-
World Uyghurs Writers Union
September 3, 2019
Multiple threat actors compromised and exploited eleven websites that published news and cultural information related to the Uighur populations in China, particularly the East Turkestan region. The threat actors imitated the domains of Google, the Turkistan Times, and the Uyghur Academy, and used Google applications to gain access to Gmail accounts and infect victims' devices.
-
Monroe-Woodbury Central School District
September 3, 2019
•
[ ransomware, malware, education ]
New York's Monroe-Woodbury Central School District delays the first day of school due to a ransomware attack.
-
Temple University Health System
September 3, 2019
•
[ ransomware, malware, healthcare ]
Temple University Health System is back online after an unconfirmed ransomware attack.
-
Souderton Area School District
September 1, 2019
•
[ ransomware, malware, education ]
The Souderton Area School District is hit by a ransomware attack.
-
XKCD Forums
September 1, 2019
•
[ leak ]
The forums of the XKCD webcomic are currently offline after being impacted by a data breach which exposed the information of 561,991 users on July 1.
-
Zynga
September 1, 2019
•
[ hack, technology ]
In September 2019, game developer Zynga (the creator of Words with Friends) suffered a data breach. The incident exposed 173M unique email addresses alongside usernames and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by dehashed.com.
-
EpicBot
September 1, 2019
•
[ hack, technology ]
In September 2019, the RuneScape bot provider EpicBot suffered a data breach that impacted 817k subscribers. Data from the breach was subsequently shared on a popular hacking forum and included usernames, email and IP addresses and passwords stored as either salted MD5 or bcrypt hashes. EpicBot did not respond when contacted about the incident.
-
CircleCI
August 31, 2019
•
[ leak, misconfiguration, technology ]
Software testing and delivery company CircleCI notifies a security incident involving the company and a third-party analytics vendor. An attacker was able to improperly access some user data in the vendor account.
-
Russell Stover Chocolates
August 30, 2019
•
[ financial, malware, retail ]
Russell Stover Chocolates reveals that a malware infection to its POS systems compromised customer's data between February 9, 2019 and August 7, 2019.
-
University of Ghana accommodation registration portal
August 30, 2019
•
[ hack, phishing, education ]
The University of Ghana accommodation registration portal is hacked, redirecting students to a wrong site to register.
-
Foxit Software
August 30, 2019
•
[ hack, technology ]
Foxit Software, the company behind the Foxit PDF reader app, announces that hackers breached its servers and made off with some user information.
-
Oregon Judicial Department
August 30, 2019
•
[ social, phishing, government ]
A phishing scheme succeeds in breaking into the email accounts of five Oregon Judicial Department employees, exposing personal information of more than 6,000 people.
-
U.K.-based energy firm
August 30, 2019
•
[ financial, social, energy ]
An insurance firm (Euler Hermes Group SA) reveals that criminals used artificial intelligence-based software to impersonate a CEO's voice and demand a fraudulent transfer of 220,000 ($243,000) back in March.
-
Jack Dorsey's Twitter account
August 30, 2019
Hackers take over Twitter CEO Jack Dorsey's Twitter account, and tweet offensive and racist content.
-
United Nations
August 30, 2019
A leaked report reveals that the European network of the United Nations was compromised during the summer of 2019.
-
The Digital Dental Record
August 29, 2019
•
[ ransomware, malware, healthcare ]
Hundreds of dental practice offices in the US are infected with Sodinokibi ransomware, after attackers compromise two software providers, The Digital Dental Record and PerCSoft, and use them to distribute the ransomware.
-
Wolcott Public Schools
August 28, 2019
•
[ ransomware, malware, education ]
Wolcott Public Schools reveals that it has not fully recovered from a ransomware attack at the end of the last year.
-
Capital & Coast DHB
August 27, 2019
•
[ social, phishing, healthcare ]
A Capital & Coast DHB staff member falls victim to an email phishing scam which took thousands of emails from their address.
-
Imperva
August 27, 2019
•
[ hack, misconfiguration, technology ]
Imperva discloses a security incident that impacts customers of its cloud Web Application Firewall. Apparently the intruders made off with customer API keys and SSL certificates.
-
Oldenburgische Landesbank (OLB)
August 27, 2019
Criminals steal more than 1.5 million ($1.65 million) from OLB by cloning customer debit cards and then cashing out user funds across Brazil, despite the original cards being protected by EMV (chip-and-PIN) technology.
