-
Lincoln County Sheriff's Office
July 26, 2019
•
[ ransomware, malware, government ]
Lincoln County Sheriff's Office is hit by a ransomware attack.
-
Georgia Motor Carrier Compliance Division
July 26, 2019
•
[ government ]
And the Georgia Capitol Police is the third victim of the same attack.
-
-
StockX
July 26, 2019
•
[ leak, misconfiguration, retail ]
In July 2019, the fashion and sneaker trading platform StockX suffered a data breach which was subsequently sold via a dark webmarketplace. The exposed data included 6.8 million unique email addresses, names, physical addresses, purchases and passwords stored as salted MD5 hashes. The data was provided to HIBP by dehashed.com.
-
Brazilian President Jair Bolsonaro
July 25, 2019
•
[ hack, government ]
The Brazilian Justice Ministry reveals that cellphones used by President Jair Bolsonaro were a target of cyber attacks.
-
City Power
July 25, 2019
•
[ ransomware, malware, energy ]
City Power, a major electricity supplier in South Africa's largest city has suffered a ransomware attack, leaving some residents without power. More than a quarter of a million people might have been affected.
-
Park DuValle Community Health Center
July 25, 2019
•
[ ransomware, malware, healthcare ]
Park DuValle Community Health Center is hit by a ransomware attack and pays hackers nearly $70,000 in hopes of unlocking the medical records of some 20,000 patients.
-
Bahrain's Electric and Water Authority
July 25, 2019
A threat actor broke into the systems of Bahrain's National Security Agency, Ministry of Interior, and office of the first deputy prime minister. On July 25, 2019, Bahraini authorities detected intrusions into its electric and water authority that shut down several systems. The attacks were similar to two hacks in 2012, in which the Shamoon virus was used to knock Qatar's natural gas firm RasGas offline and wipe data from the hard drives at Saudi Aramco, Saudi Arabia's national oil company. Iran is believed to be behind the attacks.
-
MGM Resorts (2022 Update)
July 25, 2019
In July 2019, MGM Resorts discovered a data breach of one of their cloud services. The breach included 10.6M guest records with 3.1M unique email addresses stemming back to 2017. In May 2022, a superset of the data totalling almost 25M unique email addresses across 142M rows was extensively shared on Telegram. On analysis, it's highly likely the data stems from the same incident with 142M records having been discovered for sale on a dark web marketplace in mid-2020. The exposed data included email and physical addresses, names, phone numbers and dates of birth.
-
MGM Resorts
July 25, 2019
•
[ hack, leak, misconfiguration ]
In July 2019, MGM Resorts discovered a data breach of one of their cloud services. The breach included 10.6M guest records with 3.1M unique email addresses stemming back to 2017. The exposed data included email and physical addresses, names, phone numbers and dates of birth and was subsequently shared on a popular hacking forum in February 2020 where it was extensively redistributed. The data was provided to HIBP by Under The Breach.
-
APT17 (AKA Deputy Dog and Axiom)
July 24, 2019
•
[ espionage, hack, government ]
Intrusion Truth, an online group of anonymous cyber-security analysts, reveals the details of APT17 (AKA Deputy Dog and Axiom) another cyber-espionage hacking group linked to the Chinese government.
-
Grays Harbor Community Hospital
July 24, 2019
•
[ ransomware, malware, healthcare ]
Grays Harbor Community Hospital is hit by a ransomware attack (and plays mum).
-
Valve
July 24, 2019
A threat actor, believed to be the Chinese APT Winnti, used a Trojan horse to gain a remote backdoor access to German energy technology company Siemens, chemical firm BASF, and consumer goods company Henkel. Non-German companies Roche, Lion Air, and Marriott, among others, were also targeted.
-
New Haven Public School District
July 24, 2019
•
[ ransomware, malware, education ]
The New Haven Public School district is hit by a recent ransomware attack.
-
Undisclosed streaming service
July 24, 2019
•
[ hack, ddos, technology ]
Researchers from Imperva reveal that an undisclosed streaming service was hit by a massive DDoS attack that lasted for 13 days, launched from 402,000 different IPs, with a peak flow of 292,000 requests per second.
-
Ouachita Parish School District
July 24, 2019
•
[ ransomware, malware, education ]
Ouachita Parish School District is hit by a ransomware attack.
-
Morehouse Parish School District
July 24, 2019
•
[ ransomware, malware, education ]
Morehouse Parish School District is hit by a ransomware attack.
-
Marriott
July 24, 2019
A threat actor, believed to be the Chinese APT Winnti, used aTrojan horse to gain aremote backdoor access to German energy technology company Siemens, chemical firm BASF, and consumer goods company Henkel. Non-German companies Roche, Lion Air, and Marriott, among others, were also targeted.
-
Sabine Parish School District
July 24, 2019
•
[ ransomware, malware, education ]
Sabine Parish School District is hit by a ransomware attack.
-
Springhill Medical Center
July 24, 2019
•
[ ransomware, malware, healthcare ]
Springhill Medical Center is the victim of a ransomware attack.