-
United Nations
January 15, 2020
•
[ hack, malware, government ]
The United Nations is hit by a cyberattack through the Emotet malware.
-
P&N Bank
January 15, 2020
•
[ hack, misconfiguration, finance ]
P&N Bank in Western Australia informs its customers that hackers may have accessed personal information stored on its systems following a cyber attack on December 12, during an upgrade at a third-party hosting company.
-
PlanetDrugsDirect
January 15, 2020
Canadian online pharmacy PlanetDrugsDirect emails customers, notifying them of a data security incident that might have impacted some of their sensitive personal and financial information. 400,000 individuals are potentially compromised.
-
Town of Colonie
January 15, 2020
•
[ hack, malware, government ]
The Albany County town of Colonie is hit by a cyber-attack that takes the town's computer system and email offline.
-
Burisma
January 14, 2020
Researchers from Area 1 reveal that Russian spies from GRU are suspected of trying to hack into Burisma, the Ukrainian gas company with whom Hunter Biden worked.
-
LimeLeads
January 14, 2020
•
[ leak, misconfiguration, technology ]
49 million user records extracted from a misconfigured Elasticsearch database by US data broker LimeLeads are put up for sale online.
-
New Mexico Public Regulation Commission
January 14, 2020
•
[ hack, government ]
The New Mexico Public Regulation Commission is "hacked by an outside source"
-
St. Louis Community College
January 13, 2020
•
[ social, phishing, education ]
More than 5,100 St. Louis Community College students and employees have their personal information accessed via a phishing scam.
-
Company in the medical tech sector
January 13, 2020
•
[ hack, malware, manufacturing ]
Researchers from Guardicore reveal the details of an attack targeting a company in the medical tech sector via a malware hiding its modules in WAV audio files and spreading to vulnerable Windows 7 machines on the network via EternalBlue.
-
Mathway
January 13, 2020
In January 2020, the math solving website Mathway suffered a data breach that exposed over 25M records. The data was subsequently sold on a dark web marketplace and included names, Google and Facebook IDs, email addresses and salted password hashes.
-
Zoosk (2020)
January 12, 2020
In January 2020, the online dating service Zoosk suffered a data breach which was subsequently shared extensively across online hacking communities. The breach contained 24 million unique email addresses alongside extensive personal information including genders, sexualities, dates of birth, physical attributes such as height and weight, religions, ethnicities and political views. The breach also allegedly exposed MD5 password hashes, although the data circulating in hacking circles had this field nulled out. The breach was provided to HIBP by breachbase.pw.
-
City of Ozark
January 10, 2020
•
[ hack, government ]
Hackers from Anonymous Iran claim to have defaced the website of city of Ozark.
-
Panama-Buena Vista Union School
January 10, 2020
•
[ ransomware, malware, education ]
Panama-Buena Vista Union School District is hit with a ransomware attack.
-
PIH Health
January 10, 2020
PIH Health notifies almost 200,000 patients whose protected health information was in employee email accounts that were compromised.
-
Los Angeles County
January 10, 2020
•
[ social, phishing, education ]
Los Angeles County confirms it was the target of a phishing attack last month, which staff detected and contained before it exposed any county resident data.
-
Manor Independent School District
January 10, 2020
•
[ financial, phishing, education ]
Manor Independent School District announces that email scammers had fleeced the District out of $2.3 million.
-
The Center for Facial Restoration
January 10, 2020
The Center for Facial Restoration reveals to have been victim of hack back in November 2019, with the attackers threatening to release the patients' data.
-
Boing Boing
January 10, 2020
•
[ hack, malware, technology ]
The popular Boing Boing blog is hacked by an unknown party who plants malicious code into the site's WordPress theme. Users visiting the site from desktop computers are redirected to a fake download page for an Adobe Flash update.
-
Website collecting donations for the victims of the Australia bushfires
January 10, 2020
•
[ financial, malware, healthcare ]
Researchers from Malwarebytes discover that attackers compromised a website collecting donations for the victims of the Australia bushfires and injected ATMZOW, a malicious script that steals the payment information of the donors.
-
American Electric Utilities
January 9, 2020
•
[ espionage, energy ]
Researchers from Dragos reveal that a state-sponsored group affiliated to Iran called Magnallium has been probing American electric utilities for the past year.