Full List

Search

Recent Breaches

• Grid operations in parts of the western United States April 30, 2019 A report posted by the Department of Energy indicates that a cyber event interrupted grid operations in parts of the western United States on March 5.
• Michael Bubles Instagram Account April 30, 2019 • [ hack, technology ] Michael Bubles Instagram account is apparently hacked, when some strange images are shown for about half an hour.
• Charles River Laboratories International, Inc. April 30, 2019 • [ hack ] Charles River Laboratories International, Inc. notifies clients of unauthorized access into portions of its information systems.
• Citycomp GMBH April 30, 2019 Citycomp GMBH is hacked. The attackers claim to have stolen 312,570 files (over 516GBb of information). Targets include Ericsson, Leica, Toshiba, UniCredit, British Telecom, Hugo Boss, NH Hotel Group, Oracle, Airbus, Porsche, and Volkswagen.
• Saint Ambrose Catholic Parish April 29, 2019 • [ financial, hack, social ] Hackers steal $1.75 million from the Saint Ambrose Catholic Parish following a successful BEC attack which was discovered on April 17 after payments related to the church's Vision 2020 project were not received by a contractor.
• McDonald's Canada April 29, 2019 Users of a McDonald's app in Canada are having their accounts hijacked by hackers who are using the accounts to order food for themselves, racking up bills in excess of CAD $2,000.
• Puma Australia April 29, 2019 • [ financial, malware, retail ] Puma Australia is the latest victim of a Magecart attack.
• SkyMed April 29, 2019 • [ leak, ransomware, misconfiguration ] A detailed list or 137,000 SkyMed members accounts is found, on March 27th, into an unsecured Elasticsearch database. The leak also shows evidence of ransomware inside the network.
• Cleveland Hopkins International Airport April 28, 2019 • [ ransomware, malware, government ] Cleveland Hopkins International Airport reveals to have been hit by a ransomware attack.
• Aimware April 28, 2019 In mid-2019, the video game cheats website "Aimware" suffered a data breach that exposed hundreds of thousands of subscribers' personal information. Data included email and IP addresses, usernames, forum posts, private messages, website activity and passwords stored as salted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to "clerk/anthrax/soontoberichh".
• Johnson Newspaper Corp. April 27, 2019 A Ryuk cyber attack takes down the data infrastructure of Johnson Newspaper Corp.
• University of Alaska April 26, 2019 The University of Alaska notifies potentially affected students and individuals after an investigation into a data privacy incident involving potential unauthorized access to certain UA email accounts, occurred in February 2018.
• Sugar-Salem School District 322 April 26, 2019 • [ ransomware, malware, education ] A ransomware attack takes down servers at Sugar-Salem School District 322.
• Woodruff Arts Center April 26, 2019 • [ ransomware, malware ] The Woodruff Arts Center says it is investigating a security breach after a massive network outage, allegedly caused by ransomware.
• Cartoon Network April 25, 2019 Cartoon Network websites in at least 16 countries/regions are hacked to play videos of Arabic memes and a Brazilian male stripper, among other things. Cartoon Network portals in the UK, Hungary, Romania, Germany, Russia, Poland, the Czech Republic, Denmark, Norway, the Netherlands, Italy, Turkey, Mexico, Brazil, the Africa region, and the Arabic region have been affected.
• Chase Bank Customers April 25, 2019 • [ social, phishing, finance ] A new phishing scam targeting Chase bank customers is discovered that not only asks for personal information, but also requests that the victim uploads a selfie of himself holding his ID or driver license.
• Docker April 25, 2019 An unauthorized person gain access to a Docker Hub database that exposed sensitive information for approximately 190,000 users. This information included some usernames and hashed passwords, as well as tokens for GitHub and Bitbucket repositories.
• Hong Kong branch of Amnesty International April 25, 2019 • [ espionage, hack, government ] The Hong Kong branch of human rights group Amnesty International reveal it was targeted by state-sponsored hackers in a cyberattack "consistent with those carried out by hostile groups linked to the Chinese government".
• Undisclosed financial institution April 25, 2019 Researchers from Cybereason discover a spear phishing campaign targeting a financial institution, and installing a sophisticated backdoor called ServHelper to take over the network.
• Ukraine Ministry Of Defense April 24, 2019 Security researchers at Yoroi-Cybaze ZLab uncover a new campaign carried out by the Russian state-actor dubbed Gamaredon targeting Military personnel in Ukraine.