-
Fotolog
December 1, 2018
In December 2018, the photo sharing social network Fotolog suffered a data breach that exposed 16.7 million unique email addresses. The data also included usernames and unsalted SHA-256 password hashes. The site was dissolved the following year and repurposed as a news website based in Brcko, Bosnia and Herzegovina.
-
1-800-FLOWERS
November 30, 2018
The Canadian operations of 1-800-FLOWERS discloses a four-year data breach affecting customers who purchased goods on its website. An unauthorized actor gained access to customers' payment card data from Aug. 15, 2014 through Sept. 15, 2018.
-
Ames Parking Ticket Payment System
November 30, 2018
•
[ hack, malware, government ]
The data breach to Click2Gov online payment system might have exposed information on 4,600 people who used Ames, Iowa, online ticket payment system between Aug. 10 to Nov. 19, 2018.
-
Marriott International
November 30, 2018
The records of 500 million customers of the hotel group Marriott International are compromised. In particular the guest reservation database of its Starwood division has been compromised by an unauthorised party since 2014.
-
Sotheby's
November 30, 2018
•
[ financial, malware, retail ]
Sotheby's Home website is the latest casualty of Magecart after a breach sees card-skimming code deployed by the cyber criminals.
-
Technic Forums
November 30, 2018
•
[ hack ]
Technic Forums is compromised by an unknown third-party.
-
Technic
November 30, 2018
In November 2018, the Minecraft modpack platform known as Technic suffered a data breach. Technic promptly disclosed the breach and advised that the impacted data included over 265k unique users' email and IP addresses, chat logs, private messages and passwords stored as bcrypt hashes with a work factor of 13. Technic self-submitted the breach to HIBP.
-
Dunkin' Donuts
November 29, 2018
•
[ hack, brute-force, retail ]
Dunkin' Donuts informs some of its DD Perks program members that their account information may have been exposed through a credential stuffing attack. The incident was discovered on October 31, 2018.
-
-
Town of Christiansburg
November 29, 2018
•
[ social, phishing, government ]
The information of 900 people of Christiansburg is compromised in a phishing scam.
-
Thundermist Health Center
November 29, 2018
•
[ ransomware, malware, healthcare ]
Rhode Island's Thundermist Health Center is hit by ransomware.
-
Dell
November 28, 2018
•
[ hack, manufacturing ]
Dell releases an update on its website acknowledging that it warded off a possible hack that happened on November 9th. According to the company, it is possible some information was removed from Dell's network.
-
Moscow Ropeway (MKD)
November 28, 2018
•
[ ransomware, government ]
One day after opening to the general public, Moscow's first-ever cable car is forced to shut down after a reported ransomware cyberattack.
-
Georgia Spine and Orthopaedics of Atlanta
November 28, 2018
•
[ social, phishing, healthcare ]
Georgia Spine and Orthopaedics of Atlanta notifies 7,012 patients after a phishing attack occurred on July 2018.
-
Atrium Health
November 27, 2018
Atrium Health says that data of about 2.65 million patients including addresses, dates of birth and SSN may have been compromised in a breach at its third-party provider AccuDoc Solutions. The breach occurred between Sept. 22 and 29.
-
UAE Telecommunication Regulatory Authority
November 27, 2018
An unknown actor with a connection to Iran hijacked DNS records to target the traffic of governments and telecommunications organizations around the world. One of the victims is the UAE Telecommunication Regulatory Authority.
-
PratenOnline
November 27, 2018
•
[ ransomware, malware, healthcare ]
Attackers manage to steal and hold for ransom 14,000 profiles and 16,000 chats from PratenOnline.nl, a website where young people with anxiety and depression can chat anonymously with a professional.
-
Drake's Fortnite account
November 23, 2018
Drake's Fortnite account is hacked and joins a charity livestream, yelling obscenities during the event.
-
Knuddles
November 23, 2018
Following a hack that resulted in leaking about 808,000 email addresses and over 1.8 million usernames and passwords, a social network website in Germany received a fine of EUR 20,000 from the Baden-W rttemberg Data Protection Authority.
-
Ohio Valley Medical Center
November 23, 2018
•
[ ransomware, malware, healthcare ]
A ransomware attack hits computer systems at the East Ohio Regional Hospital and Ohio Valley Medical Center reportedly disrupting the hospitals' emergency rooms.
