Full List

Search

Recent Breaches

• Episcopal Health Services November 1, 2018 • [ hack, phishing, healthcare ] Episcopal Health Services notifies patients after employee email accounts are hacked.
• Healthcare November 1, 2018 • [ insider, healthcare ] Colbi Trent Defiore, an employee at a Virginia tech company, has been sent to prison for stealing PII from Healthcare.gov customers. Defiore improperly accessed the Healthcare.gov database several times in November 2018 and used the stolen information to commit fraud.
• St. Francis Xavier University November 1, 2018 • [ financial, malware, education ] Canadian St. Francis Xavier University shuts down the entire network following a cryptojacking attack which attempted to use its systems' computing power to mine for Bitcoin.
• Tallahassee Memorial Hospital November 1, 2018 Tallahassee Memorial Hospital reports the information of job applicants who applied to the facility may be at risk after a breach at Jobscience, a recruiting firm it uses.
• Radisson Hotel Group October 31, 2018 • [ leak, retail ] The hotel chain Radisson Hotel Group suffered a security breach that exposed personal information of the members of its loyalty scheme. The incident happened on September 11, but was identified only on October first.
• NorthBay Healthcare Corporation October 31, 2018 • [ leak, healthcare ] NorthBay Healthcare Corporation suffers a data breach affecting the information of everyone who applied for a position within the organization between December 2012 and May 2018.
• FIFA October 30, 2018 • [ hack ] FIFA acknowledges that its computer systems were hacked earlier in March, for the second time, and officials from European soccer's governing body fear they also might have suffered a data breach.
• Elasticsearch Instance of Sales Leads on AWS October 29, 2018 In October 2018, security researcher Bob Diachenko identified multiple exposed databases with hundreds of millions of records. One of those datasets was an Elasticsearch instance on AWS containing sales lead data and 5.8M unique email addresses. The data contained information relating to individuals and the companies they worked for including their names, email addresses and company name and contact information. Despite best efforts, it was not possible to identify the owner of the data hence this breach as been titled "Elasticsearch Sales Leads".
• 70 Gabon Government Websites October 28, 2018 • [ hack, ddos, government ] The hacktivist group Anonymous takes down 70 Gabon government websites as part of its "anti-dictatorships" campaign.
• Tomorrowland Festival October 28, 2018 Hackers breach computer security at the Tomorrowland festival organizers, and steal the data of 64,000 people who signed up for tickets for the 2004 edition.
• MapleChange October 28, 2018 MapleChange, a Canadian crypto exchange, suffers a hack and looses all the funds (913 BTC, $6M worth), despite many accuse the exchange of attempting to stage an exit scam.
• Bank Islami October 27, 2018 • [ financial, hack, finance ] Karachi-based Bank Islami acknowledges of suffering a security breach of its payment cards system but denies reports of having lost an alleged $6 million in what local press have called the biggest cyber-attack in the country's history.
• kasvyksta.lt October 26, 2018 • [ espionage, hack, government ] Ghostwriter, a suspected Belarus-backed hacking group, has compromised websites and email accounts in Latvia, Lithuania, and Poland'to publish fabricated documents pushing anti-North Atlantic Treaty Organization (NATO) narratives consistent with Kremlin talking points. The influence campaign started in 2017.
• Cathay Pacific October 24, 2018 Cathay Pacific announces to have discovered unauthorised access to some of its information system containing passenger data of up to 9.4 million people. The attack started in March and went undetected for some months.
• Eurostar October 23, 2018 Eurostar has reset its customers' login passwords after detecting attempts to break into an unspecified number of accounts taking place between 15 and 19 October.
• Jones Eye Clinic and Surgery Center October 23, 2018 • [ ransomware, malware, healthcare ] 40K users are affected by a ransomware attack, occurred on August 23, targeting Jones Eye Clinic and Surgery Center.
• Children's Hospital of Philadelphia (CHOP) October 23, 2018 Children's Hospital of Philadelphia (CHOP) notifies some of its current and former patients of two email incidents, both involving health information, occurred respectively on August 23, and September 6.
• Internet Solutions October 23, 2018 • [ hack, misconfiguration, technology ] Internet Solutions (IS) sends a notice to clients to warn them about a breach, and urges them to change their passwords and take additional steps to secure their servers. Later the company confirms that its internal monitoring systems have detected "irregular activity" on some of its virtual services.
• Axa Mexico October 23, 2018 • [ hack, finance ] Insurer Axa reveals it suffered a cyber attack that prompted an alert from the Mexico central bank, however clients' information and resources are safe and have not been affected.
• Orange County Branch of the Girl Scouts of America October 22, 2018 • [ hack, education ] Hackers breach the Orange County, Calif. branch of the Girl Scouts of America, potentially exposing personal information for 2,800 members and their families.