water is the victim of a phishing attack, resulting in a shutdown of some of the company's systems.
-
Bretagne Tcom
February 26, 2020
•
[ ransomware, hack, malware ]
Cloud services provider Bretagne T l com is hacked by the threat actors behind the DoppelPaymer Ransomware using CVE-2019-19781.