Full List

Search

Recent Breaches

• Boston University October 10, 2019 • [ leak, education ] Over 1,000 Boston University students are forced to change their account passwords after the servers are flooded with spam emails from student accounts. The spam is believed to be a result of a 2018 breach of the educational site Chegg.
• Hookers[.]nl October 10, 2019 A Bulgarian hacker known as InstaKilla breaches EscortForumIt[.]xxx and Hookers[.]nl two online escort forums and stole the user information that he is now offering for sale on a hacking forum.
• Fairfield County High School October 10, 2019 • [ social, phishing, education ] Attackers target students at a Fairfield County High School in a phishing scheme.
• Maati Monjib October 10, 2019 • [ espionage, malware, government ] Amnesty International released a report showing how Morocco's government used the NSO Group's Pegasus malware to target two human rights activists in Morocco. The second target is Abdessadak El Bouchattaoui, a human rights lawyer.
• Maati Monjib October 10, 2019 Amnesty International uncovers targeted attacks against two prominent Moroccan Human Rights Defenders using NSO Group's Pegasus spyware. Targeted attacks have been ongoing since at least 2017.
• City of Carrollton October 10, 2019 • [ hack, government ] The city of Carrollton, Texas, is the victim of a cyber attack that makes some services unavailable.
• Magnolia Pediatrics October 10, 2019 • [ ransomware, malware, healthcare ] Magnolia Pediatrics is hit by ransomware. The infection occurred on August 2019.
• NCR Corporation October 10, 2019 • [ financial, malware, finance ] Researchers from FireEye discover new tools from the FIN7 group: a loader, dubbed BOOSTWRITE, that delivers payloads into memory and a module, dubbed RDFSNIFFER, that hooks into the remote administration software of ATM maker NCR Corporation.
• Hookers.nl October 10, 2019 In October 2019, the Dutch prostitution forum Hookers.nl suffered a data breach which exposed the personal information of sex workers and their customers. The IP and email addresses, usernames and either bcrypt or salted MD5 password hashes of 291k members were accessed via an unpatched vulnerability in the vBulletin forum software.
• StarTribune October 10, 2019 • [ hack, misconfiguration, technology ] In October 2019, the Minnesota-based news service StarTribune suffered a data breach which was subsequently sold on the dark web. The breach exposed over 2 million unique email addresses alongside names, usernames, physical addresses, dates of birth, genders and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
• Immutable October 9, 2019 Immutable is hit by a cyber attack after it offered to support a professional gamer banned from his sport for endorsing Hong Kong democracy protests.
• Blue Earth Area High School October 9, 2019 Blue Earth Area High School replaces its gymnasium floor in the wake of a Sept. 19 cyberattack at the school that hit the computer that controls the humidity level in the building.
• TransUnion October 9, 2019 • [ hack, finance ] The personal information of about 37,000 Canadians is compromised after the fraudulent use of one if TransUnion's legitimate business customer's login credentials. The breach occurred between June and July.
• Methodist Hospitals October 9, 2019 • [ social, phishing, healthcare ] Methodist Hospitals from Gary, Indiana, discloses that sensitive personal and medical information for 68,039 individuals may have been exposed following a successful phishing attack against two of its employees occurred in June 2019.
• Beeline October 7, 2019 • [ leak, technology ] The data of 8.7 million customers from Russian internet service provider Beeline is being sold and shared online. The breach occurred in 2017.
• Hibiscus Petroleum October 7, 2019 • [ hack, energy ] Hibiscus Petroleum reveals that its IT system was "subjected to an attack" the previous week.
• Volusion October 7, 2019 • [ hack, malware, technology ] Hackers breach the infrastructure of Volusion, a provider of cloud-hosted online stores, and deliver malicious code that records and steals payment card details entered by users in online forms. More than 6,500 stores are impacted,
• Italian Democratic Party October 6, 2019 • [ hack, leak, government ] Anonymous Italia hacks 8 websites of the Italian Democratic Party (PD) and leaks 220 databases containing personal data in clear text.
• Bonjour-Sant October 6, 2019 • [ hack, healthcare ] Bonjour-Sant, a private Quebec medical-booking service that promises quick appointments, was the victim of a cyber attack.
• TOMS Shoes October 6, 2019 • [ hack, retail ] A hacker dubbed Nathan uses the mailing list of retailer TOMS Shoes to tell users it's time to log off.