-
Universarium
November 1, 2019
•
[ leak, misconfiguration, education ]
In approximately November 2019, the Russian "Remote preparatory faculty for IT specialties" Universarium suffered a data breach. The incident exposed 565k email addresses and passwords in plain text. Universarium did not respond to multiple attempts to make contact over a period of many weeks. The data was provided to HIBP by dehashed.com.
-
Benchmark
November 1, 2019
•
[ hack, misconfiguration, technology ]
In November 2019, the Serbian technology news website Benchmark suffered a breach of its forum that exposed 93k customer records. The breach exposed IP and email addresses, usernames and passwords stored as salted MD5 hashes. A forum administrator subsequently advised that the breach was due to the forum previously running on an outdated vBulletin instance. The data was provided to HIBP by a source who requested it be attributed to "ZAN @ BF".
-
IndiHome
November 1, 2019
•
[ leak, technology ]
In mid-2021, reports emerged of a data breach of Indonesia's telecommunications company, IndiHome. Over 26M rows of data alleged to have been sourced from the company was posted to a popular hacking forum and contained 12.6M unique email addresses alongside names, IP addresses, genders and geographic locations. The most recent data was stamped as being recorded in November 2019.
-
Perth Anaesthetic Group
October 31, 2019
Perth Anaesthetic Group is hacked: criminals access patient information and several patients are sent fake invoices from the attackers demanding payments.
-
Utah Valley Eye Center
October 31, 2019
•
[ hack, healthcare ]
Hackers access the Utah Valley Eye Center third-party portal (DemandForce) that reminds patients of scheduled appointments and send emails to inform patients they had received payment from PayPal. The incident occurred on June 18, 2018.
-
Watertown School District
October 31, 2019
•
[ ransomware, malware, education ]
Watertown School District is hit by a ransomware attack.
-
Centre1
October 31, 2019
Unit 02616 of Uzbekistan's National Security Service used FinFisher, a German spyware, to attack dissidents. Among the targets is Centre1 a regional news outlet that reports on the Uzbek government.
-
Palestine Chronicle
October 31, 2019
•
[ espionage, malware, technology ]
Unit 02616 of Uzbekistan's National Security Service used FinFisher, a German spyware, to attack dissidents. Among the targets is the Palestine Chronicle a regional news outlet that reports on the Uzbek government.
-
Winamax
October 31, 2019
•
[ hack, ddos ]
Winamax is hit by a DDoS attack.
-
Eltuz
October 31, 2019
•
[ espionage, malware, government ]
Unit 02616 of Uzbekistan's National Security Service used FinFisher, a German spyware, to attack dissidents. Among the targets is Eltuz a regional news outlet that reports on the Uzbek government.
-
Fergana News
October 31, 2019
•
[ espionage, malware, technology ]
Unit 02616 of Uzbekistan's National Security Service used FinFisher, a German spyware, to attack dissidents. Among the targets is Fergana News a regional news outlet that reports on the Uzbek government.
-
Marriott International
October 30, 2019
Marriott International notifies some of its associates of an incident that exposed their social security numbers (SSNs) to an unknown party who may have accessed the information from the network of an unnamed vendor.
-
Ontario Science Centre
October 30, 2019
A third-party email vendor for the Ontario Science Centre suffers a data breach exposing some PII of 174,000 of the Centre's members, donors and customers. The breach occurred on August 16
-
Kudankulam Nuclear Power Plant
October 30, 2019
•
[ hack, malware, energy ]
Nuclear Power Corporation of India Ltd (NPCIL) confirms that the network of a nuclear power plant was infected with malware. Several security researchers identify the malware as a version of DTrack, a backdoor trojan developed by the Lazarus Group.
-
Nikkei America
October 30, 2019
Nikkei loses roughly 29 million dollars after an employee of the Nikkei America subsidiary is tricked by scammers to send the funds to a bank account they controlled.
-
Bed Bath & Beyond
October 29, 2019
•
[ leak, retail ]
Bed Bath & Beyond discloses that an unauthorized party obtained login information for some of its customers (1% of customer base).
-
Indian users
October 29, 2019
•
[ financial, malware, finance ]
Researchers from Group-IB discover more than 1.3 million Indian payment card details put up for sale on Joker's Stash, the internet's largest carding shop.
-
Las Cruces Public Schools
October 29, 2019
•
[ ransomware, malware, education ]
A ransomware attack hits Las Cruces Public Schools and forces the district to shut down the entire computer system to contain the infection.
-
Prisma Health
October 29, 2019
•
[ social, phishing, healthcare ]
Prisma Health discloses a cyber attack after an employee falls victim of a phishing attack.
-
Maestro
October 28, 2019
•
[ hack, technology ]
Russian group Sandworm carried out large-scale cyberattacks against targets in Georgia. The hackers disrupted Proservice a webhosting site, which led to the defacement of as many as 15,000 websites. Additionally, two TV broadcasters, Imedi TV and Maestro, were taken offline as well.