Full List

Search

Recent Breaches

• AltaMed Health Services Corporation February 15, 2019 • [ hack, healthcare ] AltaMed Health Services Corporation notifies 5,767 California residents of a data security incident at Sharecare Health Data Services, a business affiliate. SHDS detected an unauthorized third-party access as early as May 21, 2018
• Hampton Roads Community Health Center February 15, 2019 • [ hack, misconfiguration, healthcare ] Hampton Roads Community Health Center reveals that a server hosting unencrypted patient data was compromised back in December 2018.
• North Country Business Products February 15, 2019 North Country Business Products point-of-sale and security solutions provider discloses a data breach which led to the exposure of payment information for clients who used their credit and debit cards at 137 restaurants.
• CHI Health February 15, 2019 • [ hack, malware, healthcare ] CHI Health officials reveal that a device brought in by a third-party vendor introduced a malware into the health system's network.
• YouNow February 15, 2019 • [ hack, technology ] In February 2019, data from the live broadcasting service YouNow appeared for sale on a dark web marketplace. Whilst it's not clear what date the actual breach occurred on, the impacted data included 18M unique email addresses, IP addresses, names, usernames and links to social media profiles. As authentication is performed via social providers, no passwords were exposed in the breach. Many records didn't have associated email addresses thus the unique number is lower than the reported total number of accounts. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com".
• Reserve Bank of India February 14, 2019 Reserve Bank of India warns banks and payment system operators about a mobile application called 'AnyDesk' used by fraudsters to access data on mobile devices.
• LBB February 14, 2019 • [ leak, misconfiguration, retail ] In August 2022, customer data of the Indian shopping site "LBB" (Little Black Book) was posted to a popular hacking forum. The data contained over 3M records with 39k unique email addresses alongside IP and physical addresses, names and device information with the most recent data dating back to early 2019. LBB advised they believe the data was exposed by a third party service and whilst it contained information they retain on their customers, it had also been enriched with additional data attributes.
• British Army's "influence and outreach" Twitter account (@77th_Brigade). February 13, 2019 • [ hack, social, government ] An attacker takes control of the British Army's "influence and outreach" Twitter account (@77th_Brigade).
• Image-I-Nation Technologies, Inc, February 13, 2019 Image-I-Nation Technologies, Inc, a technology partner of the three big credit reporting agencies, is the victim of a supply-chain attack. The incident was discovered on December 20, and occurred between November 1-15, 2018.
• Truluck's Seafood, Steak & Crab House February 13, 2019 • [ financial, malware, retail ] Credit card information for customers dining at Truluck's Seafood, Steak & Crab House in downtown Dallas and Southlake might have been copied by malware inserted into point of sale systems at the restaurants.
• 500px February 13, 2019 • [ hack, technology ] Users of the photography site 500px are forced to reset their passwords, following a breach where an attacker was able to take "partial user data" from July 5 last year.
• Bank of Valletta February 13, 2019 • [ hack, financial, finance ] Bank of Valletta shuts down all of its operations on Wednesday after hackers broke into its systems and shifted funds overseas.
• Firms member of the Financial Industry Regulatory Authority (FINRA) February 13, 2019 • [ financial, phishing, finance ] The Financial Industry Regulatory Authority (FINRA) issues an information notice to brokerage firms regarding an ongoing phishing attack which currently targets member firms with malicious spam e-mails.
• Dunkin' Donuts February 12, 2019 • [ hack, brute-force, retail ] Dunkin' Donuts announces that it was the victim of a credential stuffing attack during which hackers gained access to customer accounts.
• OkCupid February 12, 2019 • [ hack, brute-force, technology ] Users of the OkCupid dating app are the victims of a credential stuffing attack.
• LandMark White February 12, 2019 • [ leak, finance ] Up to 100,000 customers have personal information including property valuations, phone numbers and dates of birth leaked as part of the data breach at LandMark White.
• VFEmail February 11, 2019 • [ hack, technology ] The U.S. servers of privacy-focused e-mail provider VFEmail is hacked on February 11 and all the data is destroyed, on both the main and the backup systems.
• Italian Region of Trentino February 10, 2019 In name of Operation Green Rights (#OpGreenRights) the Italian branch of the Anonymous releases a dump of data stolen from several domains belonging to the Italian regions of Veneto and Trentino.
• Pawnee County Memorial Hospital February 9, 2019 • [ hack, malware, healthcare ] Pawnee County Memorial Hospital in Nebraska notifies 7,038 patients of a malware incident affecting protected health information. The attack happened on November 29, 2018.
• Pharmaca February 9, 2019 • [ financial, retail ] Pharmaca notifies customers of payment card breach affecting several retail locations. The incident occurred between July 19, and December 12, 2018.