-
Evercore
December 23, 2018
•
[ hack, phishing, finance ]
Thousands of sensitive documents have been stolen by hackers in a cyber-attack on the influential investment bank Evercore, after an employee in London falls victim of a phishing attack.
-
Borough of Westwood
December 22, 2018
•
[ leak, government ]
The borough of Westwood, discloses a data breach that began in December 2018.
-
San Diego Unified School District (SDUSD)
December 21, 2018
•
[ social, phishing, education ]
The San Diego Unified School District (SDUSD) reveals that PII of more than a half million students and staff were compromised as the result of a phishing attack that may have occurred as early as January 2018.
-
Electrum Bitcoin wallets
December 21, 2018
•
[ social, phishing, finance ]
A clever phishing attack targeting Electrum Bitcoin wallets results in the theft of more than $750,000 worth of cryptocurrency.
-
Saint John online parking payment system
December 21, 2018
Another consequence of the Click2Gov breach: the city of Saint John shuts down its online system used to pay parking tickets after discovering a data breach that could have exposed customer names, addresses and credit card information.
-
NASA's Jet Propulsion Laboratory (JPL)
December 20, 2018
The APT 10 threat actors, in conjunction with the Tianjin State Security Bureau, compromised eight technology service providers, including Hewlett Packard Enterprise and IBM (their cloud services in particular were targeted), to steal commercial secrets from over forty-five client technology companies. The victims include Swedish telecom giant Ericsson, U.S. Navy shipbuilder Huntington Ingalls Industries, and travel reservation system Sabre.
-
Caribou Coffee
December 20, 2018
•
[ hack, malware, retail ]
US coffee store chain Caribou Coffee announces a security breach after it discovered unauthorized access of its POS systems. The breach was discovered on November 28, and the company listed 239 stores of its total 603 locations as impacted.
-
DrBenLynch
December 20, 2018
DrBenLynch.com notifies customers of payment card compromise after detecting a code injection into their web site that captured order information placed between September 8 and October 2.
-
The Podiatric Offices of Bobby Yee
December 20, 2018
•
[ ransomware, malware, healthcare ]
The Podiatric Offices of Bobby Yee notifies 24,000 patients after ransomware attack.
-
SAIPEM
December 20, 2018
•
[ hack, malware, energy ]
An attack on the Italian oil firm Saipem targeted servers based in India, Kuwait, Saudi Arabia, Scotland, and the United Arab Emirates. Hackers used a variant of the Shamoon virus.
-
Warby Parker
December 20, 2018
•
[ hack, brute-force, retail ]
Warby Parker discloses that roughly 198,000 of its customers may have been affected by a credential stuffing attack targeting the eyeglass retail chain. The unauthorized activity started on Sept. 25 and continued through late November.
-
California Department of Consumer Affairs
December 19, 2018
•
[ hack, malware, government ]
The California Department of Consumer Affairs suffers a malware attack, affecting workstations and disrupting computer networks.
-
Ministry of Foreign Affairs of Cyprus
December 19, 2018
•
[ espionage, phishing, government ]
A report by Area 1 Security reveals that a successful phishing attack on the Ministry of Foreign Affairs of Cyprus, an EU member nation, compromised the diplomatic communication network for the European Union (COREU).
-
Hammer Nutrition
December 19, 2018
Hammer Nutrition notifies customers after discovering a malicious script injection into their website as a consequence of the compromise of their third-party website provider.
-
Steelite International
December 19, 2018
•
[ ransomware, malware, manufacturing ]
Steelite International discovers that hackers had encrypted its servers to cause "maximum disruption" to its payroll systems.
-
Kvant Scientific Research Institute
December 19, 2018
The Digital Revolution group claims to have hacked the servers of Moscow-based Kvant Scientific Research Institute, and gathered evidence of a neural networks tool used to analyze activities on social networks.
-
The Wellcome Trust
December 19, 2018
The Wellcome Trust reveals in its annual report, that the email of four senior executives was compromised and sensitive information monitored for several months.
-
Click2Gov
December 18, 2018
•
[ leak, government ]
According to a new report published by Gemini Advisory, in the wake of the Click2Gov breach, at least 294,929 payment records have been compromised in 46 U.S. cities and sold in the Dark Web.
-
Barnes-Jewish Company HealthCare
December 18, 2018
At least 5,850 people are alerted about a possible breach of credit card information through Barnes-Jewish Company HealthCare's online payment portal. The breach was discovered on Nov. 19 and involved the injection of malicious code into their website.
-
NASA
December 18, 2018
•
[ leak, government ]
NASA alerts its employees of a possible compromise of NASA servers containing personally identifiable information. The breach was discovered on October 23, and affects NASA Civil Service employees from July 2006 through October 2018.
