Full List

Search

Recent Breaches

• Ukrainian military April 16, 2019 • [ espionage, phishing, malware ] Researchers from FireEye reveal that multiple Ukrainian military departments were targeted by a spear phishing campaign which attempted to drop a RATVERMIN backdoor as part of a second-stage payload delivered with the help of a Powershell script.
• City of Stratford April 15, 2019 • [ ransomware, malware, government ] The city of Stratford is hit by a ransomware attack.
• American Advertising Federation (AAF) April 15, 2019 The same group that hacked the FBINAA claims to have published what appears to be the information of tens of thousands of American Advertising Federation (AAF) members, saying it's an FBI watchlist. However there are many doubts.
• Wipro Ltd. April 15, 2019 Indian IT outsourcing and consulting giant Wipro Ltd. investigates reports that its own IT systems have been hacked and are being used to launch attacks against some of the company's customers.
• ApexSMS April 15, 2019 • [ leak, misconfiguration, technology ] In May 2019, news broke of a massive SMS spam operation known as "ApexSMS" which was discovered after a MongoDB instance of the same name was found exposed without a password. The incident leaked over 80M records with 23M unique email addresses alongside names, phone numbers and carriers, geographic locations (state and country), genders and IP addresses.
• City of Stuart April 13, 2019 • [ ransomware, malware, government ] The City of Stuart is hit by a Ryuk ransomware attack.
• Garfield County April 13, 2019 • [ ransomware, malware, government ] Garfield County reveals it was the victim of a ransomware attack, crippling the work of city personnel for weeks before they were able to pay to get access to their own data.
• Imperial County April 13, 2019 • [ ransomware, malware, government ] Imperial County is hit by a ransomware attack.
• Dakota County April 12, 2019 • [ hack, phishing, government ] Dakota County notifies 1000 individuals of an incident occurred on February 13, 2019, when an email account belonging to one of its employees was accessed without authorization.
• FBI National Academy Associates April 12, 2019 • [ hack, government ] A hacker group breaches three sites associated with the FBI National Academy Associates and uploads their contents to the web, including dozens of files containing the personal information of thousands of federal agents and law enforcement officers.
• Blue Cross of Idaho Health Service April 12, 2019 • [ hack, misconfiguration, healthcare ] Blue Cross of Idaho Health Service notifies that, on March 21, 2019, an unauthorized user accessed Blue Cross of Idaho's online provider portal and was able to access provider remittance documents, which contained PHI.
• Questcare Medical Services April 12, 2019 • [ hack, phishing, healthcare ] Questcare Medical Services announces to have discovered a security incident. On February 13, an unauthorized third party obtained access to an employee's email account.
• Flashpoint April 12, 2019 • [ hack, malware, technology ] A 0-day vulnerability in the Yuzo WordPress plugin causes the Flashpoint website to briefly redirect the users to an external website with a pop-up leading to malware.
• Kyushu Railway Co. April 12, 2019 • [ hack, sqlinjection ] Kyushu Railway Co. reveals that personal and credit information on up to 8,000 customers were stolen from the goods store website for its "Seven Stars in Kyushu" luxury cruise train.
• Truth Finder April 12, 2019 • [ leak, technology ] In 2019, the public records search service TruthFinder suffered a data breach that later came to light in early 2023. The data included over 8M unique customer email addresses, names, phone numbers and passwords stored as scrypt hashes.
• Instant Checkmate April 12, 2019 • [ leak, technology ] In 2019, the public records search service Instant Checkmate suffered a data breach that later came to light in early 2023. The data included almost 12M unique customer email addresses, names, phone numbers and passwords stored as scrypt hashes.
• City of Greenville April 11, 2019 • [ ransomware, malware, government ] The city of Greenville is hit by the RobbinHood ransomware. A new strain that claims to protect the victim's privacy.
• Uniden April 11, 2019 • [ hack, malware, manufacturing ] Uniden's website for commercial security products is hacked to host a Word document that delivers what appears to be a garden variety of the Emotet trojan, also known as Geodo and Heodo.
• VSDC April 11, 2019 • [ financial, malware, technology ] The website of the free multimedia editor VSDC is breached again to distribute a banking trojan and an info stealer (Win32.Bolik.2 and KPOT stealer).
• Riverplace Counseling Center April 11, 2019 • [ ransomware, malware, healthcare ] Riverplace Counseling Center notifies 11,639 patients after a security incident due to a ransomware occurred on January 20, 2019.