Full List

Search

Recent Breaches

• University of Vermont Health Network Elizabethtown Community Hospital December 17, 2018 University of Vermont Health Network " Elizabethtown Community Hospital notifies 32,000 patients after an employee's email account is accessed without authorization. The incident occurred on October 9, 2018.
• The Wall Street Journal's website December 17, 2018 • [ hack, misconfiguration, technology ] The Wall Street Journal's website is defaced with a post containing a fake apology supporting YouTube megastar PewDiePie, previously accused of antisemitism by the same paper.
• CCRM Dallas-Fort Worth December 16, 2018 • [ hack, healthcare ] CCRM Dallas-Fort Worth becomes aware of a potential data security incident that may have resulted in the inadvertent exposure of patients' personal and health information, after a former nurse's email account is hacked.
• Tivit December 14, 2018 Brazil-based IT services and business process outsourcing provider Tivit has data from many of its large customers leaked online, after nine members of staff have suffered a phishing attack.
• Contractors working for the US Navy December 14, 2018 • [ espionage, government ] According to a new report, classified military information including missile plans have been stolen from contractors working for the US Navy by hackers linked to China.
• Save the Children December 13, 2018 Save the Children reveals to have been hit last year with a business email compromise scam that cost the charity $1 million. The incident took place in May 2017.
• Schenectady County December 13, 2018 • [ hack, malware, government ] Schenectady County, shuts down its government website after a cyberattack via malware.
• French Ministry of Europe and Foreign Affairs December 13, 2018 • [ hack, government ] The personal information of 540,563 individuals is stolen from an emergency contact database after the website of the French Ministry of Europe, and Foreign Affairs is hacked.
• Wanelo December 13, 2018 • [ hack, retail ] In approximately December 2018, the digital mall Wanelo suffered a data breach. The data was later placed up for sale on a dark web marketplace along with a collection of other data breaches in April 2019. A total of 23 million unique email addresses were included in the breach alongside passwords stored as either MD5 or bcrypt hashes. After the initial HIBP load, further data containing names, shipping addresses and IP addresses were also provided to HIBP, albeit without direct association to the email addresses and passwords. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com".
• Ajarn December 13, 2018 • [ leak, education ] In September 2021, the Thai-based English language teaching website Ajarn discovered they'd been the victim of a data breach dating back to December 2018. The breach was self-submitted to HIBP and included 266k email addresses, names, genders, phone numbers and other personal information. Hashed passwords were also impacted in the breach.
• AOS 77 December 12, 2018 Former and current employees of AOS 77 in Washington County are made aware of a data breach in the school department's central office.
• Ronin Gallery December 12, 2018 Ronin Gallery notifies customers of payment card breach when unauthorized code is inserted in their web site able to capture customers' data.
• Ramsey County Social Services December 11, 2018 • [ leak, government ] A cyber attack on the Ramsey County Social Services, occurred in August, may have compromised hundreds of clients' private health information.
• Mappery December 11, 2018 • [ leak, misconfiguration, technology ] In December 2018, the mapping website Mappery suffered a data breach that exposed over 205k unique email addresses. The incident also exposed usernames, the geographic location of the user and passwords stored as unsalted SHA-1 hashes. No response was received from Mappery when contacted about the incident.
• North Bend December 10, 2018 • [ ransomware, malware, government ] The city of North Bend is hit by a ransomware attack which temporarily locks out city workers from their computers and databases.
• Baylor Scott & White Medical Center December 10, 2018 • [ financial, hack, healthcare ] Baylor Scott & White Medical Center notifies approximately 47,000 patients or guarantors that their payment information, including partial credit card information, may have been subject to a computer intrusion to a third-party credit card processing system.
• SAIPEM December 10, 2018 • [ hack, malware, energy ] Italian oil services company SAIPEM is hit by a new version of the Shamoon malware. The attack started in India and hit the servers in Saudi Arabia, the United Arab Emirates and Kuwait. Fingers are pointed to Iran.
• University of Maryland Medical System December 9, 2018 • [ ransomware, malware, healthcare ] The University of Maryland Medical System is hit by a ransomware attack, affecting about 250 of the system's 27,000 devices.
• Linux December 7, 2018 The Linux.org website is defaced via a DNS hijack.
• Titan Manufacturing and Distributing December 7, 2018 • [ hack, malware, manufacturing ] Titan Manufacturing and Distributing notifies consumers that its computer system had been compromised by malware during the period of November 23, 2017 to October 25, 2018.